Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-58017 (GCVE-0-2024-58017)
Vulnerability from cvelistv5 – Published: 2025-02-27 02:12 – Updated: 2025-11-03 19:33
VLAI?
EPSS
Summary
In the Linux kernel, the following vulnerability has been resolved:
printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which
leads to undefined behavior. To prevent this, cast 1 to u32 before
performing the shift, ensuring well-defined behavior.
This change explicitly avoids any potential overflow by ensuring that
the shift occurs on an unsigned 32-bit integer.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Linux | Linux |
Affected:
e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e , < 54c14022fa2ba427dc543455c2cf9225903a7174
(git)
Affected: e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e , < dfb7b179741ee09506dc7719d92f9e1cea01f10e (git) Affected: e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e , < bb8ff054e19fe27f4e5eaac1b05e462894cfe9b1 (git) Affected: e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e , < 9a6d43844de2479a3ff8d674c3e2a16172e01598 (git) Affected: e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e , < 4acf6bab775dbd22a9a799030a808a7305e01d63 (git) Affected: e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e , < 404e5fd918a0b14abec06c7eca128f04c9b98e41 (git) Affected: e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e , < 4a2c4e7265b8eed83c25d86d702cea06493cab18 (git) Affected: e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e , < 3d6f83df8ff2d5de84b50377e4f0d45e25311c7a (git) Affected: 55b2c1ccb82143be1ed9e1922976dbe63917fe68 (git) Affected: 089d475a4cdb5848998b3cb37e545413ed054784 (git) Affected: 695583334b6b7f82c39ee124edfbfa48145ed571 (git) Affected: 3404019d6d0f4c0108b77d44e97e2e39ca937e6f (git) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-11-03T19:33:36.689Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"kernel/printk/printk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "54c14022fa2ba427dc543455c2cf9225903a7174",
"status": "affected",
"version": "e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e",
"versionType": "git"
},
{
"lessThan": "dfb7b179741ee09506dc7719d92f9e1cea01f10e",
"status": "affected",
"version": "e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e",
"versionType": "git"
},
{
"lessThan": "bb8ff054e19fe27f4e5eaac1b05e462894cfe9b1",
"status": "affected",
"version": "e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e",
"versionType": "git"
},
{
"lessThan": "9a6d43844de2479a3ff8d674c3e2a16172e01598",
"status": "affected",
"version": "e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e",
"versionType": "git"
},
{
"lessThan": "4acf6bab775dbd22a9a799030a808a7305e01d63",
"status": "affected",
"version": "e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e",
"versionType": "git"
},
{
"lessThan": "404e5fd918a0b14abec06c7eca128f04c9b98e41",
"status": "affected",
"version": "e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e",
"versionType": "git"
},
{
"lessThan": "4a2c4e7265b8eed83c25d86d702cea06493cab18",
"status": "affected",
"version": "e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e",
"versionType": "git"
},
{
"lessThan": "3d6f83df8ff2d5de84b50377e4f0d45e25311c7a",
"status": "affected",
"version": "e6fe3e5b7d16e8f146a4ae7fe481bc6e97acde1e",
"versionType": "git"
},
{
"status": "affected",
"version": "55b2c1ccb82143be1ed9e1922976dbe63917fe68",
"versionType": "git"
},
{
"status": "affected",
"version": "089d475a4cdb5848998b3cb37e545413ed054784",
"versionType": "git"
},
{
"status": "affected",
"version": "695583334b6b7f82c39ee124edfbfa48145ed571",
"versionType": "git"
},
{
"status": "affected",
"version": "3404019d6d0f4c0108b77d44e97e2e39ca937e6f",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"kernel/printk/printk.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.20"
},
{
"lessThan": "4.20",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.291",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.235",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.179",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.129",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.78",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.14",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.13.*",
"status": "unaffected",
"version": "6.13.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.14",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.291",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.235",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.179",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.129",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.78",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.14",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.13.3",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.14",
"versionStartIncluding": "4.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9.203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14.156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer."
}
],
"providerMetadata": {
"dateUpdated": "2025-09-03T12:59:23.959Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/54c14022fa2ba427dc543455c2cf9225903a7174"
},
{
"url": "https://git.kernel.org/stable/c/dfb7b179741ee09506dc7719d92f9e1cea01f10e"
},
{
"url": "https://git.kernel.org/stable/c/bb8ff054e19fe27f4e5eaac1b05e462894cfe9b1"
},
{
"url": "https://git.kernel.org/stable/c/9a6d43844de2479a3ff8d674c3e2a16172e01598"
},
{
"url": "https://git.kernel.org/stable/c/4acf6bab775dbd22a9a799030a808a7305e01d63"
},
{
"url": "https://git.kernel.org/stable/c/404e5fd918a0b14abec06c7eca128f04c9b98e41"
},
{
"url": "https://git.kernel.org/stable/c/4a2c4e7265b8eed83c25d86d702cea06493cab18"
},
{
"url": "https://git.kernel.org/stable/c/3d6f83df8ff2d5de84b50377e4f0d45e25311c7a"
}
],
"title": "printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-58017",
"datePublished": "2025-02-27T02:12:09.075Z",
"dateReserved": "2025-02-27T02:10:48.228Z",
"dateUpdated": "2025-11-03T19:33:36.689Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-58017\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-27T03:15:12.690\",\"lastModified\":\"2025-11-03T20:16:58.843\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\\n\\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\\nleads to undefined behavior. To prevent this, cast 1 to u32 before\\nperforming the shift, ensuring well-defined behavior.\\n\\nThis change explicitly avoids any potential overflow by ensuring that\\nthe shift occurs on an unsigned 32-bit integer.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: printk: Se corrige el desbordamiento de entero con signo al definir LOG_BUF_LEN_MAX. El cambio de 1 \u0026lt;\u0026lt; 31 en un entero de 32 bits provoca un desbordamiento de entero con signo, lo que conduce a un comportamiento indefinido. Para evitarlo, convierta 1 a u32 antes de realizar el cambio, lo que garantiza un comportamiento bien definido. Este cambio evita expl\u00edcitamente cualquier desbordamiento potencial al garantizar que el cambio se produzca en un entero de 32 bits sin signo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.1.129\",\"matchCriteriaId\":\"18BF0B0B-D95C-472C-A99F-DE209F253F6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.78\",\"matchCriteriaId\":\"0C58261F-EDFB-4A12-8CCD-F12101482030\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.14\",\"matchCriteriaId\":\"033BB7EE-C9A2-45EA-BAC9-87BB9D951BCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.13.3\",\"matchCriteriaId\":\"0E92CEE3-1FC3-4AFC-A513-DEDBA7414F00\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/3d6f83df8ff2d5de84b50377e4f0d45e25311c7a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/404e5fd918a0b14abec06c7eca128f04c9b98e41\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4a2c4e7265b8eed83c25d86d702cea06493cab18\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4acf6bab775dbd22a9a799030a808a7305e01d63\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/54c14022fa2ba427dc543455c2cf9225903a7174\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/9a6d43844de2479a3ff8d674c3e2a16172e01598\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/bb8ff054e19fe27f4e5eaac1b05e462894cfe9b1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/dfb7b179741ee09506dc7719d92f9e1cea01f10e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2025-AVI-0307
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Desktop 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Manager Proxy 4.3 | ||
| SUSE | N/A | Basesystem Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | N/A | SUSE Real Time Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | N/A | Public Cloud Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | N/A | openSUSE Leap 15.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Manager Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | N/A | Legacy Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | N/A | openSUSE Leap 15.6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | N/A | Development Tools Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2020-27835",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27835"
},
{
"name": "CVE-2022-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
},
{
"name": "CVE-2022-1184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
},
{
"name": "CVE-2022-1048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1048"
},
{
"name": "CVE-2022-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0168"
},
{
"name": "CVE-2022-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3435"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-2977",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2977"
},
{
"name": "CVE-2022-3303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3303"
},
{
"name": "CVE-2023-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0179"
},
{
"name": "CVE-2023-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1652"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3567"
},
{
"name": "CVE-2024-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
},
{
"name": "CVE-2024-26634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26634"
},
{
"name": "CVE-2021-47248",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47248"
},
{
"name": "CVE-2024-35910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35910"
},
{
"name": "CVE-2024-26873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26873"
},
{
"name": "CVE-2024-35826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35826"
},
{
"name": "CVE-2024-41005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41005"
},
{
"name": "CVE-2024-38606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
},
{
"name": "CVE-2024-41077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41077"
},
{
"name": "CVE-2024-42229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42229"
},
{
"name": "CVE-2024-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
},
{
"name": "CVE-2024-42098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42098"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2021-47517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47517"
},
{
"name": "CVE-2024-46782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50290",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50290"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2024-53063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53063"
},
{
"name": "CVE-2024-42307",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42307"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-49924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49924"
},
{
"name": "CVE-2024-47678",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47678"
},
{
"name": "CVE-2024-53140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53140"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2024-56642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56642"
},
{
"name": "CVE-2024-56651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56651"
},
{
"name": "CVE-2024-49994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49994"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2024-56703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56703"
},
{
"name": "CVE-2025-21631",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21631"
},
{
"name": "CVE-2025-21671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21671"
},
{
"name": "CVE-2024-49940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49940"
},
{
"name": "CVE-2024-50056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50056"
},
{
"name": "CVE-2024-50140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50140"
},
{
"name": "CVE-2024-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50152"
},
{
"name": "CVE-2024-53163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53163"
},
{
"name": "CVE-2024-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53176"
},
{
"name": "CVE-2024-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53178"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-52926",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52926"
},
{
"name": "CVE-2024-47408",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47408"
},
{
"name": "CVE-2024-49571",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49571"
},
{
"name": "CVE-2024-53680",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53680"
},
{
"name": "CVE-2024-56640",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56640"
},
{
"name": "CVE-2024-56718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56718"
},
{
"name": "CVE-2024-56770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56770"
},
{
"name": "CVE-2024-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57807"
},
{
"name": "CVE-2024-57900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57900"
},
{
"name": "CVE-2021-47633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47633"
},
{
"name": "CVE-2021-47644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47644"
},
{
"name": "CVE-2022-49076",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49076"
},
{
"name": "CVE-2022-49089",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49089"
},
{
"name": "CVE-2022-49134",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49134"
},
{
"name": "CVE-2022-49135",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49135"
},
{
"name": "CVE-2022-49151",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49151"
},
{
"name": "CVE-2022-49178",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49178"
},
{
"name": "CVE-2022-49182",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49182"
},
{
"name": "CVE-2022-49201",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49201"
},
{
"name": "CVE-2022-49247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49247"
},
{
"name": "CVE-2022-49490",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49490"
},
{
"name": "CVE-2022-49626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49626"
},
{
"name": "CVE-2022-49661",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49661"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2021-4453",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4453"
},
{
"name": "CVE-2021-47631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47631"
},
{
"name": "CVE-2021-47632",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47632"
},
{
"name": "CVE-2021-47635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47635"
},
{
"name": "CVE-2021-47636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47636"
},
{
"name": "CVE-2021-47637",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47637"
},
{
"name": "CVE-2021-47638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47638"
},
{
"name": "CVE-2021-47639",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47639"
},
{
"name": "CVE-2021-47641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47641"
},
{
"name": "CVE-2021-47642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47642"
},
{
"name": "CVE-2021-47643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47643"
},
{
"name": "CVE-2021-47645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47645"
},
{
"name": "CVE-2021-47646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47646"
},
{
"name": "CVE-2021-47647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47647"
},
{
"name": "CVE-2021-47648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47648"
},
{
"name": "CVE-2021-47649",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47649"
},
{
"name": "CVE-2021-47650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47650"
},
{
"name": "CVE-2021-47651",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47651"
},
{
"name": "CVE-2021-47652",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47652"
},
{
"name": "CVE-2021-47653",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47653"
},
{
"name": "CVE-2021-47654",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47654"
},
{
"name": "CVE-2021-47656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47656"
},
{
"name": "CVE-2021-47657",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47657"
},
{
"name": "CVE-2021-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47659"
},
{
"name": "CVE-2022-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0995"
},
{
"name": "CVE-2022-49044",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49044"
},
{
"name": "CVE-2022-49050",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49050"
},
{
"name": "CVE-2022-49051",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49051"
},
{
"name": "CVE-2022-49054",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49054"
},
{
"name": "CVE-2022-49055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49055"
},
{
"name": "CVE-2022-49058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49058"
},
{
"name": "CVE-2022-49059",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49059"
},
{
"name": "CVE-2022-49060",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49060"
},
{
"name": "CVE-2022-49061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49061"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2022-49065",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49065"
},
{
"name": "CVE-2022-49066",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49066"
},
{
"name": "CVE-2022-49073",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49073"
},
{
"name": "CVE-2022-49074",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49074"
},
{
"name": "CVE-2022-49078",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49078"
},
{
"name": "CVE-2022-49082",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49082"
},
{
"name": "CVE-2022-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49083"
},
{
"name": "CVE-2022-49084",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49084"
},
{
"name": "CVE-2022-49085",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49085"
},
{
"name": "CVE-2022-49086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49086"
},
{
"name": "CVE-2022-49088",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49088"
},
{
"name": "CVE-2022-49090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49090"
},
{
"name": "CVE-2022-49091",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49091"
},
{
"name": "CVE-2022-49092",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49092"
},
{
"name": "CVE-2022-49093",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49093"
},
{
"name": "CVE-2022-49095",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49095"
},
{
"name": "CVE-2022-49096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49096"
},
{
"name": "CVE-2022-49097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49097"
},
{
"name": "CVE-2022-49098",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49098"
},
{
"name": "CVE-2022-49099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49099"
},
{
"name": "CVE-2022-49100",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49100"
},
{
"name": "CVE-2022-49102",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49102"
},
{
"name": "CVE-2022-49103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49103"
},
{
"name": "CVE-2022-49104",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49104"
},
{
"name": "CVE-2022-49105",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49105"
},
{
"name": "CVE-2022-49106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49106"
},
{
"name": "CVE-2022-49107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49107"
},
{
"name": "CVE-2022-49109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49109"
},
{
"name": "CVE-2022-49111",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49111"
},
{
"name": "CVE-2022-49112",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49112"
},
{
"name": "CVE-2022-49113",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49113"
},
{
"name": "CVE-2022-49114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49114"
},
{
"name": "CVE-2022-49115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49115"
},
{
"name": "CVE-2022-49116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49116"
},
{
"name": "CVE-2022-49118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49118"
},
{
"name": "CVE-2022-49119",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49119"
},
{
"name": "CVE-2022-49120",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49120"
},
{
"name": "CVE-2022-49121",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49121"
},
{
"name": "CVE-2022-49122",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49122"
},
{
"name": "CVE-2022-49126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49126"
},
{
"name": "CVE-2022-49128",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49128"
},
{
"name": "CVE-2022-49129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49129"
},
{
"name": "CVE-2022-49130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49130"
},
{
"name": "CVE-2022-49131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49131"
},
{
"name": "CVE-2022-49132",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49132"
},
{
"name": "CVE-2022-49137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49137"
},
{
"name": "CVE-2022-49145",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49145"
},
{
"name": "CVE-2022-49147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49147"
},
{
"name": "CVE-2022-49148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49148"
},
{
"name": "CVE-2022-49153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49153"
},
{
"name": "CVE-2022-49154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49154"
},
{
"name": "CVE-2022-49155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49155"
},
{
"name": "CVE-2022-49156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49156"
},
{
"name": "CVE-2022-49157",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49157"
},
{
"name": "CVE-2022-49158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49158"
},
{
"name": "CVE-2022-49159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49159"
},
{
"name": "CVE-2022-49160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49160"
},
{
"name": "CVE-2022-49162",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49162"
},
{
"name": "CVE-2022-49163",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49163"
},
{
"name": "CVE-2022-49164",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49164"
},
{
"name": "CVE-2022-49165",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49165"
},
{
"name": "CVE-2022-49174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49174"
},
{
"name": "CVE-2022-49175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49175"
},
{
"name": "CVE-2022-49176",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49176"
},
{
"name": "CVE-2022-49177",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49177"
},
{
"name": "CVE-2022-49179",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49179"
},
{
"name": "CVE-2022-49180",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49180"
},
{
"name": "CVE-2022-49185",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49185"
},
{
"name": "CVE-2022-49187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49187"
},
{
"name": "CVE-2022-49188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49188"
},
{
"name": "CVE-2022-49189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49189"
},
{
"name": "CVE-2022-49193",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49193"
},
{
"name": "CVE-2022-49194",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49194"
},
{
"name": "CVE-2022-49196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49196"
},
{
"name": "CVE-2022-49199",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49199"
},
{
"name": "CVE-2022-49200",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49200"
},
{
"name": "CVE-2022-49206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49206"
},
{
"name": "CVE-2022-49208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49208"
},
{
"name": "CVE-2022-49212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49212"
},
{
"name": "CVE-2022-49213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49213"
},
{
"name": "CVE-2022-49214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49214"
},
{
"name": "CVE-2022-49216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49216"
},
{
"name": "CVE-2022-49217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49217"
},
{
"name": "CVE-2022-49218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49218"
},
{
"name": "CVE-2022-49221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49221"
},
{
"name": "CVE-2022-49222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49222"
},
{
"name": "CVE-2022-49224",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49224"
},
{
"name": "CVE-2022-49226",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49226"
},
{
"name": "CVE-2022-49227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49227"
},
{
"name": "CVE-2022-49232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49232"
},
{
"name": "CVE-2022-49235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49235"
},
{
"name": "CVE-2022-49236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49236"
},
{
"name": "CVE-2022-49239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49239"
},
{
"name": "CVE-2022-49241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49241"
},
{
"name": "CVE-2022-49242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49242"
},
{
"name": "CVE-2022-49243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49243"
},
{
"name": "CVE-2022-49244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49244"
},
{
"name": "CVE-2022-49246",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49246"
},
{
"name": "CVE-2022-49248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49248"
},
{
"name": "CVE-2022-49249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49249"
},
{
"name": "CVE-2022-49250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49250"
},
{
"name": "CVE-2022-49251",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49251"
},
{
"name": "CVE-2022-49252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49252"
},
{
"name": "CVE-2022-49253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49253"
},
{
"name": "CVE-2022-49254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49254"
},
{
"name": "CVE-2022-49256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49256"
},
{
"name": "CVE-2022-49257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49257"
},
{
"name": "CVE-2022-49258",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49258"
},
{
"name": "CVE-2022-49259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49259"
},
{
"name": "CVE-2022-49260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49260"
},
{
"name": "CVE-2022-49261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49261"
},
{
"name": "CVE-2022-49262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49262"
},
{
"name": "CVE-2022-49263",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49263"
},
{
"name": "CVE-2022-49264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49264"
},
{
"name": "CVE-2022-49265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49265"
},
{
"name": "CVE-2022-49266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49266"
},
{
"name": "CVE-2022-49268",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49268"
},
{
"name": "CVE-2022-49269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49269"
},
{
"name": "CVE-2022-49270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49270"
},
{
"name": "CVE-2022-49271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49271"
},
{
"name": "CVE-2022-49272",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49272"
},
{
"name": "CVE-2022-49273",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49273"
},
{
"name": "CVE-2022-49274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49274"
},
{
"name": "CVE-2022-49275",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49275"
},
{
"name": "CVE-2022-49276",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49276"
},
{
"name": "CVE-2022-49277",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49277"
},
{
"name": "CVE-2022-49278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49278"
},
{
"name": "CVE-2022-49279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49279"
},
{
"name": "CVE-2022-49280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49280"
},
{
"name": "CVE-2022-49281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49281"
},
{
"name": "CVE-2022-49283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49283"
},
{
"name": "CVE-2022-49285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49285"
},
{
"name": "CVE-2022-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49286"
},
{
"name": "CVE-2022-49287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49287"
},
{
"name": "CVE-2022-49288",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49288"
},
{
"name": "CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"name": "CVE-2022-49291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49291"
},
{
"name": "CVE-2022-49292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49292"
},
{
"name": "CVE-2022-49294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49294"
},
{
"name": "CVE-2022-49295",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49295"
},
{
"name": "CVE-2022-49297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49297"
},
{
"name": "CVE-2022-49298",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49298"
},
{
"name": "CVE-2022-49299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49299"
},
{
"name": "CVE-2022-49300",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49300"
},
{
"name": "CVE-2022-49301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49301"
},
{
"name": "CVE-2022-49302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49302"
},
{
"name": "CVE-2022-49304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49304"
},
{
"name": "CVE-2022-49305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49305"
},
{
"name": "CVE-2022-49307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49307"
},
{
"name": "CVE-2022-49308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49308"
},
{
"name": "CVE-2022-49309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49309"
},
{
"name": "CVE-2022-49310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49310"
},
{
"name": "CVE-2022-49311",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49311"
},
{
"name": "CVE-2022-49312",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49312"
},
{
"name": "CVE-2022-49313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49313"
},
{
"name": "CVE-2022-49314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49314"
},
{
"name": "CVE-2022-49315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49315"
},
{
"name": "CVE-2022-49316",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49316"
},
{
"name": "CVE-2022-49319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49319"
},
{
"name": "CVE-2022-49320",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49320"
},
{
"name": "CVE-2022-49321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49321"
},
{
"name": "CVE-2022-49322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49322"
},
{
"name": "CVE-2022-49323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49323"
},
{
"name": "CVE-2022-49326",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49326"
},
{
"name": "CVE-2022-49327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49327"
},
{
"name": "CVE-2022-49328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49328"
},
{
"name": "CVE-2022-49331",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49331"
},
{
"name": "CVE-2022-49332",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49332"
},
{
"name": "CVE-2022-49335",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49335"
},
{
"name": "CVE-2022-49336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49336"
},
{
"name": "CVE-2022-49337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49337"
},
{
"name": "CVE-2022-49339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49339"
},
{
"name": "CVE-2022-49341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49341"
},
{
"name": "CVE-2022-49342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49342"
},
{
"name": "CVE-2022-49343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49343"
},
{
"name": "CVE-2022-49345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49345"
},
{
"name": "CVE-2022-49346",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49346"
},
{
"name": "CVE-2022-49347",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49347"
},
{
"name": "CVE-2022-49348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49348"
},
{
"name": "CVE-2022-49349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49349"
},
{
"name": "CVE-2022-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49350"
},
{
"name": "CVE-2022-49351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49351"
},
{
"name": "CVE-2022-49352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49352"
},
{
"name": "CVE-2022-49354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49354"
},
{
"name": "CVE-2022-49356",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49356"
},
{
"name": "CVE-2022-49357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49357"
},
{
"name": "CVE-2022-49367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49367"
},
{
"name": "CVE-2022-49368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49368"
},
{
"name": "CVE-2022-49370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49370"
},
{
"name": "CVE-2022-49371",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49371"
},
{
"name": "CVE-2022-49373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49373"
},
{
"name": "CVE-2022-49375",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49375"
},
{
"name": "CVE-2022-49376",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49376"
},
{
"name": "CVE-2022-49377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49377"
},
{
"name": "CVE-2022-49378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49378"
},
{
"name": "CVE-2022-49379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49379"
},
{
"name": "CVE-2022-49381",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49381"
},
{
"name": "CVE-2022-49382",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49382"
},
{
"name": "CVE-2022-49384",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49384"
},
{
"name": "CVE-2022-49385",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49385"
},
{
"name": "CVE-2022-49386",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49386"
},
{
"name": "CVE-2022-49389",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49389"
},
{
"name": "CVE-2022-49392",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49392"
},
{
"name": "CVE-2022-49394",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49394"
},
{
"name": "CVE-2022-49396",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49396"
},
{
"name": "CVE-2022-49397",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49397"
},
{
"name": "CVE-2022-49398",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49398"
},
{
"name": "CVE-2022-49399",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49399"
},
{
"name": "CVE-2022-49400",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49400"
},
{
"name": "CVE-2022-49402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49402"
},
{
"name": "CVE-2022-49404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49404"
},
{
"name": "CVE-2022-49407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49407"
},
{
"name": "CVE-2022-49409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49409"
},
{
"name": "CVE-2022-49410",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49410"
},
{
"name": "CVE-2022-49411",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49411"
},
{
"name": "CVE-2022-49412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49412"
},
{
"name": "CVE-2022-49413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49413"
},
{
"name": "CVE-2022-49414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49414"
},
{
"name": "CVE-2022-49416",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49416"
},
{
"name": "CVE-2022-49418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49418"
},
{
"name": "CVE-2022-49421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49421"
},
{
"name": "CVE-2022-49422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49422"
},
{
"name": "CVE-2022-49424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49424"
},
{
"name": "CVE-2022-49426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49426"
},
{
"name": "CVE-2022-49427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49427"
},
{
"name": "CVE-2022-49429",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49429"
},
{
"name": "CVE-2022-49430",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49430"
},
{
"name": "CVE-2022-49431",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49431"
},
{
"name": "CVE-2022-49432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49432"
},
{
"name": "CVE-2022-49433",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49433"
},
{
"name": "CVE-2022-49434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49434"
},
{
"name": "CVE-2022-49435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49435"
},
{
"name": "CVE-2022-49437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49437"
},
{
"name": "CVE-2022-49438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49438"
},
{
"name": "CVE-2022-49440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49440"
},
{
"name": "CVE-2022-49441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49441"
},
{
"name": "CVE-2022-49442",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49442"
},
{
"name": "CVE-2022-49443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49443"
},
{
"name": "CVE-2022-49444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49444"
},
{
"name": "CVE-2022-49445",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49445"
},
{
"name": "CVE-2022-49447",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49447"
},
{
"name": "CVE-2022-49448",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49448"
},
{
"name": "CVE-2022-49449",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49449"
},
{
"name": "CVE-2022-49451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49451"
},
{
"name": "CVE-2022-49453",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49453"
},
{
"name": "CVE-2022-49455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49455"
},
{
"name": "CVE-2022-49459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49459"
},
{
"name": "CVE-2022-49460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49460"
},
{
"name": "CVE-2022-49462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49462"
},
{
"name": "CVE-2022-49463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49463"
},
{
"name": "CVE-2022-49466",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49466"
},
{
"name": "CVE-2022-49467",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49467"
},
{
"name": "CVE-2022-49468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49468"
},
{
"name": "CVE-2022-49472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49472"
},
{
"name": "CVE-2022-49473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49473"
},
{
"name": "CVE-2022-49474",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49474"
},
{
"name": "CVE-2022-49475",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49475"
},
{
"name": "CVE-2022-49477",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49477"
},
{
"name": "CVE-2022-49478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49478"
},
{
"name": "CVE-2022-49480",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49480"
},
{
"name": "CVE-2022-49481",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49481"
},
{
"name": "CVE-2022-49482",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49482"
},
{
"name": "CVE-2022-49486",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49486"
},
{
"name": "CVE-2022-49487",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49487"
},
{
"name": "CVE-2022-49488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49488"
},
{
"name": "CVE-2022-49489",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49489"
},
{
"name": "CVE-2022-49491",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49491"
},
{
"name": "CVE-2022-49492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49492"
},
{
"name": "CVE-2022-49493",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49493"
},
{
"name": "CVE-2022-49494",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49494"
},
{
"name": "CVE-2022-49495",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49495"
},
{
"name": "CVE-2022-49498",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49498"
},
{
"name": "CVE-2022-49501",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49501"
},
{
"name": "CVE-2022-49502",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49502"
},
{
"name": "CVE-2022-49503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49503"
},
{
"name": "CVE-2022-49504",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49504"
},
{
"name": "CVE-2022-49505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49505"
},
{
"name": "CVE-2022-49506",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49506"
},
{
"name": "CVE-2022-49507",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49507"
},
{
"name": "CVE-2022-49508",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49508"
},
{
"name": "CVE-2022-49509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49509"
},
{
"name": "CVE-2022-49512",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49512"
},
{
"name": "CVE-2022-49514",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49514"
},
{
"name": "CVE-2022-49515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49515"
},
{
"name": "CVE-2022-49517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49517"
},
{
"name": "CVE-2022-49519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49519"
},
{
"name": "CVE-2022-49520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49520"
},
{
"name": "CVE-2022-49521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49521"
},
{
"name": "CVE-2022-49522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49522"
},
{
"name": "CVE-2022-49523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49523"
},
{
"name": "CVE-2022-49524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49524"
},
{
"name": "CVE-2022-49525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49525"
},
{
"name": "CVE-2022-49526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49526"
},
{
"name": "CVE-2022-49527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49527"
},
{
"name": "CVE-2022-49532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49532"
},
{
"name": "CVE-2022-49534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49534"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2022-49536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49536"
},
{
"name": "CVE-2022-49537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49537"
},
{
"name": "CVE-2022-49541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49541"
},
{
"name": "CVE-2022-49542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49542"
},
{
"name": "CVE-2022-49544",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49544"
},
{
"name": "CVE-2022-49545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49545"
},
{
"name": "CVE-2022-49546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49546"
},
{
"name": "CVE-2022-49549",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49549"
},
{
"name": "CVE-2022-49551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49551"
},
{
"name": "CVE-2022-49555",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49555"
},
{
"name": "CVE-2022-49556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49556"
},
{
"name": "CVE-2022-49559",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49559"
},
{
"name": "CVE-2022-49562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49562"
},
{
"name": "CVE-2022-49563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49563"
},
{
"name": "CVE-2022-49564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49564"
},
{
"name": "CVE-2022-49566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49566"
},
{
"name": "CVE-2022-49568",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49568"
},
{
"name": "CVE-2022-49569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49569"
},
{
"name": "CVE-2022-49570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49570"
},
{
"name": "CVE-2022-49579",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49579"
},
{
"name": "CVE-2022-49581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49581"
},
{
"name": "CVE-2022-49583",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49583"
},
{
"name": "CVE-2022-49584",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49584"
},
{
"name": "CVE-2022-49591",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49591"
},
{
"name": "CVE-2022-49592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49592"
},
{
"name": "CVE-2022-49603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49603"
},
{
"name": "CVE-2022-49605",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49605"
},
{
"name": "CVE-2022-49606",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49606"
},
{
"name": "CVE-2022-49607",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49607"
},
{
"name": "CVE-2022-49609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49609"
},
{
"name": "CVE-2022-49610",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49610"
},
{
"name": "CVE-2022-49611",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49611"
},
{
"name": "CVE-2022-49613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49613"
},
{
"name": "CVE-2022-49615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49615"
},
{
"name": "CVE-2022-49616",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49616"
},
{
"name": "CVE-2022-49617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49617"
},
{
"name": "CVE-2022-49618",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49618"
},
{
"name": "CVE-2022-49621",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49621"
},
{
"name": "CVE-2022-49623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49623"
},
{
"name": "CVE-2022-49625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49625"
},
{
"name": "CVE-2022-49627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49627"
},
{
"name": "CVE-2022-49628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49628"
},
{
"name": "CVE-2022-49631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49631"
},
{
"name": "CVE-2022-49634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49634"
},
{
"name": "CVE-2022-49640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49640"
},
{
"name": "CVE-2022-49641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49641"
},
{
"name": "CVE-2022-49642",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49642"
},
{
"name": "CVE-2022-49643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49643"
},
{
"name": "CVE-2022-49644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49644"
},
{
"name": "CVE-2022-49645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49645"
},
{
"name": "CVE-2022-49646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49646"
},
{
"name": "CVE-2022-49647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49647"
},
{
"name": "CVE-2022-49648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49648"
},
{
"name": "CVE-2022-49649",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49649"
},
{
"name": "CVE-2022-49652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49652"
},
{
"name": "CVE-2022-49653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49653"
},
{
"name": "CVE-2022-49656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49656"
},
{
"name": "CVE-2022-49657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49657"
},
{
"name": "CVE-2022-49663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49663"
},
{
"name": "CVE-2022-49665",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49665"
},
{
"name": "CVE-2022-49667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49667"
},
{
"name": "CVE-2022-49668",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49668"
},
{
"name": "CVE-2022-49670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49670"
},
{
"name": "CVE-2022-49671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49671"
},
{
"name": "CVE-2022-49672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49672"
},
{
"name": "CVE-2022-49673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49673"
},
{
"name": "CVE-2022-49674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49674"
},
{
"name": "CVE-2022-49675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49675"
},
{
"name": "CVE-2022-49676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49676"
},
{
"name": "CVE-2022-49677",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49677"
},
{
"name": "CVE-2022-49678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49678"
},
{
"name": "CVE-2022-49679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49679"
},
{
"name": "CVE-2022-49680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49680"
},
{
"name": "CVE-2022-49683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49683"
},
{
"name": "CVE-2022-49685",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49685"
},
{
"name": "CVE-2022-49687",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49687"
},
{
"name": "CVE-2022-49688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49688"
},
{
"name": "CVE-2022-49693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49693"
},
{
"name": "CVE-2022-49695",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49695"
},
{
"name": "CVE-2022-49699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49699"
},
{
"name": "CVE-2022-49700",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49700"
},
{
"name": "CVE-2022-49701",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49701"
},
{
"name": "CVE-2022-49703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49703"
},
{
"name": "CVE-2022-49704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49704"
},
{
"name": "CVE-2022-49705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49705"
},
{
"name": "CVE-2022-49707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49707"
},
{
"name": "CVE-2022-49708",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49708"
},
{
"name": "CVE-2022-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49710"
},
{
"name": "CVE-2022-49711",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49711"
},
{
"name": "CVE-2022-49712",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49712"
},
{
"name": "CVE-2022-49713",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49713"
},
{
"name": "CVE-2022-49714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49714"
},
{
"name": "CVE-2022-49715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49715"
},
{
"name": "CVE-2022-49716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49716"
},
{
"name": "CVE-2022-49719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49719"
},
{
"name": "CVE-2022-49720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49720"
},
{
"name": "CVE-2022-49721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49721"
},
{
"name": "CVE-2022-49722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49722"
},
{
"name": "CVE-2022-49723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49723"
},
{
"name": "CVE-2022-49724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49724"
},
{
"name": "CVE-2022-49725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49725"
},
{
"name": "CVE-2022-49726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49726"
},
{
"name": "CVE-2022-49729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49729"
},
{
"name": "CVE-2022-49730",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49730"
},
{
"name": "CVE-2022-49731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49731"
},
{
"name": "CVE-2022-49733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49733"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-47794",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47794"
},
{
"name": "CVE-2024-54683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54683"
},
{
"name": "CVE-2024-56638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56638"
},
{
"name": "CVE-2024-56719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56719"
},
{
"name": "CVE-2024-56758",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56758"
},
{
"name": "CVE-2025-21635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21635"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-57978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57978"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2025-21703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21703"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21794"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-21819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21819"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2021-4454",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4454"
},
{
"name": "CVE-2022-49053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49053"
},
{
"name": "CVE-2022-49056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49056"
},
{
"name": "CVE-2022-49057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49057"
},
{
"name": "CVE-2022-49062",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49062"
},
{
"name": "CVE-2022-49064",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49064"
},
{
"name": "CVE-2022-49070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49070"
},
{
"name": "CVE-2022-49071",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49071"
},
{
"name": "CVE-2022-49075",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49075"
},
{
"name": "CVE-2022-49123",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49123"
},
{
"name": "CVE-2022-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49125"
},
{
"name": "CVE-2022-49133",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49133"
},
{
"name": "CVE-2022-49136",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49136"
},
{
"name": "CVE-2022-49138",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49138"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2022-49144",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49144"
},
{
"name": "CVE-2022-49183",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49183"
},
{
"name": "CVE-2022-49192",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49192"
},
{
"name": "CVE-2022-49202",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49202"
},
{
"name": "CVE-2022-49203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49203"
},
{
"name": "CVE-2022-49204",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49204"
},
{
"name": "CVE-2022-49205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49205"
},
{
"name": "CVE-2022-49207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49207"
},
{
"name": "CVE-2022-49209",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49209"
},
{
"name": "CVE-2022-49215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49215"
},
{
"name": "CVE-2022-49219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49219"
},
{
"name": "CVE-2022-49225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49225"
},
{
"name": "CVE-2022-49228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49228"
},
{
"name": "CVE-2022-49230",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49230"
},
{
"name": "CVE-2022-49233",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49233"
},
{
"name": "CVE-2022-49237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49237"
},
{
"name": "CVE-2022-49238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49238"
},
{
"name": "CVE-2022-49293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49293"
},
{
"name": "CVE-2022-49296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49296"
},
{
"name": "CVE-2022-49306",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49306"
},
{
"name": "CVE-2022-49325",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49325"
},
{
"name": "CVE-2022-49329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49329"
},
{
"name": "CVE-2022-49330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49330"
},
{
"name": "CVE-2022-49333",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49333"
},
{
"name": "CVE-2022-49338",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49338"
},
{
"name": "CVE-2022-49353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49353"
},
{
"name": "CVE-2022-49359",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49359"
},
{
"name": "CVE-2022-49362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49362"
},
{
"name": "CVE-2022-49365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49365"
},
{
"name": "CVE-2022-49390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49390"
},
{
"name": "CVE-2022-49406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49406"
},
{
"name": "CVE-2022-49419",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49419"
},
{
"name": "CVE-2022-49436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49436"
},
{
"name": "CVE-2022-49446",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49446"
},
{
"name": "CVE-2022-49458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49458"
},
{
"name": "CVE-2022-49465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49465"
},
{
"name": "CVE-2022-49470",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49470"
},
{
"name": "CVE-2022-49476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49476"
},
{
"name": "CVE-2022-49479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49479"
},
{
"name": "CVE-2022-49483",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49483"
},
{
"name": "CVE-2022-49484",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49484"
},
{
"name": "CVE-2022-49485",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49485"
},
{
"name": "CVE-2022-49497",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49497"
},
{
"name": "CVE-2022-49499",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49499"
},
{
"name": "CVE-2022-49510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49510"
},
{
"name": "CVE-2022-49511",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49511"
},
{
"name": "CVE-2022-49516",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49516"
},
{
"name": "CVE-2022-49518",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49518"
},
{
"name": "CVE-2022-49529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49529"
},
{
"name": "CVE-2022-49530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49530"
},
{
"name": "CVE-2022-49533",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49533"
},
{
"name": "CVE-2022-49538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49538"
},
{
"name": "CVE-2022-49543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49543"
},
{
"name": "CVE-2022-49548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49548"
},
{
"name": "CVE-2022-49552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49552"
},
{
"name": "CVE-2022-49560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49560"
},
{
"name": "CVE-2022-49565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49565"
},
{
"name": "CVE-2022-49624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49624"
},
{
"name": "CVE-2022-49635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49635"
},
{
"name": "CVE-2022-49638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49638"
},
{
"name": "CVE-2022-49650",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49650"
},
{
"name": "CVE-2022-49655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49655"
},
{
"name": "CVE-2022-49658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49658"
},
{
"name": "CVE-2022-49686",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49686"
},
{
"name": "CVE-2022-49694",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49694"
},
{
"name": "CVE-2022-49697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49697"
},
{
"name": "CVE-2022-49732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49732"
},
{
"name": "CVE-2022-49739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49739"
},
{
"name": "CVE-2022-49746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49746"
},
{
"name": "CVE-2022-49748",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49748"
},
{
"name": "CVE-2022-49751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49751"
},
{
"name": "CVE-2022-49753",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49753"
},
{
"name": "CVE-2022-49755",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49755"
},
{
"name": "CVE-2022-49759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49759"
},
{
"name": "CVE-2023-52831",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52831"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2023-52930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52930"
},
{
"name": "CVE-2023-52933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52933"
},
{
"name": "CVE-2023-52935",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52935"
},
{
"name": "CVE-2023-52939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52939"
},
{
"name": "CVE-2023-52941",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52941"
},
{
"name": "CVE-2023-52973",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52973"
},
{
"name": "CVE-2023-52974",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52974"
},
{
"name": "CVE-2023-52975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52975"
},
{
"name": "CVE-2023-52976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52976"
},
{
"name": "CVE-2023-52979",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52979"
},
{
"name": "CVE-2023-52983",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52983"
},
{
"name": "CVE-2023-52984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52984"
},
{
"name": "CVE-2023-52988",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52988"
},
{
"name": "CVE-2023-52989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52989"
},
{
"name": "CVE-2023-52992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52992"
},
{
"name": "CVE-2023-52993",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52993"
},
{
"name": "CVE-2023-53000",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53000"
},
{
"name": "CVE-2023-53005",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53005"
},
{
"name": "CVE-2023-53006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53006"
},
{
"name": "CVE-2023-53007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53007"
},
{
"name": "CVE-2023-53008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53008"
},
{
"name": "CVE-2023-53010",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53010"
},
{
"name": "CVE-2023-53015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53015"
},
{
"name": "CVE-2023-53016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53016"
},
{
"name": "CVE-2023-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53019"
},
{
"name": "CVE-2023-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53023"
},
{
"name": "CVE-2023-53024",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53024"
},
{
"name": "CVE-2023-53025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53025"
},
{
"name": "CVE-2023-53026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53026"
},
{
"name": "CVE-2023-53028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53028"
},
{
"name": "CVE-2023-53029",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53029"
},
{
"name": "CVE-2023-53030",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53030"
},
{
"name": "CVE-2023-53033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53033"
},
{
"name": "CVE-2024-41149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41149"
},
{
"name": "CVE-2024-46736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46736"
},
{
"name": "CVE-2024-46796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46796"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2024-57947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57947"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2024-58012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58012"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21693"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21831"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-21850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21850"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21876"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0307",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1177-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251177-1"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1180-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251180-1"
},
{
"published_at": "2025-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1194-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251194-1"
},
{
"published_at": "2025-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1195-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1178-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251178-1"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1176-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251176-1"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1183-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1"
}
]
}
CERTFR-2025-AVI-0449
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | N/A | openSUSE Leap 15.3 | ||
| SUSE | N/A | SUSE Enterprise Storage 7.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP3 Business Critical Linux | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | N/A | openSUSE Leap 15.6 | ||
| SUSE | N/A | Legacy Module 15-SP6 | ||
| SUSE | N/A | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Desktop 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | N/A | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP6 | ||
| SUSE | N/A | SUSE Manager Proxy 4.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | N/A | Basesystem Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | N/A | Development Tools Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | N/A | SUSE Manager Server 4.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security | ||
| SUSE | N/A | SUSE Manager Proxy 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 LTSS | ||
| SUSE | N/A | SUSE Manager Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP3 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | N/A | openSUSE Leap 15.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP6 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 Business Critical Linux",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0179"
},
{
"name": "CVE-2024-27018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27018"
},
{
"name": "CVE-2024-27415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27415"
},
{
"name": "CVE-2022-48933",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48933"
},
{
"name": "CVE-2024-43882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43882"
},
{
"name": "CVE-2024-46763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
},
{
"name": "CVE-2024-46784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46784"
},
{
"name": "CVE-2024-46865",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46865"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2024-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53042"
},
{
"name": "CVE-2021-47163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47163"
},
{
"name": "CVE-2024-42307",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42307"
},
{
"name": "CVE-2024-50038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50038"
},
{
"name": "CVE-2024-50115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50115"
},
{
"name": "CVE-2024-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50083"
},
{
"name": "CVE-2024-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50162"
},
{
"name": "CVE-2024-50163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50163"
},
{
"name": "CVE-2024-53156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53156"
},
{
"name": "CVE-2024-56590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56590"
},
{
"name": "CVE-2024-56641",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56641"
},
{
"name": "CVE-2024-56642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56642"
},
{
"name": "CVE-2024-56661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56661"
},
{
"name": "CVE-2024-49994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49994"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2024-53139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53139"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2021-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47659"
},
{
"name": "CVE-2022-49044",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49044"
},
{
"name": "CVE-2022-49055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49055"
},
{
"name": "CVE-2022-49060",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49060"
},
{
"name": "CVE-2022-49086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49086"
},
{
"name": "CVE-2022-49111",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49111"
},
{
"name": "CVE-2022-49118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49118"
},
{
"name": "CVE-2022-49121",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49121"
},
{
"name": "CVE-2022-49137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49137"
},
{
"name": "CVE-2022-49175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49175"
},
{
"name": "CVE-2022-49176",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49176"
},
{
"name": "CVE-2022-49179",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49179"
},
{
"name": "CVE-2022-49188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49188"
},
{
"name": "CVE-2022-49232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49232"
},
{
"name": "CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"name": "CVE-2022-49305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49305"
},
{
"name": "CVE-2022-49335",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49335"
},
{
"name": "CVE-2022-49351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49351"
},
{
"name": "CVE-2022-49385",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49385"
},
{
"name": "CVE-2022-49411",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49411"
},
{
"name": "CVE-2022-49442",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49442"
},
{
"name": "CVE-2022-49478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49478"
},
{
"name": "CVE-2022-49489",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49489"
},
{
"name": "CVE-2022-49504",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49504"
},
{
"name": "CVE-2022-49521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49521"
},
{
"name": "CVE-2022-49525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49525"
},
{
"name": "CVE-2022-49534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49534"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2022-49536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49536"
},
{
"name": "CVE-2022-49537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49537"
},
{
"name": "CVE-2022-49542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49542"
},
{
"name": "CVE-2022-49668",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49668"
},
{
"name": "CVE-2022-49693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49693"
},
{
"name": "CVE-2022-49725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49725"
},
{
"name": "CVE-2022-49730",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49730"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-54683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54683"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21635"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2022-49205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49205"
},
{
"name": "CVE-2022-49325",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49325"
},
{
"name": "CVE-2022-49390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49390"
},
{
"name": "CVE-2022-49465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49465"
},
{
"name": "CVE-2022-49658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49658"
},
{
"name": "CVE-2022-49753",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49753"
},
{
"name": "CVE-2023-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53023"
},
{
"name": "CVE-2023-53026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53026"
},
{
"name": "CVE-2023-53033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53033"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2023-53031",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53031"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-21696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21696"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22033"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-22093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22093"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2024-28956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28956"
},
{
"name": "CVE-2025-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21953"
},
{
"name": "CVE-2020-36789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36789"
},
{
"name": "CVE-2021-47668",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47668"
},
{
"name": "CVE-2021-47669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47669"
},
{
"name": "CVE-2021-47670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47670"
},
{
"name": "CVE-2021-47671",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47671"
},
{
"name": "CVE-2022-49110",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49110"
},
{
"name": "CVE-2022-49171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49171"
},
{
"name": "CVE-2022-49197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49197"
},
{
"name": "CVE-2022-49561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49561"
},
{
"name": "CVE-2022-49590",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49590"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2022-49741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49741"
},
{
"name": "CVE-2022-49745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49745"
},
{
"name": "CVE-2022-49749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49749"
},
{
"name": "CVE-2022-49767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49767"
},
{
"name": "CVE-2023-52928",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52928"
},
{
"name": "CVE-2023-52931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52931"
},
{
"name": "CVE-2023-52936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52936"
},
{
"name": "CVE-2023-52937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52937"
},
{
"name": "CVE-2023-52938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52938"
},
{
"name": "CVE-2023-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52981"
},
{
"name": "CVE-2023-52982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52982"
},
{
"name": "CVE-2023-52986",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52986"
},
{
"name": "CVE-2023-52994",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52994"
},
{
"name": "CVE-2023-53001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53001"
},
{
"name": "CVE-2023-53002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53002"
},
{
"name": "CVE-2023-53009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53009"
},
{
"name": "CVE-2023-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53014"
},
{
"name": "CVE-2023-53018",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53018"
},
{
"name": "CVE-2023-53032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53032"
},
{
"name": "CVE-2023-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53051"
},
{
"name": "CVE-2024-35840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35840"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-58094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58094"
},
{
"name": "CVE-2024-58095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58095"
},
{
"name": "CVE-2024-58096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58096"
},
{
"name": "CVE-2024-58097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58097"
},
{
"name": "CVE-2025-21729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21729"
},
{
"name": "CVE-2025-21755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21755"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21833"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21852"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2025-21884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2025-21923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21923"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21931"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2025-21985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21985"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22029"
},
{
"name": "CVE-2025-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22036"
},
{
"name": "CVE-2025-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22053"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-22064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22064"
},
{
"name": "CVE-2025-22065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22065"
},
{
"name": "CVE-2025-22080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22080"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-22102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22102"
},
{
"name": "CVE-2025-22104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22104"
},
{
"name": "CVE-2025-22105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22105"
},
{
"name": "CVE-2025-22106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22106"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2025-22108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22108"
},
{
"name": "CVE-2025-22109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22109"
},
{
"name": "CVE-2025-22115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22115"
},
{
"name": "CVE-2025-22116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22116"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-22128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22128"
},
{
"name": "CVE-2025-23129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23129"
},
{
"name": "CVE-2025-23131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23131"
},
{
"name": "CVE-2025-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23133"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37799"
},
{
"name": "CVE-2025-37860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37860"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0449",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01627-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501627-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01611-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501611-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01614-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501614-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01656-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501656-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01652-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501652-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01668-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501668-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01601-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501601-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01682-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501682-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01590-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501590-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01676-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501676-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01655-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501655-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01620-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501620-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01633-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501633-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01672-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501672-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01593-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501593-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01600-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501600-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01675-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501675-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01603-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501603-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01669-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501669-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01677-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501677-1"
},
{
"published_at": "2025-05-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1574-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251574-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01598-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501598-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01640-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501640-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01610-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501610-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01683-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501683-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01663-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501663-1"
},
{
"published_at": "2025-05-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1573-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251573-1"
}
]
}
CERTFR-2025-AVI-0277
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian LTS. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 6.1.129-1~deb11u1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-42122",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42122"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-56549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56549"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21794"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2024-26596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26596"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21819"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2024-45001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45001"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-47726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47726"
},
{
"name": "CVE-2024-50061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50061"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2024-40945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40945"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2024-42069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42069"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-57978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57978"
},
{
"name": "CVE-2025-21703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21703"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21700"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0277",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian LTS. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian LTS",
"vendor_advisories": [
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4102-1",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-0758
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2023-52477",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2024-50202",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50202"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2024-50051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50051"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2024-53131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53131"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2024-53130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53130"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2021-47345",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47345"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-47685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47685"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2024-57984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57984"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2024-27074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27074"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0758",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7726-4",
"url": "https://ubuntu.com/security/notices/USN-7726-4"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7725-1",
"url": "https://ubuntu.com/security/notices/USN-7725-1"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7726-2",
"url": "https://ubuntu.com/security/notices/USN-7726-2"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7703-4",
"url": "https://ubuntu.com/security/notices/USN-7703-4"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7726-3",
"url": "https://ubuntu.com/security/notices/USN-7726-3"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7724-1",
"url": "https://ubuntu.com/security/notices/USN-7724-1"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7727-2",
"url": "https://ubuntu.com/security/notices/USN-7727-2"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7725-2",
"url": "https://ubuntu.com/security/notices/USN-7725-2"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7704-5",
"url": "https://ubuntu.com/security/notices/USN-7704-5"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7727-1",
"url": "https://ubuntu.com/security/notices/USN-7727-1"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7727-3",
"url": "https://ubuntu.com/security/notices/USN-7727-3"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7726-1",
"url": "https://ubuntu.com/security/notices/USN-7726-1"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7712-2",
"url": "https://ubuntu.com/security/notices/USN-7712-2"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7725-3",
"url": "https://ubuntu.com/security/notices/USN-7725-3"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7737-1",
"url": "https://ubuntu.com/security/notices/USN-7737-1"
}
]
}
CERTFR-2025-AVI-0463
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian LTS. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 6.1.137-1~deb11u1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 5.10.237-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
},
{
"name": "CVE-2023-52621",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52621"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2024-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26982"
},
{
"name": "CVE-2024-27056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27056"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2024-26656",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26656"
},
{
"name": "CVE-2021-47489",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47489"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2024-26928",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26928"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2021-47247",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47247"
},
{
"name": "CVE-2023-52752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2024-39494",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39494"
},
{
"name": "CVE-2023-52857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52857"
},
{
"name": "CVE-2024-26767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26767"
},
{
"name": "CVE-2024-38611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2024-41073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41073"
},
{
"name": "CVE-2024-40973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40973"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2024-43831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43831"
},
{
"name": "CVE-2024-44938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44938"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2024-46772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46772"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2024-42129",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42129"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2024-47730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47730"
},
{
"name": "CVE-2024-47753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47753"
},
{
"name": "CVE-2024-47754",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47754"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2024-50063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50063"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2024-46733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46733"
},
{
"name": "CVE-2024-46823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46823"
},
{
"name": "CVE-2024-50154",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50154"
},
{
"name": "CVE-2024-50246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50246"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2024-53166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53166"
},
{
"name": "CVE-2024-56599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56599"
},
{
"name": "CVE-2024-56609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56609"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2024-56608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56608"
},
{
"name": "CVE-2024-56658",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56658"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2024-47726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47726"
},
{
"name": "CVE-2024-50056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50056"
},
{
"name": "CVE-2025-21700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21700"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-49309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49309"
},
{
"name": "CVE-2022-49546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49546"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2022-49219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49219"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21702"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2025-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21938"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2022-49046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49046"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22033"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-22038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22038"
},
{
"name": "CVE-2025-22040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22040"
},
{
"name": "CVE-2025-22041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22041"
},
{
"name": "CVE-2025-22042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22042"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22049"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-22072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22072"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-22093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22093"
},
{
"name": "CVE-2025-22095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22095"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-22126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22126"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2022-49190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49190"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23141"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-37748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37748"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37769"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37772"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-37775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37775"
},
{
"name": "CVE-2025-37778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37778"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-37782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37782"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-37801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37801"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37815"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-37818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37818"
},
{
"name": "CVE-2025-37820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37820"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37849"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-37852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37852"
},
{
"name": "CVE-2025-37854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37854"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-37865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37865"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-37879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37879"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2025-37884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37884"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-37938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37938"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-37979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37979"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0463",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian LTS. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian LTS",
"vendor_advisories": [
{
"published_at": "2025-05-25",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4178-1",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"published_at": "2025-05-30",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4193-1",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
]
}
CERTFR-2025-AVI-0559
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 25.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-40114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40114"
},
{
"name": "CVE-2024-50116",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50116"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2025-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22026"
},
{
"name": "CVE-2023-52664",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52664"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-37761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37761"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2025-22083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22083"
},
{
"name": "CVE-2025-37865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37865"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2025-22074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22074"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2025-22110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22110"
},
{
"name": "CVE-2025-37775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37775"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2025-22033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22033"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-22034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22034"
},
{
"name": "CVE-2025-37872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37872"
},
{
"name": "CVE-2024-58094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58094"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2024-53222",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53222"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22036"
},
{
"name": "CVE-2025-23155",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23155"
},
{
"name": "CVE-2025-37751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37751"
},
{
"name": "CVE-2025-37870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37870"
},
{
"name": "CVE-2025-22100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22100"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-37979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37979"
},
{
"name": "CVE-2025-22069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22069"
},
{
"name": "CVE-2025-37777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37777"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-38104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38104"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37778"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-22040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22040"
},
{
"name": "CVE-2025-37847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37847"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-22126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22126"
},
{
"name": "CVE-2025-37755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37755"
},
{
"name": "CVE-2025-37880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37880"
},
{
"name": "CVE-2025-37833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37833"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-37762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37762"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-23129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23129"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2025-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22059"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22019"
},
{
"name": "CVE-2025-22106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22106"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-22046",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22046"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2025-22093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22093"
},
{
"name": "CVE-2025-37852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37852"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-22125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22125"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-22082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22082"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-23131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23131"
},
{
"name": "CVE-2022-49909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49909"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22103"
},
{
"name": "CVE-2025-37784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37784"
},
{
"name": "CVE-2025-37743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37743"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37815"
},
{
"name": "CVE-2025-37860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37860"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-22095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22095"
},
{
"name": "CVE-2025-37760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37760"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-22023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22023"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2025-37943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37943"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-37745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37745"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2024-58092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58092"
},
{
"name": "CVE-2025-39778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39778"
},
{
"name": "CVE-2025-37882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37882"
},
{
"name": "CVE-2025-22091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22091"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-22030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22030"
},
{
"name": "CVE-2025-22116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22116"
},
{
"name": "CVE-2025-37848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37848"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-23160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23160"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-22039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22039"
},
{
"name": "CVE-2025-37842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37842"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22084"
},
{
"name": "CVE-2025-22031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22031"
},
{
"name": "CVE-2025-37744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37744"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22067"
},
{
"name": "CVE-2025-37884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37884"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-37869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37869"
},
{
"name": "CVE-2024-56721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56721"
},
{
"name": "CVE-2025-22105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22105"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2025-37834",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37834"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-21990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21990"
},
{
"name": "CVE-2025-22117",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22117"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2025-22000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22000"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-23137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23137"
},
{
"name": "CVE-2025-37853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37853"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-37764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37764"
},
{
"name": "CVE-2025-39755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39755"
},
{
"name": "CVE-2025-39688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39688"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37806"
},
{
"name": "CVE-2025-37822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37822"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-37821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37821"
},
{
"name": "CVE-2025-37820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37820"
},
{
"name": "CVE-2025-21974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21974"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-22080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22080"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-37878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37878"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2024-53197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53197"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2021-47211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47211"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-37813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37813"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-58095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58095"
},
{
"name": "CVE-2025-23162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23162"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-40014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40014"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-56599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56599"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-21984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21984"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-22051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22051"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-37887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37887"
},
{
"name": "CVE-2025-37861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37861"
},
{
"name": "CVE-2025-37938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37938"
},
{
"name": "CVE-2025-37746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37746"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2025-22112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22112"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-49958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49958"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-37783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37783"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2025-37874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37874"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-37855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37855"
},
{
"name": "CVE-2025-37988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37988"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2025-37816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37816"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-39989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39989"
},
{
"name": "CVE-2025-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22028"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-37828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37828"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37769"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-39930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39930"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-21973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21973"
},
{
"name": "CVE-2025-37791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37791"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38240"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-37831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37831"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-37945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37945"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-23135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23135"
},
{
"name": "CVE-2025-22043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22043"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2025-21989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21989"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2025-22057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22057"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-22113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22113"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37978"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22114"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-23143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23143"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-23141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23141"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2025-37941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37941"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22068"
},
{
"name": "CVE-2025-37793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37793"
},
{
"name": "CVE-2025-22111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22111"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-37826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37826"
},
{
"name": "CVE-2025-37986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37986"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2021-47260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47260"
},
{
"name": "CVE-2025-22052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22052"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37799"
},
{
"name": "CVE-2025-37779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37779"
},
{
"name": "CVE-2025-37801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37801"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2025-37863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37863"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-22104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22104"
},
{
"name": "CVE-2025-37864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37864"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2025-22118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22118"
},
{
"name": "CVE-2025-21998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21998"
},
{
"name": "CVE-2025-37939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37939"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-22072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22072"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2025-22024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22024"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-37925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37925"
},
{
"name": "CVE-2025-22085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22085"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-37984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37984"
},
{
"name": "CVE-2025-38479",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38479"
},
{
"name": "CVE-2025-37856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37856"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2025-37981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37981"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2024-56551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56551"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2021-47576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2025-22109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22109"
},
{
"name": "CVE-2025-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22047"
},
{
"name": "CVE-2025-23132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23132"
},
{
"name": "CVE-2025-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22070"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-23153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23153"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-22094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22094"
},
{
"name": "CVE-2025-22065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22065"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-37846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37846"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2025-22101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22101"
},
{
"name": "CVE-2025-23152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23152"
},
{
"name": "CVE-2025-22096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22096"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-23149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23149"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-37873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37873"
},
{
"name": "CVE-2025-22061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22061"
},
{
"name": "CVE-2025-37802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37802"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2025-22076",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22076"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2024-58096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58096"
},
{
"name": "CVE-2025-22037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22037"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-37977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37977"
},
{
"name": "CVE-2025-37827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37827"
},
{
"name": "CVE-2025-37747",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37747"
},
{
"name": "CVE-2025-37748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37748"
},
{
"name": "CVE-2025-21893",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21893"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-22002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22002"
},
{
"name": "CVE-2025-37944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37944"
},
{
"name": "CVE-2024-47726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47726"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-37825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37825"
},
{
"name": "CVE-2025-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22022"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37975"
},
{
"name": "CVE-2025-23134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23134"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22119"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-37809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37809"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2025-37814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37814"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-22102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22102"
},
{
"name": "CVE-2025-37987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37987"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-37876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37876"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-37772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37772"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-21923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21923"
},
{
"name": "CVE-2024-58097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58097"
},
{
"name": "CVE-2025-23130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23130"
},
{
"name": "CVE-2025-23154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23154"
},
{
"name": "CVE-2025-22087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22087"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-53168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-37754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37754"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-22042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22042"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-22124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22124"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2025-37776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37776"
},
{
"name": "CVE-2025-22092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22092"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-37942",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37942"
},
{
"name": "CVE-2025-37759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37759"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-37886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37886"
},
{
"name": "CVE-2025-37877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37877"
},
{
"name": "CVE-2025-22038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22038"
},
{
"name": "CVE-2025-37800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37800"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-22099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22099"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-22108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22108"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-37866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37866"
},
{
"name": "CVE-2025-37763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37763"
},
{
"name": "CVE-2025-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23133"
},
{
"name": "CVE-2025-22128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22128"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37868"
},
{
"name": "CVE-2025-37843",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37843"
},
{
"name": "CVE-2025-37786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37786"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-57978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57978"
},
{
"name": "CVE-2024-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26982"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2025-37807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37807"
},
{
"name": "CVE-2025-22098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22098"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-40325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40325"
},
{
"name": "CVE-2024-56608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56608"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-22122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22122"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22078"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-37845",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37845"
},
{
"name": "CVE-2025-37980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37980"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37837",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37837"
},
{
"name": "CVE-2025-37879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37879"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2025-22064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22064"
},
{
"name": "CVE-2025-37849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37849"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22053"
},
{
"name": "CVE-2025-37888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37888"
},
{
"name": "CVE-2025-38049",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38049"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-21902",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21902"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-22041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22041"
},
{
"name": "CVE-2025-22127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22127"
},
{
"name": "CVE-2025-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21939"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-37774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37774"
},
{
"name": "CVE-2025-22115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22115"
},
{
"name": "CVE-2025-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22032"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2025-22120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22120"
},
{
"name": "CVE-2025-37854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37854"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-22123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22123"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0559",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7607-2",
"url": "https://ubuntu.com/security/notices/USN-7607-2"
},
{
"published_at": "2025-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7595-3",
"url": "https://ubuntu.com/security/notices/USN-7595-3"
},
{
"published_at": "2025-07-03",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7585-6",
"url": "https://ubuntu.com/security/notices/USN-7585-6"
},
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7605-1",
"url": "https://ubuntu.com/security/notices/USN-7605-1"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-3",
"url": "https://ubuntu.com/security/notices/USN-7608-3"
},
{
"published_at": "2025-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7602-1",
"url": "https://ubuntu.com/security/notices/USN-7602-1"
},
{
"published_at": "2025-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7594-2",
"url": "https://ubuntu.com/security/notices/USN-7594-2"
},
{
"published_at": "2025-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7596-2",
"url": "https://ubuntu.com/security/notices/USN-7596-2"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7609-1",
"url": "https://ubuntu.com/security/notices/USN-7609-1"
},
{
"published_at": "2025-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7585-4",
"url": "https://ubuntu.com/security/notices/USN-7585-4"
},
{
"published_at": "2025-07-03",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-4",
"url": "https://ubuntu.com/security/notices/USN-7608-4"
},
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7606-1",
"url": "https://ubuntu.com/security/notices/USN-7606-1"
},
{
"published_at": "2025-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7595-4",
"url": "https://ubuntu.com/security/notices/USN-7595-4"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-2",
"url": "https://ubuntu.com/security/notices/USN-7608-2"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7607-1",
"url": "https://ubuntu.com/security/notices/USN-7607-1"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-1",
"url": "https://ubuntu.com/security/notices/USN-7608-1"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7609-2",
"url": "https://ubuntu.com/security/notices/USN-7609-2"
},
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7595-5",
"url": "https://ubuntu.com/security/notices/USN-7595-5"
},
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7585-5",
"url": "https://ubuntu.com/security/notices/USN-7585-5"
}
]
}
CERTFR-2025-AVI-0307
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Desktop 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Manager Proxy 4.3 | ||
| SUSE | N/A | Basesystem Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | N/A | SUSE Real Time Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | N/A | Public Cloud Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | N/A | openSUSE Leap 15.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Manager Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | N/A | Legacy Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | N/A | openSUSE Leap 15.6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | N/A | Development Tools Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Real Time Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Public Cloud Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2017-5753",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5753"
},
{
"name": "CVE-2020-27835",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27835"
},
{
"name": "CVE-2022-1016",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1016"
},
{
"name": "CVE-2022-1184",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1184"
},
{
"name": "CVE-2022-1048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1048"
},
{
"name": "CVE-2022-0168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0168"
},
{
"name": "CVE-2022-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3435"
},
{
"name": "CVE-2022-29901",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29901"
},
{
"name": "CVE-2022-29900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29900"
},
{
"name": "CVE-2022-2977",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2977"
},
{
"name": "CVE-2022-3303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3303"
},
{
"name": "CVE-2023-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0179"
},
{
"name": "CVE-2023-1652",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1652"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3567"
},
{
"name": "CVE-2024-2201",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2201"
},
{
"name": "CVE-2024-26634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26634"
},
{
"name": "CVE-2021-47248",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47248"
},
{
"name": "CVE-2024-35910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35910"
},
{
"name": "CVE-2024-26873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26873"
},
{
"name": "CVE-2024-35826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35826"
},
{
"name": "CVE-2024-41005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41005"
},
{
"name": "CVE-2024-38606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
},
{
"name": "CVE-2024-41077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41077"
},
{
"name": "CVE-2024-42229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42229"
},
{
"name": "CVE-2024-41092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41092"
},
{
"name": "CVE-2024-42098",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42098"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2021-47517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47517"
},
{
"name": "CVE-2024-46782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50290",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50290"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2024-53063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53063"
},
{
"name": "CVE-2024-42307",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42307"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-49924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49924"
},
{
"name": "CVE-2024-47678",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47678"
},
{
"name": "CVE-2024-53140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53140"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2024-56642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56642"
},
{
"name": "CVE-2024-56651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56651"
},
{
"name": "CVE-2024-49994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49994"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2024-56703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56703"
},
{
"name": "CVE-2025-21631",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21631"
},
{
"name": "CVE-2025-21671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21671"
},
{
"name": "CVE-2024-49940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49940"
},
{
"name": "CVE-2024-50056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50056"
},
{
"name": "CVE-2024-50140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50140"
},
{
"name": "CVE-2024-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50152"
},
{
"name": "CVE-2024-53163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53163"
},
{
"name": "CVE-2024-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53176"
},
{
"name": "CVE-2024-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53178"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-52926",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52926"
},
{
"name": "CVE-2024-47408",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47408"
},
{
"name": "CVE-2024-49571",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49571"
},
{
"name": "CVE-2024-53680",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53680"
},
{
"name": "CVE-2024-56640",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56640"
},
{
"name": "CVE-2024-56718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56718"
},
{
"name": "CVE-2024-56770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56770"
},
{
"name": "CVE-2024-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57807"
},
{
"name": "CVE-2024-57900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57900"
},
{
"name": "CVE-2021-47633",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47633"
},
{
"name": "CVE-2021-47644",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47644"
},
{
"name": "CVE-2022-49076",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49076"
},
{
"name": "CVE-2022-49089",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49089"
},
{
"name": "CVE-2022-49134",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49134"
},
{
"name": "CVE-2022-49135",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49135"
},
{
"name": "CVE-2022-49151",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49151"
},
{
"name": "CVE-2022-49178",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49178"
},
{
"name": "CVE-2022-49182",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49182"
},
{
"name": "CVE-2022-49201",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49201"
},
{
"name": "CVE-2022-49247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49247"
},
{
"name": "CVE-2022-49490",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49490"
},
{
"name": "CVE-2022-49626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49626"
},
{
"name": "CVE-2022-49661",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49661"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2021-4453",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4453"
},
{
"name": "CVE-2021-47631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47631"
},
{
"name": "CVE-2021-47632",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47632"
},
{
"name": "CVE-2021-47635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47635"
},
{
"name": "CVE-2021-47636",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47636"
},
{
"name": "CVE-2021-47637",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47637"
},
{
"name": "CVE-2021-47638",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47638"
},
{
"name": "CVE-2021-47639",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47639"
},
{
"name": "CVE-2021-47641",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47641"
},
{
"name": "CVE-2021-47642",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47642"
},
{
"name": "CVE-2021-47643",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47643"
},
{
"name": "CVE-2021-47645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47645"
},
{
"name": "CVE-2021-47646",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47646"
},
{
"name": "CVE-2021-47647",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47647"
},
{
"name": "CVE-2021-47648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47648"
},
{
"name": "CVE-2021-47649",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47649"
},
{
"name": "CVE-2021-47650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47650"
},
{
"name": "CVE-2021-47651",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47651"
},
{
"name": "CVE-2021-47652",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47652"
},
{
"name": "CVE-2021-47653",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47653"
},
{
"name": "CVE-2021-47654",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47654"
},
{
"name": "CVE-2021-47656",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47656"
},
{
"name": "CVE-2021-47657",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47657"
},
{
"name": "CVE-2021-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47659"
},
{
"name": "CVE-2022-0995",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0995"
},
{
"name": "CVE-2022-49044",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49044"
},
{
"name": "CVE-2022-49050",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49050"
},
{
"name": "CVE-2022-49051",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49051"
},
{
"name": "CVE-2022-49054",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49054"
},
{
"name": "CVE-2022-49055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49055"
},
{
"name": "CVE-2022-49058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49058"
},
{
"name": "CVE-2022-49059",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49059"
},
{
"name": "CVE-2022-49060",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49060"
},
{
"name": "CVE-2022-49061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49061"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2022-49065",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49065"
},
{
"name": "CVE-2022-49066",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49066"
},
{
"name": "CVE-2022-49073",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49073"
},
{
"name": "CVE-2022-49074",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49074"
},
{
"name": "CVE-2022-49078",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49078"
},
{
"name": "CVE-2022-49082",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49082"
},
{
"name": "CVE-2022-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49083"
},
{
"name": "CVE-2022-49084",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49084"
},
{
"name": "CVE-2022-49085",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49085"
},
{
"name": "CVE-2022-49086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49086"
},
{
"name": "CVE-2022-49088",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49088"
},
{
"name": "CVE-2022-49090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49090"
},
{
"name": "CVE-2022-49091",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49091"
},
{
"name": "CVE-2022-49092",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49092"
},
{
"name": "CVE-2022-49093",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49093"
},
{
"name": "CVE-2022-49095",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49095"
},
{
"name": "CVE-2022-49096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49096"
},
{
"name": "CVE-2022-49097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49097"
},
{
"name": "CVE-2022-49098",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49098"
},
{
"name": "CVE-2022-49099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49099"
},
{
"name": "CVE-2022-49100",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49100"
},
{
"name": "CVE-2022-49102",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49102"
},
{
"name": "CVE-2022-49103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49103"
},
{
"name": "CVE-2022-49104",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49104"
},
{
"name": "CVE-2022-49105",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49105"
},
{
"name": "CVE-2022-49106",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49106"
},
{
"name": "CVE-2022-49107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49107"
},
{
"name": "CVE-2022-49109",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49109"
},
{
"name": "CVE-2022-49111",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49111"
},
{
"name": "CVE-2022-49112",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49112"
},
{
"name": "CVE-2022-49113",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49113"
},
{
"name": "CVE-2022-49114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49114"
},
{
"name": "CVE-2022-49115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49115"
},
{
"name": "CVE-2022-49116",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49116"
},
{
"name": "CVE-2022-49118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49118"
},
{
"name": "CVE-2022-49119",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49119"
},
{
"name": "CVE-2022-49120",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49120"
},
{
"name": "CVE-2022-49121",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49121"
},
{
"name": "CVE-2022-49122",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49122"
},
{
"name": "CVE-2022-49126",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49126"
},
{
"name": "CVE-2022-49128",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49128"
},
{
"name": "CVE-2022-49129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49129"
},
{
"name": "CVE-2022-49130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49130"
},
{
"name": "CVE-2022-49131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49131"
},
{
"name": "CVE-2022-49132",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49132"
},
{
"name": "CVE-2022-49137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49137"
},
{
"name": "CVE-2022-49145",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49145"
},
{
"name": "CVE-2022-49147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49147"
},
{
"name": "CVE-2022-49148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49148"
},
{
"name": "CVE-2022-49153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49153"
},
{
"name": "CVE-2022-49154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49154"
},
{
"name": "CVE-2022-49155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49155"
},
{
"name": "CVE-2022-49156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49156"
},
{
"name": "CVE-2022-49157",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49157"
},
{
"name": "CVE-2022-49158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49158"
},
{
"name": "CVE-2022-49159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49159"
},
{
"name": "CVE-2022-49160",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49160"
},
{
"name": "CVE-2022-49162",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49162"
},
{
"name": "CVE-2022-49163",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49163"
},
{
"name": "CVE-2022-49164",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49164"
},
{
"name": "CVE-2022-49165",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49165"
},
{
"name": "CVE-2022-49174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49174"
},
{
"name": "CVE-2022-49175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49175"
},
{
"name": "CVE-2022-49176",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49176"
},
{
"name": "CVE-2022-49177",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49177"
},
{
"name": "CVE-2022-49179",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49179"
},
{
"name": "CVE-2022-49180",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49180"
},
{
"name": "CVE-2022-49185",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49185"
},
{
"name": "CVE-2022-49187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49187"
},
{
"name": "CVE-2022-49188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49188"
},
{
"name": "CVE-2022-49189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49189"
},
{
"name": "CVE-2022-49193",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49193"
},
{
"name": "CVE-2022-49194",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49194"
},
{
"name": "CVE-2022-49196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49196"
},
{
"name": "CVE-2022-49199",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49199"
},
{
"name": "CVE-2022-49200",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49200"
},
{
"name": "CVE-2022-49206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49206"
},
{
"name": "CVE-2022-49208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49208"
},
{
"name": "CVE-2022-49212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49212"
},
{
"name": "CVE-2022-49213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49213"
},
{
"name": "CVE-2022-49214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49214"
},
{
"name": "CVE-2022-49216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49216"
},
{
"name": "CVE-2022-49217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49217"
},
{
"name": "CVE-2022-49218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49218"
},
{
"name": "CVE-2022-49221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49221"
},
{
"name": "CVE-2022-49222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49222"
},
{
"name": "CVE-2022-49224",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49224"
},
{
"name": "CVE-2022-49226",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49226"
},
{
"name": "CVE-2022-49227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49227"
},
{
"name": "CVE-2022-49232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49232"
},
{
"name": "CVE-2022-49235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49235"
},
{
"name": "CVE-2022-49236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49236"
},
{
"name": "CVE-2022-49239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49239"
},
{
"name": "CVE-2022-49241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49241"
},
{
"name": "CVE-2022-49242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49242"
},
{
"name": "CVE-2022-49243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49243"
},
{
"name": "CVE-2022-49244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49244"
},
{
"name": "CVE-2022-49246",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49246"
},
{
"name": "CVE-2022-49248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49248"
},
{
"name": "CVE-2022-49249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49249"
},
{
"name": "CVE-2022-49250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49250"
},
{
"name": "CVE-2022-49251",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49251"
},
{
"name": "CVE-2022-49252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49252"
},
{
"name": "CVE-2022-49253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49253"
},
{
"name": "CVE-2022-49254",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49254"
},
{
"name": "CVE-2022-49256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49256"
},
{
"name": "CVE-2022-49257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49257"
},
{
"name": "CVE-2022-49258",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49258"
},
{
"name": "CVE-2022-49259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49259"
},
{
"name": "CVE-2022-49260",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49260"
},
{
"name": "CVE-2022-49261",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49261"
},
{
"name": "CVE-2022-49262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49262"
},
{
"name": "CVE-2022-49263",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49263"
},
{
"name": "CVE-2022-49264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49264"
},
{
"name": "CVE-2022-49265",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49265"
},
{
"name": "CVE-2022-49266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49266"
},
{
"name": "CVE-2022-49268",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49268"
},
{
"name": "CVE-2022-49269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49269"
},
{
"name": "CVE-2022-49270",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49270"
},
{
"name": "CVE-2022-49271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49271"
},
{
"name": "CVE-2022-49272",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49272"
},
{
"name": "CVE-2022-49273",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49273"
},
{
"name": "CVE-2022-49274",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49274"
},
{
"name": "CVE-2022-49275",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49275"
},
{
"name": "CVE-2022-49276",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49276"
},
{
"name": "CVE-2022-49277",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49277"
},
{
"name": "CVE-2022-49278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49278"
},
{
"name": "CVE-2022-49279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49279"
},
{
"name": "CVE-2022-49280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49280"
},
{
"name": "CVE-2022-49281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49281"
},
{
"name": "CVE-2022-49283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49283"
},
{
"name": "CVE-2022-49285",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49285"
},
{
"name": "CVE-2022-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49286"
},
{
"name": "CVE-2022-49287",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49287"
},
{
"name": "CVE-2022-49288",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49288"
},
{
"name": "CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"name": "CVE-2022-49291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49291"
},
{
"name": "CVE-2022-49292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49292"
},
{
"name": "CVE-2022-49294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49294"
},
{
"name": "CVE-2022-49295",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49295"
},
{
"name": "CVE-2022-49297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49297"
},
{
"name": "CVE-2022-49298",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49298"
},
{
"name": "CVE-2022-49299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49299"
},
{
"name": "CVE-2022-49300",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49300"
},
{
"name": "CVE-2022-49301",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49301"
},
{
"name": "CVE-2022-49302",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49302"
},
{
"name": "CVE-2022-49304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49304"
},
{
"name": "CVE-2022-49305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49305"
},
{
"name": "CVE-2022-49307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49307"
},
{
"name": "CVE-2022-49308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49308"
},
{
"name": "CVE-2022-49309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49309"
},
{
"name": "CVE-2022-49310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49310"
},
{
"name": "CVE-2022-49311",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49311"
},
{
"name": "CVE-2022-49312",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49312"
},
{
"name": "CVE-2022-49313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49313"
},
{
"name": "CVE-2022-49314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49314"
},
{
"name": "CVE-2022-49315",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49315"
},
{
"name": "CVE-2022-49316",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49316"
},
{
"name": "CVE-2022-49319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49319"
},
{
"name": "CVE-2022-49320",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49320"
},
{
"name": "CVE-2022-49321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49321"
},
{
"name": "CVE-2022-49322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49322"
},
{
"name": "CVE-2022-49323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49323"
},
{
"name": "CVE-2022-49326",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49326"
},
{
"name": "CVE-2022-49327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49327"
},
{
"name": "CVE-2022-49328",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49328"
},
{
"name": "CVE-2022-49331",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49331"
},
{
"name": "CVE-2022-49332",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49332"
},
{
"name": "CVE-2022-49335",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49335"
},
{
"name": "CVE-2022-49336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49336"
},
{
"name": "CVE-2022-49337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49337"
},
{
"name": "CVE-2022-49339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49339"
},
{
"name": "CVE-2022-49341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49341"
},
{
"name": "CVE-2022-49342",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49342"
},
{
"name": "CVE-2022-49343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49343"
},
{
"name": "CVE-2022-49345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49345"
},
{
"name": "CVE-2022-49346",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49346"
},
{
"name": "CVE-2022-49347",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49347"
},
{
"name": "CVE-2022-49348",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49348"
},
{
"name": "CVE-2022-49349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49349"
},
{
"name": "CVE-2022-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49350"
},
{
"name": "CVE-2022-49351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49351"
},
{
"name": "CVE-2022-49352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49352"
},
{
"name": "CVE-2022-49354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49354"
},
{
"name": "CVE-2022-49356",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49356"
},
{
"name": "CVE-2022-49357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49357"
},
{
"name": "CVE-2022-49367",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49367"
},
{
"name": "CVE-2022-49368",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49368"
},
{
"name": "CVE-2022-49370",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49370"
},
{
"name": "CVE-2022-49371",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49371"
},
{
"name": "CVE-2022-49373",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49373"
},
{
"name": "CVE-2022-49375",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49375"
},
{
"name": "CVE-2022-49376",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49376"
},
{
"name": "CVE-2022-49377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49377"
},
{
"name": "CVE-2022-49378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49378"
},
{
"name": "CVE-2022-49379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49379"
},
{
"name": "CVE-2022-49381",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49381"
},
{
"name": "CVE-2022-49382",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49382"
},
{
"name": "CVE-2022-49384",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49384"
},
{
"name": "CVE-2022-49385",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49385"
},
{
"name": "CVE-2022-49386",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49386"
},
{
"name": "CVE-2022-49389",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49389"
},
{
"name": "CVE-2022-49392",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49392"
},
{
"name": "CVE-2022-49394",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49394"
},
{
"name": "CVE-2022-49396",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49396"
},
{
"name": "CVE-2022-49397",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49397"
},
{
"name": "CVE-2022-49398",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49398"
},
{
"name": "CVE-2022-49399",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49399"
},
{
"name": "CVE-2022-49400",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49400"
},
{
"name": "CVE-2022-49402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49402"
},
{
"name": "CVE-2022-49404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49404"
},
{
"name": "CVE-2022-49407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49407"
},
{
"name": "CVE-2022-49409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49409"
},
{
"name": "CVE-2022-49410",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49410"
},
{
"name": "CVE-2022-49411",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49411"
},
{
"name": "CVE-2022-49412",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49412"
},
{
"name": "CVE-2022-49413",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49413"
},
{
"name": "CVE-2022-49414",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49414"
},
{
"name": "CVE-2022-49416",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49416"
},
{
"name": "CVE-2022-49418",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49418"
},
{
"name": "CVE-2022-49421",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49421"
},
{
"name": "CVE-2022-49422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49422"
},
{
"name": "CVE-2022-49424",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49424"
},
{
"name": "CVE-2022-49426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49426"
},
{
"name": "CVE-2022-49427",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49427"
},
{
"name": "CVE-2022-49429",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49429"
},
{
"name": "CVE-2022-49430",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49430"
},
{
"name": "CVE-2022-49431",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49431"
},
{
"name": "CVE-2022-49432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49432"
},
{
"name": "CVE-2022-49433",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49433"
},
{
"name": "CVE-2022-49434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49434"
},
{
"name": "CVE-2022-49435",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49435"
},
{
"name": "CVE-2022-49437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49437"
},
{
"name": "CVE-2022-49438",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49438"
},
{
"name": "CVE-2022-49440",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49440"
},
{
"name": "CVE-2022-49441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49441"
},
{
"name": "CVE-2022-49442",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49442"
},
{
"name": "CVE-2022-49443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49443"
},
{
"name": "CVE-2022-49444",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49444"
},
{
"name": "CVE-2022-49445",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49445"
},
{
"name": "CVE-2022-49447",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49447"
},
{
"name": "CVE-2022-49448",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49448"
},
{
"name": "CVE-2022-49449",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49449"
},
{
"name": "CVE-2022-49451",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49451"
},
{
"name": "CVE-2022-49453",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49453"
},
{
"name": "CVE-2022-49455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49455"
},
{
"name": "CVE-2022-49459",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49459"
},
{
"name": "CVE-2022-49460",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49460"
},
{
"name": "CVE-2022-49462",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49462"
},
{
"name": "CVE-2022-49463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49463"
},
{
"name": "CVE-2022-49466",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49466"
},
{
"name": "CVE-2022-49467",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49467"
},
{
"name": "CVE-2022-49468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49468"
},
{
"name": "CVE-2022-49472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49472"
},
{
"name": "CVE-2022-49473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49473"
},
{
"name": "CVE-2022-49474",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49474"
},
{
"name": "CVE-2022-49475",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49475"
},
{
"name": "CVE-2022-49477",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49477"
},
{
"name": "CVE-2022-49478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49478"
},
{
"name": "CVE-2022-49480",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49480"
},
{
"name": "CVE-2022-49481",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49481"
},
{
"name": "CVE-2022-49482",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49482"
},
{
"name": "CVE-2022-49486",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49486"
},
{
"name": "CVE-2022-49487",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49487"
},
{
"name": "CVE-2022-49488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49488"
},
{
"name": "CVE-2022-49489",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49489"
},
{
"name": "CVE-2022-49491",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49491"
},
{
"name": "CVE-2022-49492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49492"
},
{
"name": "CVE-2022-49493",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49493"
},
{
"name": "CVE-2022-49494",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49494"
},
{
"name": "CVE-2022-49495",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49495"
},
{
"name": "CVE-2022-49498",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49498"
},
{
"name": "CVE-2022-49501",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49501"
},
{
"name": "CVE-2022-49502",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49502"
},
{
"name": "CVE-2022-49503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49503"
},
{
"name": "CVE-2022-49504",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49504"
},
{
"name": "CVE-2022-49505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49505"
},
{
"name": "CVE-2022-49506",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49506"
},
{
"name": "CVE-2022-49507",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49507"
},
{
"name": "CVE-2022-49508",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49508"
},
{
"name": "CVE-2022-49509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49509"
},
{
"name": "CVE-2022-49512",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49512"
},
{
"name": "CVE-2022-49514",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49514"
},
{
"name": "CVE-2022-49515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49515"
},
{
"name": "CVE-2022-49517",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49517"
},
{
"name": "CVE-2022-49519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49519"
},
{
"name": "CVE-2022-49520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49520"
},
{
"name": "CVE-2022-49521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49521"
},
{
"name": "CVE-2022-49522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49522"
},
{
"name": "CVE-2022-49523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49523"
},
{
"name": "CVE-2022-49524",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49524"
},
{
"name": "CVE-2022-49525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49525"
},
{
"name": "CVE-2022-49526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49526"
},
{
"name": "CVE-2022-49527",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49527"
},
{
"name": "CVE-2022-49532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49532"
},
{
"name": "CVE-2022-49534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49534"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2022-49536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49536"
},
{
"name": "CVE-2022-49537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49537"
},
{
"name": "CVE-2022-49541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49541"
},
{
"name": "CVE-2022-49542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49542"
},
{
"name": "CVE-2022-49544",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49544"
},
{
"name": "CVE-2022-49545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49545"
},
{
"name": "CVE-2022-49546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49546"
},
{
"name": "CVE-2022-49549",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49549"
},
{
"name": "CVE-2022-49551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49551"
},
{
"name": "CVE-2022-49555",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49555"
},
{
"name": "CVE-2022-49556",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49556"
},
{
"name": "CVE-2022-49559",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49559"
},
{
"name": "CVE-2022-49562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49562"
},
{
"name": "CVE-2022-49563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49563"
},
{
"name": "CVE-2022-49564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49564"
},
{
"name": "CVE-2022-49566",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49566"
},
{
"name": "CVE-2022-49568",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49568"
},
{
"name": "CVE-2022-49569",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49569"
},
{
"name": "CVE-2022-49570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49570"
},
{
"name": "CVE-2022-49579",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49579"
},
{
"name": "CVE-2022-49581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49581"
},
{
"name": "CVE-2022-49583",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49583"
},
{
"name": "CVE-2022-49584",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49584"
},
{
"name": "CVE-2022-49591",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49591"
},
{
"name": "CVE-2022-49592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49592"
},
{
"name": "CVE-2022-49603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49603"
},
{
"name": "CVE-2022-49605",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49605"
},
{
"name": "CVE-2022-49606",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49606"
},
{
"name": "CVE-2022-49607",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49607"
},
{
"name": "CVE-2022-49609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49609"
},
{
"name": "CVE-2022-49610",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49610"
},
{
"name": "CVE-2022-49611",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49611"
},
{
"name": "CVE-2022-49613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49613"
},
{
"name": "CVE-2022-49615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49615"
},
{
"name": "CVE-2022-49616",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49616"
},
{
"name": "CVE-2022-49617",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49617"
},
{
"name": "CVE-2022-49618",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49618"
},
{
"name": "CVE-2022-49621",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49621"
},
{
"name": "CVE-2022-49623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49623"
},
{
"name": "CVE-2022-49625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49625"
},
{
"name": "CVE-2022-49627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49627"
},
{
"name": "CVE-2022-49628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49628"
},
{
"name": "CVE-2022-49631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49631"
},
{
"name": "CVE-2022-49634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49634"
},
{
"name": "CVE-2022-49640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49640"
},
{
"name": "CVE-2022-49641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49641"
},
{
"name": "CVE-2022-49642",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49642"
},
{
"name": "CVE-2022-49643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49643"
},
{
"name": "CVE-2022-49644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49644"
},
{
"name": "CVE-2022-49645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49645"
},
{
"name": "CVE-2022-49646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49646"
},
{
"name": "CVE-2022-49647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49647"
},
{
"name": "CVE-2022-49648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49648"
},
{
"name": "CVE-2022-49649",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49649"
},
{
"name": "CVE-2022-49652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49652"
},
{
"name": "CVE-2022-49653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49653"
},
{
"name": "CVE-2022-49656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49656"
},
{
"name": "CVE-2022-49657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49657"
},
{
"name": "CVE-2022-49663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49663"
},
{
"name": "CVE-2022-49665",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49665"
},
{
"name": "CVE-2022-49667",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49667"
},
{
"name": "CVE-2022-49668",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49668"
},
{
"name": "CVE-2022-49670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49670"
},
{
"name": "CVE-2022-49671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49671"
},
{
"name": "CVE-2022-49672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49672"
},
{
"name": "CVE-2022-49673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49673"
},
{
"name": "CVE-2022-49674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49674"
},
{
"name": "CVE-2022-49675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49675"
},
{
"name": "CVE-2022-49676",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49676"
},
{
"name": "CVE-2022-49677",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49677"
},
{
"name": "CVE-2022-49678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49678"
},
{
"name": "CVE-2022-49679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49679"
},
{
"name": "CVE-2022-49680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49680"
},
{
"name": "CVE-2022-49683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49683"
},
{
"name": "CVE-2022-49685",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49685"
},
{
"name": "CVE-2022-49687",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49687"
},
{
"name": "CVE-2022-49688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49688"
},
{
"name": "CVE-2022-49693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49693"
},
{
"name": "CVE-2022-49695",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49695"
},
{
"name": "CVE-2022-49699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49699"
},
{
"name": "CVE-2022-49700",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49700"
},
{
"name": "CVE-2022-49701",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49701"
},
{
"name": "CVE-2022-49703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49703"
},
{
"name": "CVE-2022-49704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49704"
},
{
"name": "CVE-2022-49705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49705"
},
{
"name": "CVE-2022-49707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49707"
},
{
"name": "CVE-2022-49708",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49708"
},
{
"name": "CVE-2022-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49710"
},
{
"name": "CVE-2022-49711",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49711"
},
{
"name": "CVE-2022-49712",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49712"
},
{
"name": "CVE-2022-49713",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49713"
},
{
"name": "CVE-2022-49714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49714"
},
{
"name": "CVE-2022-49715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49715"
},
{
"name": "CVE-2022-49716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49716"
},
{
"name": "CVE-2022-49719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49719"
},
{
"name": "CVE-2022-49720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49720"
},
{
"name": "CVE-2022-49721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49721"
},
{
"name": "CVE-2022-49722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49722"
},
{
"name": "CVE-2022-49723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49723"
},
{
"name": "CVE-2022-49724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49724"
},
{
"name": "CVE-2022-49725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49725"
},
{
"name": "CVE-2022-49726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49726"
},
{
"name": "CVE-2022-49729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49729"
},
{
"name": "CVE-2022-49730",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49730"
},
{
"name": "CVE-2022-49731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49731"
},
{
"name": "CVE-2022-49733",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49733"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-47794",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47794"
},
{
"name": "CVE-2024-54683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54683"
},
{
"name": "CVE-2024-56638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56638"
},
{
"name": "CVE-2024-56719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56719"
},
{
"name": "CVE-2024-56758",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56758"
},
{
"name": "CVE-2025-21635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21635"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-57978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57978"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2025-21703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21703"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21794"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-21819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21819"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2021-4454",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4454"
},
{
"name": "CVE-2022-49053",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49053"
},
{
"name": "CVE-2022-49056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49056"
},
{
"name": "CVE-2022-49057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49057"
},
{
"name": "CVE-2022-49062",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49062"
},
{
"name": "CVE-2022-49064",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49064"
},
{
"name": "CVE-2022-49070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49070"
},
{
"name": "CVE-2022-49071",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49071"
},
{
"name": "CVE-2022-49075",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49075"
},
{
"name": "CVE-2022-49123",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49123"
},
{
"name": "CVE-2022-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49125"
},
{
"name": "CVE-2022-49133",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49133"
},
{
"name": "CVE-2022-49136",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49136"
},
{
"name": "CVE-2022-49138",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49138"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2022-49144",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49144"
},
{
"name": "CVE-2022-49183",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49183"
},
{
"name": "CVE-2022-49192",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49192"
},
{
"name": "CVE-2022-49202",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49202"
},
{
"name": "CVE-2022-49203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49203"
},
{
"name": "CVE-2022-49204",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49204"
},
{
"name": "CVE-2022-49205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49205"
},
{
"name": "CVE-2022-49207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49207"
},
{
"name": "CVE-2022-49209",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49209"
},
{
"name": "CVE-2022-49215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49215"
},
{
"name": "CVE-2022-49219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49219"
},
{
"name": "CVE-2022-49225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49225"
},
{
"name": "CVE-2022-49228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49228"
},
{
"name": "CVE-2022-49230",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49230"
},
{
"name": "CVE-2022-49233",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49233"
},
{
"name": "CVE-2022-49237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49237"
},
{
"name": "CVE-2022-49238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49238"
},
{
"name": "CVE-2022-49293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49293"
},
{
"name": "CVE-2022-49296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49296"
},
{
"name": "CVE-2022-49306",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49306"
},
{
"name": "CVE-2022-49325",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49325"
},
{
"name": "CVE-2022-49329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49329"
},
{
"name": "CVE-2022-49330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49330"
},
{
"name": "CVE-2022-49333",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49333"
},
{
"name": "CVE-2022-49338",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49338"
},
{
"name": "CVE-2022-49353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49353"
},
{
"name": "CVE-2022-49359",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49359"
},
{
"name": "CVE-2022-49362",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49362"
},
{
"name": "CVE-2022-49365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49365"
},
{
"name": "CVE-2022-49390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49390"
},
{
"name": "CVE-2022-49406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49406"
},
{
"name": "CVE-2022-49419",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49419"
},
{
"name": "CVE-2022-49436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49436"
},
{
"name": "CVE-2022-49446",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49446"
},
{
"name": "CVE-2022-49458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49458"
},
{
"name": "CVE-2022-49465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49465"
},
{
"name": "CVE-2022-49470",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49470"
},
{
"name": "CVE-2022-49476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49476"
},
{
"name": "CVE-2022-49479",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49479"
},
{
"name": "CVE-2022-49483",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49483"
},
{
"name": "CVE-2022-49484",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49484"
},
{
"name": "CVE-2022-49485",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49485"
},
{
"name": "CVE-2022-49497",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49497"
},
{
"name": "CVE-2022-49499",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49499"
},
{
"name": "CVE-2022-49510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49510"
},
{
"name": "CVE-2022-49511",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49511"
},
{
"name": "CVE-2022-49516",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49516"
},
{
"name": "CVE-2022-49518",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49518"
},
{
"name": "CVE-2022-49529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49529"
},
{
"name": "CVE-2022-49530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49530"
},
{
"name": "CVE-2022-49533",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49533"
},
{
"name": "CVE-2022-49538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49538"
},
{
"name": "CVE-2022-49543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49543"
},
{
"name": "CVE-2022-49548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49548"
},
{
"name": "CVE-2022-49552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49552"
},
{
"name": "CVE-2022-49560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49560"
},
{
"name": "CVE-2022-49565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49565"
},
{
"name": "CVE-2022-49624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49624"
},
{
"name": "CVE-2022-49635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49635"
},
{
"name": "CVE-2022-49638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49638"
},
{
"name": "CVE-2022-49650",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49650"
},
{
"name": "CVE-2022-49655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49655"
},
{
"name": "CVE-2022-49658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49658"
},
{
"name": "CVE-2022-49686",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49686"
},
{
"name": "CVE-2022-49694",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49694"
},
{
"name": "CVE-2022-49697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49697"
},
{
"name": "CVE-2022-49732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49732"
},
{
"name": "CVE-2022-49739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49739"
},
{
"name": "CVE-2022-49746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49746"
},
{
"name": "CVE-2022-49748",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49748"
},
{
"name": "CVE-2022-49751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49751"
},
{
"name": "CVE-2022-49753",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49753"
},
{
"name": "CVE-2022-49755",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49755"
},
{
"name": "CVE-2022-49759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49759"
},
{
"name": "CVE-2023-52831",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52831"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2023-52930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52930"
},
{
"name": "CVE-2023-52933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52933"
},
{
"name": "CVE-2023-52935",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52935"
},
{
"name": "CVE-2023-52939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52939"
},
{
"name": "CVE-2023-52941",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52941"
},
{
"name": "CVE-2023-52973",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52973"
},
{
"name": "CVE-2023-52974",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52974"
},
{
"name": "CVE-2023-52975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52975"
},
{
"name": "CVE-2023-52976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52976"
},
{
"name": "CVE-2023-52979",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52979"
},
{
"name": "CVE-2023-52983",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52983"
},
{
"name": "CVE-2023-52984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52984"
},
{
"name": "CVE-2023-52988",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52988"
},
{
"name": "CVE-2023-52989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52989"
},
{
"name": "CVE-2023-52992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52992"
},
{
"name": "CVE-2023-52993",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52993"
},
{
"name": "CVE-2023-53000",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53000"
},
{
"name": "CVE-2023-53005",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53005"
},
{
"name": "CVE-2023-53006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53006"
},
{
"name": "CVE-2023-53007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53007"
},
{
"name": "CVE-2023-53008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53008"
},
{
"name": "CVE-2023-53010",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53010"
},
{
"name": "CVE-2023-53015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53015"
},
{
"name": "CVE-2023-53016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53016"
},
{
"name": "CVE-2023-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53019"
},
{
"name": "CVE-2023-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53023"
},
{
"name": "CVE-2023-53024",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53024"
},
{
"name": "CVE-2023-53025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53025"
},
{
"name": "CVE-2023-53026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53026"
},
{
"name": "CVE-2023-53028",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53028"
},
{
"name": "CVE-2023-53029",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53029"
},
{
"name": "CVE-2023-53030",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53030"
},
{
"name": "CVE-2023-53033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53033"
},
{
"name": "CVE-2024-41149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41149"
},
{
"name": "CVE-2024-46736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46736"
},
{
"name": "CVE-2024-46796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46796"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2024-57947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57947"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2024-58012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58012"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21693"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21831"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-21850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21850"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21876"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0307",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1177-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251177-1"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1180-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251180-1"
},
{
"published_at": "2025-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1194-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251194-1"
},
{
"published_at": "2025-04-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1195-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251195-1"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1178-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251178-1"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1176-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251176-1"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1183-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251183-1"
}
]
}
CERTFR-2025-AVI-0449
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | N/A | openSUSE Leap 15.3 | ||
| SUSE | N/A | SUSE Enterprise Storage 7.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP3 Business Critical Linux | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.2 | ||
| SUSE | N/A | openSUSE Leap 15.6 | ||
| SUSE | N/A | Legacy Module 15-SP6 | ||
| SUSE | N/A | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Desktop 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | N/A | SUSE Manager Retail Branch Server 4.2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP6 | ||
| SUSE | N/A | SUSE Manager Proxy 4.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | N/A | openSUSE Leap 15.5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | N/A | Basesystem Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | N/A | Development Tools Module 15-SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15 SP6 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | N/A | SUSE Manager Server 4.2 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security | ||
| SUSE | N/A | SUSE Manager Proxy 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP5 LTSS | ||
| SUSE | N/A | SUSE Manager Server 4.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP3 LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | N/A | openSUSE Leap 15.4 | ||
| SUSE | N/A | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability Extension 15 SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Server for SAP Applications 15 SP6 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Enterprise Storage 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 Business Critical Linux",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3 LTSS",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP3",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-0179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0179"
},
{
"name": "CVE-2024-27018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27018"
},
{
"name": "CVE-2024-27415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27415"
},
{
"name": "CVE-2022-48933",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48933"
},
{
"name": "CVE-2024-43882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43882"
},
{
"name": "CVE-2024-46763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
},
{
"name": "CVE-2024-46784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46784"
},
{
"name": "CVE-2024-46865",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46865"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2024-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53042"
},
{
"name": "CVE-2021-47163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47163"
},
{
"name": "CVE-2024-42307",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42307"
},
{
"name": "CVE-2024-50038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50038"
},
{
"name": "CVE-2024-50115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50115"
},
{
"name": "CVE-2024-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50083"
},
{
"name": "CVE-2024-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50162"
},
{
"name": "CVE-2024-50163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50163"
},
{
"name": "CVE-2024-53156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53156"
},
{
"name": "CVE-2024-56590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56590"
},
{
"name": "CVE-2024-56641",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56641"
},
{
"name": "CVE-2024-56642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56642"
},
{
"name": "CVE-2024-56661",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56661"
},
{
"name": "CVE-2024-49994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49994"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2024-53139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53139"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2021-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47659"
},
{
"name": "CVE-2022-49044",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49044"
},
{
"name": "CVE-2022-49055",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49055"
},
{
"name": "CVE-2022-49060",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49060"
},
{
"name": "CVE-2022-49086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49086"
},
{
"name": "CVE-2022-49111",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49111"
},
{
"name": "CVE-2022-49118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49118"
},
{
"name": "CVE-2022-49121",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49121"
},
{
"name": "CVE-2022-49137",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49137"
},
{
"name": "CVE-2022-49175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49175"
},
{
"name": "CVE-2022-49176",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49176"
},
{
"name": "CVE-2022-49179",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49179"
},
{
"name": "CVE-2022-49188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49188"
},
{
"name": "CVE-2022-49232",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49232"
},
{
"name": "CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"name": "CVE-2022-49305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49305"
},
{
"name": "CVE-2022-49335",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49335"
},
{
"name": "CVE-2022-49351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49351"
},
{
"name": "CVE-2022-49385",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49385"
},
{
"name": "CVE-2022-49411",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49411"
},
{
"name": "CVE-2022-49442",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49442"
},
{
"name": "CVE-2022-49478",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49478"
},
{
"name": "CVE-2022-49489",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49489"
},
{
"name": "CVE-2022-49504",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49504"
},
{
"name": "CVE-2022-49521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49521"
},
{
"name": "CVE-2022-49525",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49525"
},
{
"name": "CVE-2022-49534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49534"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2022-49536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49536"
},
{
"name": "CVE-2022-49537",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49537"
},
{
"name": "CVE-2022-49542",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49542"
},
{
"name": "CVE-2022-49668",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49668"
},
{
"name": "CVE-2022-49693",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49693"
},
{
"name": "CVE-2022-49725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49725"
},
{
"name": "CVE-2022-49730",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49730"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-54683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54683"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21635"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2022-49205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49205"
},
{
"name": "CVE-2022-49325",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49325"
},
{
"name": "CVE-2022-49390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49390"
},
{
"name": "CVE-2022-49465",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49465"
},
{
"name": "CVE-2022-49658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49658"
},
{
"name": "CVE-2022-49753",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49753"
},
{
"name": "CVE-2023-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53023"
},
{
"name": "CVE-2023-53026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53026"
},
{
"name": "CVE-2023-53033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53033"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2023-53031",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53031"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-21696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21696"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22033"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-22093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22093"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2024-28956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28956"
},
{
"name": "CVE-2025-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21953"
},
{
"name": "CVE-2020-36789",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36789"
},
{
"name": "CVE-2021-47668",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47668"
},
{
"name": "CVE-2021-47669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47669"
},
{
"name": "CVE-2021-47670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47670"
},
{
"name": "CVE-2021-47671",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47671"
},
{
"name": "CVE-2022-49110",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49110"
},
{
"name": "CVE-2022-49171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49171"
},
{
"name": "CVE-2022-49197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49197"
},
{
"name": "CVE-2022-49561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49561"
},
{
"name": "CVE-2022-49590",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49590"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2022-49741",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49741"
},
{
"name": "CVE-2022-49745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49745"
},
{
"name": "CVE-2022-49749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49749"
},
{
"name": "CVE-2022-49767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49767"
},
{
"name": "CVE-2023-52928",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52928"
},
{
"name": "CVE-2023-52931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52931"
},
{
"name": "CVE-2023-52936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52936"
},
{
"name": "CVE-2023-52937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52937"
},
{
"name": "CVE-2023-52938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52938"
},
{
"name": "CVE-2023-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52981"
},
{
"name": "CVE-2023-52982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52982"
},
{
"name": "CVE-2023-52986",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52986"
},
{
"name": "CVE-2023-52994",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52994"
},
{
"name": "CVE-2023-53001",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53001"
},
{
"name": "CVE-2023-53002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53002"
},
{
"name": "CVE-2023-53009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53009"
},
{
"name": "CVE-2023-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53014"
},
{
"name": "CVE-2023-53018",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53018"
},
{
"name": "CVE-2023-53032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53032"
},
{
"name": "CVE-2023-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53051"
},
{
"name": "CVE-2024-35840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35840"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-58094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58094"
},
{
"name": "CVE-2024-58095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58095"
},
{
"name": "CVE-2024-58096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58096"
},
{
"name": "CVE-2024-58097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58097"
},
{
"name": "CVE-2025-21729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21729"
},
{
"name": "CVE-2025-21755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21755"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21833"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21852"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2025-21884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2025-21923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21923"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21931"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2025-21985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21985"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22029"
},
{
"name": "CVE-2025-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22036"
},
{
"name": "CVE-2025-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22053"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-22064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22064"
},
{
"name": "CVE-2025-22065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22065"
},
{
"name": "CVE-2025-22080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22080"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-22102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22102"
},
{
"name": "CVE-2025-22104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22104"
},
{
"name": "CVE-2025-22105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22105"
},
{
"name": "CVE-2025-22106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22106"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2025-22108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22108"
},
{
"name": "CVE-2025-22109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22109"
},
{
"name": "CVE-2025-22115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22115"
},
{
"name": "CVE-2025-22116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22116"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-22128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22128"
},
{
"name": "CVE-2025-23129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23129"
},
{
"name": "CVE-2025-23131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23131"
},
{
"name": "CVE-2025-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23133"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37799"
},
{
"name": "CVE-2025-37860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37860"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0449",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-23T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01627-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501627-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01611-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501611-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01614-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501614-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01656-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501656-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01652-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501652-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01668-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501668-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01601-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501601-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01682-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501682-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01590-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501590-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01676-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501676-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01655-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501655-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01620-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501620-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01633-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501633-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01672-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501672-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01593-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501593-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01600-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501600-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01675-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501675-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01603-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501603-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01669-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501669-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01677-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501677-1"
},
{
"published_at": "2025-05-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1574-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251574-1"
},
{
"published_at": "2025-05-20",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01598-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501598-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01640-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501640-1"
},
{
"published_at": "2025-05-21",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01610-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501610-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01683-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501683-1"
},
{
"published_at": "2025-05-22",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01663-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501663-1"
},
{
"published_at": "2025-05-16",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:1573-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251573-1"
}
]
}
CERTFR-2025-AVI-0605
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la politique de sécurité et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 20.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 25.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2023-52664",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52664"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-50055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50055"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2021-47211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47211"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-56599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56599"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2023-52741",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52741"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2024-56551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56551"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2021-47191",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2024-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26996"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-53168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2024-26689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26689"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26982"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0605",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, un contournement de la politique de s\u00e9curit\u00e9 et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7610-3",
"url": "https://ubuntu.com/security/notices/USN-7610-3"
},
{
"published_at": "2025-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-6",
"url": "https://ubuntu.com/security/notices/USN-7608-6"
},
{
"published_at": "2025-07-16",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7640-1",
"url": "https://ubuntu.com/security/notices/USN-7640-1"
},
{
"published_at": "2025-07-17",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7611-3",
"url": "https://ubuntu.com/security/notices/USN-7611-3"
},
{
"published_at": "2025-07-16",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7585-7",
"url": "https://ubuntu.com/security/notices/USN-7585-7"
}
]
}
CERTFR-2025-AVI-0758
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2023-52477",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2024-50202",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50202"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2024-50051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50051"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2024-53131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53131"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2024-53130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53130"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2021-47345",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47345"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-47685",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47685"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2024-57984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57984"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2024-27074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27074"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2024-50073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50073"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0758",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-09-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7726-4",
"url": "https://ubuntu.com/security/notices/USN-7726-4"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7725-1",
"url": "https://ubuntu.com/security/notices/USN-7725-1"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7726-2",
"url": "https://ubuntu.com/security/notices/USN-7726-2"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7703-4",
"url": "https://ubuntu.com/security/notices/USN-7703-4"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7726-3",
"url": "https://ubuntu.com/security/notices/USN-7726-3"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7724-1",
"url": "https://ubuntu.com/security/notices/USN-7724-1"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7727-2",
"url": "https://ubuntu.com/security/notices/USN-7727-2"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7725-2",
"url": "https://ubuntu.com/security/notices/USN-7725-2"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7704-5",
"url": "https://ubuntu.com/security/notices/USN-7704-5"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7727-1",
"url": "https://ubuntu.com/security/notices/USN-7727-1"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7727-3",
"url": "https://ubuntu.com/security/notices/USN-7727-3"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7726-1",
"url": "https://ubuntu.com/security/notices/USN-7726-1"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7712-2",
"url": "https://ubuntu.com/security/notices/USN-7712-2"
},
{
"published_at": "2025-09-02",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7725-3",
"url": "https://ubuntu.com/security/notices/USN-7725-3"
},
{
"published_at": "2025-09-03",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7737-1",
"url": "https://ubuntu.com/security/notices/USN-7737-1"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-0463
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian LTS. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 6.1.137-1~deb11u1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 5.10.237-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
},
{
"name": "CVE-2023-52621",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52621"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2024-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26982"
},
{
"name": "CVE-2024-27056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27056"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2024-26656",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26656"
},
{
"name": "CVE-2021-47489",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47489"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2024-26928",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26928"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2021-47247",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47247"
},
{
"name": "CVE-2023-52752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52752"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2024-39494",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39494"
},
{
"name": "CVE-2023-52857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52857"
},
{
"name": "CVE-2024-26767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26767"
},
{
"name": "CVE-2024-38611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38611"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2024-41073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41073"
},
{
"name": "CVE-2024-40973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40973"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2024-43831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43831"
},
{
"name": "CVE-2024-44938",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44938"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2024-46772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46772"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2024-42129",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42129"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2024-47730",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47730"
},
{
"name": "CVE-2024-47753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47753"
},
{
"name": "CVE-2024-47754",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47754"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2024-50063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50063"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2024-46733",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46733"
},
{
"name": "CVE-2024-46823",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46823"
},
{
"name": "CVE-2024-50154",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50154"
},
{
"name": "CVE-2024-50246",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50246"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2024-53166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53166"
},
{
"name": "CVE-2024-56599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56599"
},
{
"name": "CVE-2024-56609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56609"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2024-56608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56608"
},
{
"name": "CVE-2024-56658",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56658"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2024-47726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47726"
},
{
"name": "CVE-2024-50056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50056"
},
{
"name": "CVE-2025-21700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21700"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-49309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49309"
},
{
"name": "CVE-2022-49546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49546"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2022-49219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49219"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21702"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2025-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21938"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2022-49046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49046"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22033"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-22038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22038"
},
{
"name": "CVE-2025-22040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22040"
},
{
"name": "CVE-2025-22041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22041"
},
{
"name": "CVE-2025-22042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22042"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22049"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-22072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22072"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-22093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22093"
},
{
"name": "CVE-2025-22095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22095"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-22126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22126"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2022-49190",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49190"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23141"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-37748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37748"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37769"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37772"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-37775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37775"
},
{
"name": "CVE-2025-37778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37778"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-37782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37782"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-37801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37801"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37815"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-37818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37818"
},
{
"name": "CVE-2025-37820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37820"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37849"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-37852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37852"
},
{
"name": "CVE-2025-37854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37854"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-37865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37865"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-37879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37879"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2025-37884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37884"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-37938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37938"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-37979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37979"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0463",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian LTS. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian LTS",
"vendor_advisories": [
{
"published_at": "2025-05-25",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4178-1",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"published_at": "2025-05-30",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4193-1",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
}
]
}
CERTFR-2025-AVI-0559
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 20.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 25.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.10",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-40114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40114"
},
{
"name": "CVE-2024-50116",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50116"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2025-22026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22026"
},
{
"name": "CVE-2023-52664",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52664"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-37761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37761"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2025-22083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22083"
},
{
"name": "CVE-2025-37865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37865"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2025-22074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22074"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2025-22110",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22110"
},
{
"name": "CVE-2025-37775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37775"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2025-22033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22033"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-22034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22034"
},
{
"name": "CVE-2025-37872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37872"
},
{
"name": "CVE-2024-58094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58094"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2024-53222",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53222"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22036"
},
{
"name": "CVE-2025-23155",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23155"
},
{
"name": "CVE-2025-37751",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37751"
},
{
"name": "CVE-2025-37870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37870"
},
{
"name": "CVE-2025-22100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22100"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-37979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37979"
},
{
"name": "CVE-2025-22069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22069"
},
{
"name": "CVE-2025-37777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37777"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-38104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38104"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37778"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-22040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22040"
},
{
"name": "CVE-2025-37847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37847"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-22126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22126"
},
{
"name": "CVE-2025-37755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37755"
},
{
"name": "CVE-2025-37880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37880"
},
{
"name": "CVE-2025-37833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37833"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-37762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37762"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-23129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23129"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2025-22059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22059"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22019"
},
{
"name": "CVE-2025-22106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22106"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-22046",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22046"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2025-22093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22093"
},
{
"name": "CVE-2025-37852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37852"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-22125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22125"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-22082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22082"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-23131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23131"
},
{
"name": "CVE-2022-49909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49909"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22103"
},
{
"name": "CVE-2025-37784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37784"
},
{
"name": "CVE-2025-37743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37743"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37815"
},
{
"name": "CVE-2025-37860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37860"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-22095",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22095"
},
{
"name": "CVE-2025-37760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37760"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-22023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22023"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2025-37943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37943"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-37745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37745"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2024-58092",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58092"
},
{
"name": "CVE-2025-39778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39778"
},
{
"name": "CVE-2025-37882",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37882"
},
{
"name": "CVE-2025-22091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22091"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-22030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22030"
},
{
"name": "CVE-2025-22116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22116"
},
{
"name": "CVE-2025-37848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37848"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-23160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23160"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-22039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22039"
},
{
"name": "CVE-2025-37842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37842"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-22084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22084"
},
{
"name": "CVE-2025-22031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22031"
},
{
"name": "CVE-2025-37744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37744"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22067"
},
{
"name": "CVE-2025-37884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37884"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-37869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37869"
},
{
"name": "CVE-2024-56721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56721"
},
{
"name": "CVE-2025-22105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22105"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2025-37834",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37834"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-21990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21990"
},
{
"name": "CVE-2025-22117",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22117"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2025-22000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22000"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-23137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23137"
},
{
"name": "CVE-2025-37853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37853"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-37764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37764"
},
{
"name": "CVE-2025-39755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39755"
},
{
"name": "CVE-2025-39688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39688"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37806"
},
{
"name": "CVE-2025-37822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37822"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-37821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37821"
},
{
"name": "CVE-2025-37820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37820"
},
{
"name": "CVE-2025-21974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21974"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2025-22080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22080"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-37878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37878"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2024-53197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53197"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2021-47211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47211"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-37813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37813"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-58095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58095"
},
{
"name": "CVE-2025-23162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23162"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-40014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40014"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-56599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56599"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-21984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21984"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-22051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22051"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-37887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37887"
},
{
"name": "CVE-2025-37861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37861"
},
{
"name": "CVE-2025-37938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37938"
},
{
"name": "CVE-2025-37746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37746"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2025-22112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22112"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-49958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49958"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-37783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37783"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2025-37874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37874"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-37855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37855"
},
{
"name": "CVE-2025-37988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37988"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2025-37816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37816"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-39989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39989"
},
{
"name": "CVE-2025-22028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22028"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-37828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37828"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37769"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-39930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39930"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-21973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21973"
},
{
"name": "CVE-2025-37791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37791"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-38240",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38240"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-37831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37831"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-37945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37945"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-23135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23135"
},
{
"name": "CVE-2025-22043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22043"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2025-21989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21989"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2025-22057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22057"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-22113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22113"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37978"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-22114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22114"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-23143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23143"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-23141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23141"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2025-37941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37941"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-22068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22068"
},
{
"name": "CVE-2025-37793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37793"
},
{
"name": "CVE-2025-22111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22111"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-37826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37826"
},
{
"name": "CVE-2025-37986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37986"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2021-47260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47260"
},
{
"name": "CVE-2025-22052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22052"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2025-37799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37799"
},
{
"name": "CVE-2025-37779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37779"
},
{
"name": "CVE-2025-37801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37801"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2025-37863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37863"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-22104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22104"
},
{
"name": "CVE-2025-37864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37864"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2025-22118",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22118"
},
{
"name": "CVE-2025-21998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21998"
},
{
"name": "CVE-2025-37939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37939"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-22072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22072"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2025-22024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22024"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-37925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37925"
},
{
"name": "CVE-2025-22085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22085"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2025-37984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37984"
},
{
"name": "CVE-2025-38479",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38479"
},
{
"name": "CVE-2025-37856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37856"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2025-37981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37981"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2024-56551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56551"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2021-47576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2025-22109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22109"
},
{
"name": "CVE-2025-22047",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22047"
},
{
"name": "CVE-2025-23132",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23132"
},
{
"name": "CVE-2025-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22070"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-23153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23153"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-22094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22094"
},
{
"name": "CVE-2025-22065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22065"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-37846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37846"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2025-22101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22101"
},
{
"name": "CVE-2025-23152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23152"
},
{
"name": "CVE-2025-22096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22096"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-23149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23149"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-37873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37873"
},
{
"name": "CVE-2025-22061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22061"
},
{
"name": "CVE-2025-37802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37802"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2025-22076",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22076"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2024-58096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58096"
},
{
"name": "CVE-2025-22037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22037"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-37977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37977"
},
{
"name": "CVE-2025-37827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37827"
},
{
"name": "CVE-2025-37747",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37747"
},
{
"name": "CVE-2025-37748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37748"
},
{
"name": "CVE-2025-21893",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21893"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-22002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22002"
},
{
"name": "CVE-2025-37944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37944"
},
{
"name": "CVE-2024-47726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47726"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-37825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37825"
},
{
"name": "CVE-2025-22022",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22022"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37975"
},
{
"name": "CVE-2025-23134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23134"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22119"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-37809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37809"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2025-37814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37814"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-22102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22102"
},
{
"name": "CVE-2025-37987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37987"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-37876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37876"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-37772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37772"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-21923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21923"
},
{
"name": "CVE-2024-58097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58097"
},
{
"name": "CVE-2025-23130",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23130"
},
{
"name": "CVE-2025-23154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23154"
},
{
"name": "CVE-2025-22087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22087"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-53168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-37754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37754"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-22042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22042"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-22124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22124"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2025-37776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37776"
},
{
"name": "CVE-2025-22092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22092"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-37942",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37942"
},
{
"name": "CVE-2025-37759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37759"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-37886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37886"
},
{
"name": "CVE-2025-37877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37877"
},
{
"name": "CVE-2025-22038",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22038"
},
{
"name": "CVE-2025-37800",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37800"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-22099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22099"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-22108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22108"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-37866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37866"
},
{
"name": "CVE-2025-37763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37763"
},
{
"name": "CVE-2025-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23133"
},
{
"name": "CVE-2025-22128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22128"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37868"
},
{
"name": "CVE-2025-37843",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37843"
},
{
"name": "CVE-2025-37786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37786"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-57978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57978"
},
{
"name": "CVE-2024-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26982"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2025-37807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37807"
},
{
"name": "CVE-2025-22098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22098"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2025-40325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40325"
},
{
"name": "CVE-2024-56608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56608"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-22122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22122"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22078"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-37845",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37845"
},
{
"name": "CVE-2025-37980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37980"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37837",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37837"
},
{
"name": "CVE-2025-37879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37879"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2025-22064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22064"
},
{
"name": "CVE-2025-37849",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37849"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2025-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22053"
},
{
"name": "CVE-2025-37888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37888"
},
{
"name": "CVE-2025-38049",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38049"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-21902",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21902"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-22041",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22041"
},
{
"name": "CVE-2025-22127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22127"
},
{
"name": "CVE-2025-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21939"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-37774",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37774"
},
{
"name": "CVE-2025-22115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22115"
},
{
"name": "CVE-2025-22032",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22032"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2025-22120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22120"
},
{
"name": "CVE-2025-37854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37854"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-22123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22123"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0559",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-04T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7607-2",
"url": "https://ubuntu.com/security/notices/USN-7607-2"
},
{
"published_at": "2025-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7595-3",
"url": "https://ubuntu.com/security/notices/USN-7595-3"
},
{
"published_at": "2025-07-03",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7585-6",
"url": "https://ubuntu.com/security/notices/USN-7585-6"
},
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7605-1",
"url": "https://ubuntu.com/security/notices/USN-7605-1"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-3",
"url": "https://ubuntu.com/security/notices/USN-7608-3"
},
{
"published_at": "2025-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7602-1",
"url": "https://ubuntu.com/security/notices/USN-7602-1"
},
{
"published_at": "2025-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7594-2",
"url": "https://ubuntu.com/security/notices/USN-7594-2"
},
{
"published_at": "2025-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7596-2",
"url": "https://ubuntu.com/security/notices/USN-7596-2"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7609-1",
"url": "https://ubuntu.com/security/notices/USN-7609-1"
},
{
"published_at": "2025-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7585-4",
"url": "https://ubuntu.com/security/notices/USN-7585-4"
},
{
"published_at": "2025-07-03",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-4",
"url": "https://ubuntu.com/security/notices/USN-7608-4"
},
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7606-1",
"url": "https://ubuntu.com/security/notices/USN-7606-1"
},
{
"published_at": "2025-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7595-4",
"url": "https://ubuntu.com/security/notices/USN-7595-4"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-2",
"url": "https://ubuntu.com/security/notices/USN-7608-2"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7607-1",
"url": "https://ubuntu.com/security/notices/USN-7607-1"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-1",
"url": "https://ubuntu.com/security/notices/USN-7608-1"
},
{
"published_at": "2025-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7609-2",
"url": "https://ubuntu.com/security/notices/USN-7609-2"
},
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7595-5",
"url": "https://ubuntu.com/security/notices/USN-7595-5"
},
{
"published_at": "2025-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7585-5",
"url": "https://ubuntu.com/security/notices/USN-7585-5"
}
]
}
CERTFR-2025-AVI-0277
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian LTS. Elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian LTS bullseye versions ant\u00e9rieures \u00e0 6.1.129-1~deb11u1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-42122",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42122"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-56549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56549"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21794"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2024-26596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26596"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21819"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2024-45001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45001"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-47726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47726"
},
{
"name": "CVE-2024-50061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50061"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2024-40945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40945"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2024-42069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42069"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-57978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57978"
},
{
"name": "CVE-2025-21703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21703"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21700",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21700"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0277",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian LTS. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian LTS",
"vendor_advisories": [
{
"published_at": "2025-03-31",
"title": "Bulletin de s\u00e9curit\u00e9 Debian LTS DLA-4102-1",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
}
]
}
CERTFR-2025-AVI-0625
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Ubuntu Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 20.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 25.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-37896",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37896"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-37936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37936"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37918"
},
{
"name": "CVE-2025-37917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37917"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-38216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38216"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37920"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-37898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37898"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2025-37924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37924"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37897",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37897"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-37926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37926"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37931"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-37934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37934"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-37899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37899"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-37921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37921"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-37935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37935"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-37903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37903"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37907"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2025-37904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37904"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2025-37946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37946"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2025-37901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37901"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-37916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37916"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-37906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37906"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2024-56551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56551"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2025-37928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37928"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-37922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37922"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2024-57984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57984"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-53168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37891"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-37895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37895"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-37933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37933"
},
{
"name": "CVE-2025-37900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37900"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-37908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37908"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37929"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2024-56608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56608"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-37894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37894"
},
{
"name": "CVE-2025-37919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37919"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-37910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37910"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0625",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Ubuntu Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-5",
"url": "https://ubuntu.com/security/notices/USN-7651-5"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-6",
"url": "https://ubuntu.com/security/notices/USN-7651-6"
},
{
"published_at": "2025-07-18",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7654-3",
"url": "https://ubuntu.com/security/notices/USN-7654-3"
},
{
"published_at": "2025-07-21",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7611-4",
"url": "https://ubuntu.com/security/notices/USN-7611-4"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7665-2",
"url": "https://ubuntu.com/security/notices/USN-7665-2"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-3",
"url": "https://ubuntu.com/security/notices/USN-7651-3"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7649-2",
"url": "https://ubuntu.com/security/notices/USN-7649-2"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7665-1",
"url": "https://ubuntu.com/security/notices/USN-7665-1"
},
{
"published_at": "2025-07-18",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7654-2",
"url": "https://ubuntu.com/security/notices/USN-7654-2"
},
{
"published_at": "2025-07-18",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7655-1",
"url": "https://ubuntu.com/security/notices/USN-7655-1"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7654-4",
"url": "https://ubuntu.com/security/notices/USN-7654-4"
},
{
"published_at": "2025-07-18",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-2",
"url": "https://ubuntu.com/security/notices/USN-7651-2"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-4",
"url": "https://ubuntu.com/security/notices/USN-7651-4"
}
]
}
CERTFR-2025-AVI-0509
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | Confidential Computing Module | Confidential Computing Module 15-SP6 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.6 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | SUSE Linux Micro | SUSE Linux Micro 6.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Confidential Computing Module 15-SP6",
"product": {
"name": "Confidential Computing Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2022-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3619"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2023-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
},
{
"name": "CVE-2024-27018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27018"
},
{
"name": "CVE-2024-26634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26634"
},
{
"name": "CVE-2024-35910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35910"
},
{
"name": "CVE-2024-26873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26873"
},
{
"name": "CVE-2024-27415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27415"
},
{
"name": "CVE-2024-35826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35826"
},
{
"name": "CVE-2024-41005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41005"
},
{
"name": "CVE-2024-38606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
},
{
"name": "CVE-2024-41077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41077"
},
{
"name": "CVE-2024-46713",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46713"
},
{
"name": "CVE-2024-46763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
},
{
"name": "CVE-2024-46782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
},
{
"name": "CVE-2024-46865",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46865"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-49855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49855"
},
{
"name": "CVE-2024-50036",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50036"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50290",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50290"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2024-53063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53063"
},
{
"name": "CVE-2024-42307",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42307"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-49924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49924"
},
{
"name": "CVE-2024-50038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50038"
},
{
"name": "CVE-2024-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50083"
},
{
"name": "CVE-2024-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50162"
},
{
"name": "CVE-2024-50163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50163"
},
{
"name": "CVE-2024-53135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53135"
},
{
"name": "CVE-2024-53140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53140"
},
{
"name": "CVE-2024-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50106"
},
{
"name": "CVE-2024-53168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
},
{
"name": "CVE-2024-56558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56558"
},
{
"name": "CVE-2024-56641",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56641"
},
{
"name": "CVE-2024-49994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49994"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2024-56703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56703"
},
{
"name": "CVE-2025-21631",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21631"
},
{
"name": "CVE-2025-21648",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21648"
},
{
"name": "CVE-2025-21671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21671"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2024-53177",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53177"
},
{
"name": "CVE-2024-49940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49940"
},
{
"name": "CVE-2024-50029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50029"
},
{
"name": "CVE-2024-50056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50056"
},
{
"name": "CVE-2024-50140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50140"
},
{
"name": "CVE-2024-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50152"
},
{
"name": "CVE-2024-50223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50223"
},
{
"name": "CVE-2024-50294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50294"
},
{
"name": "CVE-2024-53139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53139"
},
{
"name": "CVE-2024-53163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53163"
},
{
"name": "CVE-2024-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53176"
},
{
"name": "CVE-2024-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53178"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-52926",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52926"
},
{
"name": "CVE-2024-47408",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47408"
},
{
"name": "CVE-2024-49571",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49571"
},
{
"name": "CVE-2024-53680",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53680"
},
{
"name": "CVE-2024-56640",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56640"
},
{
"name": "CVE-2024-56718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56718"
},
{
"name": "CVE-2024-56770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56770"
},
{
"name": "CVE-2024-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57807"
},
{
"name": "CVE-2024-57900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57900"
},
{
"name": "CVE-2022-49080",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49080"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-49563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49563"
},
{
"name": "CVE-2022-49564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49564"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-47794",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47794"
},
{
"name": "CVE-2024-54683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54683"
},
{
"name": "CVE-2024-56638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56638"
},
{
"name": "CVE-2024-56719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56719"
},
{
"name": "CVE-2024-56758",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56758"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21635"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-57978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57978"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2025-21703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21703"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-21794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21794"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-21819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21819"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2023-52831",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52831"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2024-41149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41149"
},
{
"name": "CVE-2024-46736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46736"
},
{
"name": "CVE-2024-46796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46796"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2024-57947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57947"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2024-58012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58012"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21693"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21831"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-21850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21850"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21876"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2025-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21702"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-21696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21696"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22033"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-22093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22093"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-22126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22126"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2024-28956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28956"
},
{
"name": "CVE-2025-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21953"
},
{
"name": "CVE-2022-49110",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49110"
},
{
"name": "CVE-2022-49767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49767"
},
{
"name": "CVE-2023-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53051"
},
{
"name": "CVE-2024-35840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35840"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-58094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58094"
},
{
"name": "CVE-2024-58095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58095"
},
{
"name": "CVE-2024-58096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58096"
},
{
"name": "CVE-2024-58097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58097"
},
{
"name": "CVE-2025-21729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21729"
},
{
"name": "CVE-2025-21755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21755"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21833"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21852"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2025-21884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2025-21923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21923"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21931"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-21985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21985"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22029"
},
{
"name": "CVE-2025-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22036"
},
{
"name": "CVE-2025-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22053"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-22064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22064"
},
{
"name": "CVE-2025-22065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22065"
},
{
"name": "CVE-2025-22080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22080"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-22102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22102"
},
{
"name": "CVE-2025-22104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22104"
},
{
"name": "CVE-2025-22105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22105"
},
{
"name": "CVE-2025-22106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22106"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2025-22108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22108"
},
{
"name": "CVE-2025-22109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22109"
},
{
"name": "CVE-2025-22115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22115"
},
{
"name": "CVE-2025-22116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22116"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-22128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22128"
},
{
"name": "CVE-2025-23129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23129"
},
{
"name": "CVE-2025-23131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23131"
},
{
"name": "CVE-2025-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23133"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37799"
},
{
"name": "CVE-2025-37860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37860"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-37748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37748"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-37820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37820"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37879"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-49769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49769"
},
{
"name": "CVE-2022-49770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49770"
},
{
"name": "CVE-2022-49771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49771"
},
{
"name": "CVE-2022-49772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49772"
},
{
"name": "CVE-2022-49775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49775"
},
{
"name": "CVE-2022-49776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49776"
},
{
"name": "CVE-2022-49777",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49777"
},
{
"name": "CVE-2022-49779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49779"
},
{
"name": "CVE-2022-49783",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49783"
},
{
"name": "CVE-2022-49787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49787"
},
{
"name": "CVE-2022-49788",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49788"
},
{
"name": "CVE-2022-49789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49789"
},
{
"name": "CVE-2022-49790",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49790"
},
{
"name": "CVE-2022-49792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49792"
},
{
"name": "CVE-2022-49793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49793"
},
{
"name": "CVE-2022-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49794"
},
{
"name": "CVE-2022-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49796"
},
{
"name": "CVE-2022-49797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49797"
},
{
"name": "CVE-2022-49799",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49799"
},
{
"name": "CVE-2022-49800",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49800"
},
{
"name": "CVE-2022-49801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49801"
},
{
"name": "CVE-2022-49802",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49802"
},
{
"name": "CVE-2022-49807",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49807"
},
{
"name": "CVE-2022-49809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49809"
},
{
"name": "CVE-2022-49810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49810"
},
{
"name": "CVE-2022-49812",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49812"
},
{
"name": "CVE-2022-49813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49813"
},
{
"name": "CVE-2022-49818",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49818"
},
{
"name": "CVE-2022-49821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49821"
},
{
"name": "CVE-2022-49822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49822"
},
{
"name": "CVE-2022-49823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49823"
},
{
"name": "CVE-2022-49824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49824"
},
{
"name": "CVE-2022-49825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49825"
},
{
"name": "CVE-2022-49826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49826"
},
{
"name": "CVE-2022-49827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49827"
},
{
"name": "CVE-2022-49830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49830"
},
{
"name": "CVE-2022-49832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49832"
},
{
"name": "CVE-2022-49834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49834"
},
{
"name": "CVE-2022-49835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49835"
},
{
"name": "CVE-2022-49836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49836"
},
{
"name": "CVE-2022-49839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49839"
},
{
"name": "CVE-2022-49841",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49841"
},
{
"name": "CVE-2022-49842",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49842"
},
{
"name": "CVE-2022-49845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49845"
},
{
"name": "CVE-2022-49846",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49846"
},
{
"name": "CVE-2022-49850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49850"
},
{
"name": "CVE-2022-49853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49853"
},
{
"name": "CVE-2022-49858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49858"
},
{
"name": "CVE-2022-49860",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49860"
},
{
"name": "CVE-2022-49861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49861"
},
{
"name": "CVE-2022-49863",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49863"
},
{
"name": "CVE-2022-49864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49864"
},
{
"name": "CVE-2022-49865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49865"
},
{
"name": "CVE-2022-49868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49868"
},
{
"name": "CVE-2022-49869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49869"
},
{
"name": "CVE-2022-49870",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49870"
},
{
"name": "CVE-2022-49871",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49871"
},
{
"name": "CVE-2022-49874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49874"
},
{
"name": "CVE-2022-49879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49879"
},
{
"name": "CVE-2022-49880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49880"
},
{
"name": "CVE-2022-49881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49881"
},
{
"name": "CVE-2022-49885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49885"
},
{
"name": "CVE-2022-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49887"
},
{
"name": "CVE-2022-49888",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49888"
},
{
"name": "CVE-2022-49889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49889"
},
{
"name": "CVE-2022-49890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49890"
},
{
"name": "CVE-2022-49891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49891"
},
{
"name": "CVE-2022-49892",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49892"
},
{
"name": "CVE-2022-49900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49900"
},
{
"name": "CVE-2022-49905",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49905"
},
{
"name": "CVE-2022-49906",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49906"
},
{
"name": "CVE-2022-49908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49908"
},
{
"name": "CVE-2022-49909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49909"
},
{
"name": "CVE-2022-49910",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49910"
},
{
"name": "CVE-2022-49915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49915"
},
{
"name": "CVE-2022-49916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49916"
},
{
"name": "CVE-2022-49922",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49922"
},
{
"name": "CVE-2022-49923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49923"
},
{
"name": "CVE-2022-49924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49924"
},
{
"name": "CVE-2022-49925",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49925"
},
{
"name": "CVE-2022-49927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49927"
},
{
"name": "CVE-2022-49928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49928"
},
{
"name": "CVE-2022-49931",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49931"
},
{
"name": "CVE-2023-53035",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53035"
},
{
"name": "CVE-2023-53038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53038"
},
{
"name": "CVE-2023-53039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53039"
},
{
"name": "CVE-2023-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53040"
},
{
"name": "CVE-2023-53041",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53041"
},
{
"name": "CVE-2023-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53044"
},
{
"name": "CVE-2023-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53045"
},
{
"name": "CVE-2023-53049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53049"
},
{
"name": "CVE-2023-53052",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53052"
},
{
"name": "CVE-2023-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53054"
},
{
"name": "CVE-2023-53056",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53056"
},
{
"name": "CVE-2023-53058",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53058"
},
{
"name": "CVE-2023-53059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53059"
},
{
"name": "CVE-2023-53060",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53060"
},
{
"name": "CVE-2023-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53062"
},
{
"name": "CVE-2023-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53064"
},
{
"name": "CVE-2023-53065",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53065"
},
{
"name": "CVE-2023-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53066"
},
{
"name": "CVE-2023-53068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53068"
},
{
"name": "CVE-2023-53075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53075"
},
{
"name": "CVE-2023-53077",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53077"
},
{
"name": "CVE-2023-53078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53078"
},
{
"name": "CVE-2023-53079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53079"
},
{
"name": "CVE-2023-53081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53081"
},
{
"name": "CVE-2023-53084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53084"
},
{
"name": "CVE-2023-53087",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53087"
},
{
"name": "CVE-2023-53089",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53089"
},
{
"name": "CVE-2023-53090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53090"
},
{
"name": "CVE-2023-53091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53091"
},
{
"name": "CVE-2023-53092",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53092"
},
{
"name": "CVE-2023-53093",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53093"
},
{
"name": "CVE-2023-53096",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53096"
},
{
"name": "CVE-2023-53098",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53098"
},
{
"name": "CVE-2023-53099",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53099"
},
{
"name": "CVE-2023-53100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53100"
},
{
"name": "CVE-2023-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53101"
},
{
"name": "CVE-2023-53106",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53106"
},
{
"name": "CVE-2023-53108",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53108"
},
{
"name": "CVE-2023-53111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53111"
},
{
"name": "CVE-2023-53114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53114"
},
{
"name": "CVE-2023-53116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53116"
},
{
"name": "CVE-2023-53118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53118"
},
{
"name": "CVE-2023-53119",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53119"
},
{
"name": "CVE-2023-53123",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53123"
},
{
"name": "CVE-2023-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53124"
},
{
"name": "CVE-2023-53125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53125"
},
{
"name": "CVE-2023-53131",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53131"
},
{
"name": "CVE-2023-53134",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53134"
},
{
"name": "CVE-2023-53137",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53137"
},
{
"name": "CVE-2023-53139",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53139"
},
{
"name": "CVE-2023-53140",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53140"
},
{
"name": "CVE-2023-53142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53142"
},
{
"name": "CVE-2023-53143",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53143"
},
{
"name": "CVE-2023-53145",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53145"
},
{
"name": "CVE-2025-22030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22030"
},
{
"name": "CVE-2025-22057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22057"
},
{
"name": "CVE-2025-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22070"
},
{
"name": "CVE-2025-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22103"
},
{
"name": "CVE-2025-22125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22125"
},
{
"name": "CVE-2025-23160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23160"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2025-37755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37755"
},
{
"name": "CVE-2025-37804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37804"
},
{
"name": "CVE-2025-37809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37809"
},
{
"name": "CVE-2025-37831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37831"
},
{
"name": "CVE-2025-37833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37833"
},
{
"name": "CVE-2025-37842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37842"
},
{
"name": "CVE-2025-37870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37870"
},
{
"name": "CVE-2025-37886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37886"
},
{
"name": "CVE-2025-37887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37887"
},
{
"name": "CVE-2025-37957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37957"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-37960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37960"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-40325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40325"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0509",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01901-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501901-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01894-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501894-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01892-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501892-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20387-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520387-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01873-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501873-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01930-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501930-1"
},
{
"published_at": "2025-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01932-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501932-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20388-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520388-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01927-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501927-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01908-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501908-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01918-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501918-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01928-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501928-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01843-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501843-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01875-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501875-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01922-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501922-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20382-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520382-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01853-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501853-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01851-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501851-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01929-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501929-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20389-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520389-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01899-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501899-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01840-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501840-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01849-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501849-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01893-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501893-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20383-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520383-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20384-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520384-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20381-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520381-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01844-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501844-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01919-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501919-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01839-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501839-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01935-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501935-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01869-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501869-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01868-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501868-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01907-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501907-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20386-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520386-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01906-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501906-1"
}
]
}
CERTFR-2025-AVI-0625
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Ubuntu Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 20.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 25.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-37850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37850"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2024-46821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46821"
},
{
"name": "CVE-2024-53203",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53203"
},
{
"name": "CVE-2025-37892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37892"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2025-37859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37859"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2025-37792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37792"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2022-49728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49728"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-37896",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37896"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-37936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37936"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-37766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37766"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-37844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37844"
},
{
"name": "CVE-2025-37871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37871"
},
{
"name": "CVE-2024-46751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46751"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2024-56664",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56664"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-37758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37758"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2022-49168",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49168"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2025-37841",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37841"
},
{
"name": "CVE-2025-37918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37918"
},
{
"name": "CVE-2025-37917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37917"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-38216",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38216"
},
{
"name": "CVE-2025-37770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37770"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-37983",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37983"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37920"
},
{
"name": "CVE-2025-37819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37819"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-35867",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35867"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-38023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38023"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-37898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37898"
},
{
"name": "CVE-2024-46812",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46812"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2024-46816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46816"
},
{
"name": "CVE-2025-37924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37924"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-37867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37867"
},
{
"name": "CVE-2025-37857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37857"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2025-37927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37927"
},
{
"name": "CVE-2025-37897",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37897"
},
{
"name": "CVE-2025-37911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37911"
},
{
"name": "CVE-2024-26686",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26686"
},
{
"name": "CVE-2024-53144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53144"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2024-53128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53128"
},
{
"name": "CVE-2025-37930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37930"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-37810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37810"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2025-23159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23159"
},
{
"name": "CVE-2025-37926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37926"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2024-49960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49960"
},
{
"name": "CVE-2025-37741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37741"
},
{
"name": "CVE-2025-37912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37912"
},
{
"name": "CVE-2025-37985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37985"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-38024",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38024"
},
{
"name": "CVE-2022-49063",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49063"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2025-37931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37931"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-37934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37934"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-38005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38005"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2022-49535",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49535"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-23158",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23158"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-23144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23144"
},
{
"name": "CVE-2025-37969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37969"
},
{
"name": "CVE-2022-48893",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48893"
},
{
"name": "CVE-2025-37899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37899"
},
{
"name": "CVE-2025-37742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37742"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-37765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37765"
},
{
"name": "CVE-2025-37921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37921"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-37935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37935"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-23161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23161"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-37923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37923"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-37739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37739"
},
{
"name": "CVE-2025-38575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38575"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-37940",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37940"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-37964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37964"
},
{
"name": "CVE-2024-46742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46742"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-50272",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50272"
},
{
"name": "CVE-2025-37915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37915"
},
{
"name": "CVE-2025-23146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23146"
},
{
"name": "CVE-2025-37903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37903"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-23142",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23142"
},
{
"name": "CVE-2024-35790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35790"
},
{
"name": "CVE-2025-37738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37738"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37907"
},
{
"name": "CVE-2025-37991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37991"
},
{
"name": "CVE-2023-52572",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52572"
},
{
"name": "CVE-2025-37904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37904"
},
{
"name": "CVE-2025-37781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37781"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2024-27402",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27402"
},
{
"name": "CVE-2025-37946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37946"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-37740",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37740"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-23151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23151"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2025-37796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37796"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-37883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37883"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2025-37901",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37901"
},
{
"name": "CVE-2025-37811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37811"
},
{
"name": "CVE-2025-37916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37916"
},
{
"name": "CVE-2025-37767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37767"
},
{
"name": "CVE-2025-37989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37989"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2024-50280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50280"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-37768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37768"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-37970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37970"
},
{
"name": "CVE-2025-22066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22066"
},
{
"name": "CVE-2025-37906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37906"
},
{
"name": "CVE-2025-37905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37905"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2024-56551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56551"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-38094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38094"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2024-8805",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8805"
},
{
"name": "CVE-2025-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37967"
},
{
"name": "CVE-2025-37885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37885"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2024-46774",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46774"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-37840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37840"
},
{
"name": "CVE-2024-26739",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26739"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2024-35866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35866"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2024-49989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49989"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-36908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36908"
},
{
"name": "CVE-2025-37982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37982"
},
{
"name": "CVE-2025-37992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37992"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-37914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37914"
},
{
"name": "CVE-2025-37928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37928"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-37922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37922"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-37794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37794"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2025-37836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37836"
},
{
"name": "CVE-2024-50258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50258"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2024-42322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42322"
},
{
"name": "CVE-2024-46753",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46753"
},
{
"name": "CVE-2025-37771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37771"
},
{
"name": "CVE-2025-37998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37998"
},
{
"name": "CVE-2025-23163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23163"
},
{
"name": "CVE-2024-57984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57984"
},
{
"name": "CVE-2025-37757",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37757"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2025-38009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38009"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-37817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37817"
},
{
"name": "CVE-2025-37838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37838"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2024-38541",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38541"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2025-37994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37994"
},
{
"name": "CVE-2024-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38540"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-53168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37891"
},
{
"name": "CVE-2025-37858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37858"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37995"
},
{
"name": "CVE-2025-23156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23156"
},
{
"name": "CVE-2025-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23157"
},
{
"name": "CVE-2025-37808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37808"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-37895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37895"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2024-42230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42230"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-37933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37933"
},
{
"name": "CVE-2025-37900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37900"
},
{
"name": "CVE-2025-37805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37805"
},
{
"name": "CVE-2025-37990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37990"
},
{
"name": "CVE-2025-22089",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22089"
},
{
"name": "CVE-2025-37862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37862"
},
{
"name": "CVE-2025-37908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37908"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-37839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37839"
},
{
"name": "CVE-2025-37929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37929"
},
{
"name": "CVE-2025-37913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37913"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-35943",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35943"
},
{
"name": "CVE-2023-52757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52757"
},
{
"name": "CVE-2025-37851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37851"
},
{
"name": "CVE-2024-56608",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56608"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2025-37788",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37788"
},
{
"name": "CVE-2025-37881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37881"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-37909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37909"
},
{
"name": "CVE-2025-37894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37894"
},
{
"name": "CVE-2025-37919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37919"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-37812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37812"
},
{
"name": "CVE-2025-37875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37875"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2022-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21546"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22081"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-23148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23148"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-37910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37910"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2025-23147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23147"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0625",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Ubuntu Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-5",
"url": "https://ubuntu.com/security/notices/USN-7651-5"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-6",
"url": "https://ubuntu.com/security/notices/USN-7651-6"
},
{
"published_at": "2025-07-18",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7654-3",
"url": "https://ubuntu.com/security/notices/USN-7654-3"
},
{
"published_at": "2025-07-21",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7611-4",
"url": "https://ubuntu.com/security/notices/USN-7611-4"
},
{
"published_at": "2025-07-24",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7665-2",
"url": "https://ubuntu.com/security/notices/USN-7665-2"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-3",
"url": "https://ubuntu.com/security/notices/USN-7651-3"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7649-2",
"url": "https://ubuntu.com/security/notices/USN-7649-2"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7665-1",
"url": "https://ubuntu.com/security/notices/USN-7665-1"
},
{
"published_at": "2025-07-18",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7654-2",
"url": "https://ubuntu.com/security/notices/USN-7654-2"
},
{
"published_at": "2025-07-18",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7655-1",
"url": "https://ubuntu.com/security/notices/USN-7655-1"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7654-4",
"url": "https://ubuntu.com/security/notices/USN-7654-4"
},
{
"published_at": "2025-07-18",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-2",
"url": "https://ubuntu.com/security/notices/USN-7651-2"
},
{
"published_at": "2025-07-22",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7651-4",
"url": "https://ubuntu.com/security/notices/USN-7651-4"
}
]
}
CERTFR-2025-AVI-0605
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, un contournement de la politique de sécurité et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 20.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 24.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 25.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 18.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 22.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2023-52664",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52664"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-50055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50055"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-46787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46787"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-50047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50047"
},
{
"name": "CVE-2025-39735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39735"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-37937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37937"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-22035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22035"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2021-47211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47211"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-56599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56599"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2023-52741",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52741"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2024-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53051"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2024-56551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56551"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2025-22071",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22071"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2021-47191",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2024-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26996"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-53168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2024-26689",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26689"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-26982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26982"
},
{
"name": "CVE-2025-22054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22054"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22073",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22073"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-22079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22079"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0605",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux d\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, un contournement de la politique de s\u00e9curit\u00e9 et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7610-3",
"url": "https://ubuntu.com/security/notices/USN-7610-3"
},
{
"published_at": "2025-07-11",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7608-6",
"url": "https://ubuntu.com/security/notices/USN-7608-6"
},
{
"published_at": "2025-07-16",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7640-1",
"url": "https://ubuntu.com/security/notices/USN-7640-1"
},
{
"published_at": "2025-07-17",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7611-3",
"url": "https://ubuntu.com/security/notices/USN-7611-3"
},
{
"published_at": "2025-07-16",
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-7585-7",
"url": "https://ubuntu.com/security/notices/USN-7585-7"
}
]
}
CERTFR-2025-AVI-0509
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | Confidential Computing Module | Confidential Computing Module 15-SP6 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 12 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.2 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.1 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.6 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP6 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP6 | ||
| SUSE | SUSE Linux Micro | SUSE Linux Micro 6.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP3 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Confidential Computing Module 15-SP6",
"product": {
"name": "Confidential Computing Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 12 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP3",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2022-3619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3619"
},
{
"name": "CVE-2022-3564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
},
{
"name": "CVE-2023-1990",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1990"
},
{
"name": "CVE-2024-27018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27018"
},
{
"name": "CVE-2024-26634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26634"
},
{
"name": "CVE-2024-35910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35910"
},
{
"name": "CVE-2024-26873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26873"
},
{
"name": "CVE-2024-27415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27415"
},
{
"name": "CVE-2024-35826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35826"
},
{
"name": "CVE-2024-41005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41005"
},
{
"name": "CVE-2024-38606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
},
{
"name": "CVE-2024-41077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41077"
},
{
"name": "CVE-2024-46713",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46713"
},
{
"name": "CVE-2024-46763",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46763"
},
{
"name": "CVE-2024-46782",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46782"
},
{
"name": "CVE-2024-46865",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46865"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-49855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49855"
},
{
"name": "CVE-2024-50036",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50036"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50290",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50290"
},
{
"name": "CVE-2024-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53057"
},
{
"name": "CVE-2024-53063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53063"
},
{
"name": "CVE-2024-42307",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42307"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-49924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49924"
},
{
"name": "CVE-2024-50038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50038"
},
{
"name": "CVE-2024-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50083"
},
{
"name": "CVE-2024-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50162"
},
{
"name": "CVE-2024-50163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50163"
},
{
"name": "CVE-2024-53135",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53135"
},
{
"name": "CVE-2024-53140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53140"
},
{
"name": "CVE-2024-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50106"
},
{
"name": "CVE-2024-53168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53168"
},
{
"name": "CVE-2024-56558",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56558"
},
{
"name": "CVE-2024-56641",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56641"
},
{
"name": "CVE-2024-49994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49994"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2024-56703",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56703"
},
{
"name": "CVE-2025-21631",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21631"
},
{
"name": "CVE-2025-21648",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21648"
},
{
"name": "CVE-2025-21671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21671"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2024-53177",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53177"
},
{
"name": "CVE-2024-49940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49940"
},
{
"name": "CVE-2024-50029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50029"
},
{
"name": "CVE-2024-50056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50056"
},
{
"name": "CVE-2024-50140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50140"
},
{
"name": "CVE-2024-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50152"
},
{
"name": "CVE-2024-50223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50223"
},
{
"name": "CVE-2024-50294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50294"
},
{
"name": "CVE-2024-53139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53139"
},
{
"name": "CVE-2024-53163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53163"
},
{
"name": "CVE-2024-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53176"
},
{
"name": "CVE-2024-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53178"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2024-56751",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56751"
},
{
"name": "CVE-2023-52926",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52926"
},
{
"name": "CVE-2024-47408",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47408"
},
{
"name": "CVE-2024-49571",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49571"
},
{
"name": "CVE-2024-53680",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53680"
},
{
"name": "CVE-2024-56640",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56640"
},
{
"name": "CVE-2024-56718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56718"
},
{
"name": "CVE-2024-56770",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56770"
},
{
"name": "CVE-2024-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57807"
},
{
"name": "CVE-2024-57900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57900"
},
{
"name": "CVE-2022-49080",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49080"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-49563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49563"
},
{
"name": "CVE-2022-49564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49564"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2024-47794",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47794"
},
{
"name": "CVE-2024-54683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54683"
},
{
"name": "CVE-2024-56638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56638"
},
{
"name": "CVE-2024-56719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56719"
},
{
"name": "CVE-2024-56758",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56758"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21635",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21635"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2024-57978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57978"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-21701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21701"
},
{
"name": "CVE-2025-21703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21703"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2025-21794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21794"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-21819",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21819"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2023-52831",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52831"
},
{
"name": "CVE-2023-52927",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52927"
},
{
"name": "CVE-2024-41149",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41149"
},
{
"name": "CVE-2024-46736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46736"
},
{
"name": "CVE-2024-46796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46796"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2024-57947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57947"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2024-58012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58012"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21693"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-21756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21756"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21831"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2025-21850",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21850"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21865",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21865"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2025-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21876"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2025-21702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21702"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2025-21971",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21971"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21993"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-21696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21696"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2023-53034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53034"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22025"
},
{
"name": "CVE-2025-22027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22027"
},
{
"name": "CVE-2025-22033",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22033"
},
{
"name": "CVE-2025-22044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22044"
},
{
"name": "CVE-2025-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22045"
},
{
"name": "CVE-2025-22050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22050"
},
{
"name": "CVE-2025-22055",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22055"
},
{
"name": "CVE-2025-22056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22056"
},
{
"name": "CVE-2025-22058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22058"
},
{
"name": "CVE-2025-22060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22060"
},
{
"name": "CVE-2025-22063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22063"
},
{
"name": "CVE-2025-22075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22075"
},
{
"name": "CVE-2025-22086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22086"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-22093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22093"
},
{
"name": "CVE-2025-22097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22097"
},
{
"name": "CVE-2025-22126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22126"
},
{
"name": "CVE-2025-23136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23136"
},
{
"name": "CVE-2025-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23138"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-38152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38152"
},
{
"name": "CVE-2025-38637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38637"
},
{
"name": "CVE-2025-39728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39728"
},
{
"name": "CVE-2024-28956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28956"
},
{
"name": "CVE-2025-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21953"
},
{
"name": "CVE-2022-49110",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49110"
},
{
"name": "CVE-2022-49767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49767"
},
{
"name": "CVE-2023-53051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53051"
},
{
"name": "CVE-2024-35840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35840"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2024-58094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58094"
},
{
"name": "CVE-2024-58095",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58095"
},
{
"name": "CVE-2024-58096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58096"
},
{
"name": "CVE-2024-58097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58097"
},
{
"name": "CVE-2025-21729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21729"
},
{
"name": "CVE-2025-21755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21755"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21833"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21852",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21852"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2025-21884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2025-21923",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21923"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21931",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21931"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-21985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21985"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-22018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22018"
},
{
"name": "CVE-2025-22020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22020"
},
{
"name": "CVE-2025-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22029"
},
{
"name": "CVE-2025-22036",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22036"
},
{
"name": "CVE-2025-22053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22053"
},
{
"name": "CVE-2025-22062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22062"
},
{
"name": "CVE-2025-22064",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22064"
},
{
"name": "CVE-2025-22065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22065"
},
{
"name": "CVE-2025-22080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22080"
},
{
"name": "CVE-2025-22090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22090"
},
{
"name": "CVE-2025-22102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22102"
},
{
"name": "CVE-2025-22104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22104"
},
{
"name": "CVE-2025-22105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22105"
},
{
"name": "CVE-2025-22106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22106"
},
{
"name": "CVE-2025-22107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22107"
},
{
"name": "CVE-2025-22108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22108"
},
{
"name": "CVE-2025-22109",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22109"
},
{
"name": "CVE-2025-22115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22115"
},
{
"name": "CVE-2025-22116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22116"
},
{
"name": "CVE-2025-22121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22121"
},
{
"name": "CVE-2025-22128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22128"
},
{
"name": "CVE-2025-23129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23129"
},
{
"name": "CVE-2025-23131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23131"
},
{
"name": "CVE-2025-23133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23133"
},
{
"name": "CVE-2025-23145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23145"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2025-37799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37799"
},
{
"name": "CVE-2025-37860",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37860"
},
{
"name": "CVE-2025-37749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37749"
},
{
"name": "CVE-2025-22021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22021"
},
{
"name": "CVE-2025-23140",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23140"
},
{
"name": "CVE-2025-23150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23150"
},
{
"name": "CVE-2025-37748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37748"
},
{
"name": "CVE-2025-37773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37773"
},
{
"name": "CVE-2025-37780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37780"
},
{
"name": "CVE-2025-37787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37787"
},
{
"name": "CVE-2025-37789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37789"
},
{
"name": "CVE-2025-37790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37790"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-37803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37803"
},
{
"name": "CVE-2025-37820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37820"
},
{
"name": "CVE-2025-37823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37823"
},
{
"name": "CVE-2025-37824",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37824"
},
{
"name": "CVE-2025-37829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37829"
},
{
"name": "CVE-2025-37830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37830"
},
{
"name": "CVE-2025-37879",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37879"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2025-37949",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37949"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-49769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49769"
},
{
"name": "CVE-2022-49770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49770"
},
{
"name": "CVE-2022-49771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49771"
},
{
"name": "CVE-2022-49772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49772"
},
{
"name": "CVE-2022-49775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49775"
},
{
"name": "CVE-2022-49776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49776"
},
{
"name": "CVE-2022-49777",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49777"
},
{
"name": "CVE-2022-49779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49779"
},
{
"name": "CVE-2022-49783",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49783"
},
{
"name": "CVE-2022-49787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49787"
},
{
"name": "CVE-2022-49788",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49788"
},
{
"name": "CVE-2022-49789",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49789"
},
{
"name": "CVE-2022-49790",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49790"
},
{
"name": "CVE-2022-49792",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49792"
},
{
"name": "CVE-2022-49793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49793"
},
{
"name": "CVE-2022-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49794"
},
{
"name": "CVE-2022-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49796"
},
{
"name": "CVE-2022-49797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49797"
},
{
"name": "CVE-2022-49799",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49799"
},
{
"name": "CVE-2022-49800",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49800"
},
{
"name": "CVE-2022-49801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49801"
},
{
"name": "CVE-2022-49802",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49802"
},
{
"name": "CVE-2022-49807",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49807"
},
{
"name": "CVE-2022-49809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49809"
},
{
"name": "CVE-2022-49810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49810"
},
{
"name": "CVE-2022-49812",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49812"
},
{
"name": "CVE-2022-49813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49813"
},
{
"name": "CVE-2022-49818",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49818"
},
{
"name": "CVE-2022-49821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49821"
},
{
"name": "CVE-2022-49822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49822"
},
{
"name": "CVE-2022-49823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49823"
},
{
"name": "CVE-2022-49824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49824"
},
{
"name": "CVE-2022-49825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49825"
},
{
"name": "CVE-2022-49826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49826"
},
{
"name": "CVE-2022-49827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49827"
},
{
"name": "CVE-2022-49830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49830"
},
{
"name": "CVE-2022-49832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49832"
},
{
"name": "CVE-2022-49834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49834"
},
{
"name": "CVE-2022-49835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49835"
},
{
"name": "CVE-2022-49836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49836"
},
{
"name": "CVE-2022-49839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49839"
},
{
"name": "CVE-2022-49841",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49841"
},
{
"name": "CVE-2022-49842",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49842"
},
{
"name": "CVE-2022-49845",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49845"
},
{
"name": "CVE-2022-49846",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49846"
},
{
"name": "CVE-2022-49850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49850"
},
{
"name": "CVE-2022-49853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49853"
},
{
"name": "CVE-2022-49858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49858"
},
{
"name": "CVE-2022-49860",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49860"
},
{
"name": "CVE-2022-49861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49861"
},
{
"name": "CVE-2022-49863",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49863"
},
{
"name": "CVE-2022-49864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49864"
},
{
"name": "CVE-2022-49865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49865"
},
{
"name": "CVE-2022-49868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49868"
},
{
"name": "CVE-2022-49869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49869"
},
{
"name": "CVE-2022-49870",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49870"
},
{
"name": "CVE-2022-49871",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49871"
},
{
"name": "CVE-2022-49874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49874"
},
{
"name": "CVE-2022-49879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49879"
},
{
"name": "CVE-2022-49880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49880"
},
{
"name": "CVE-2022-49881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49881"
},
{
"name": "CVE-2022-49885",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49885"
},
{
"name": "CVE-2022-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49887"
},
{
"name": "CVE-2022-49888",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49888"
},
{
"name": "CVE-2022-49889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49889"
},
{
"name": "CVE-2022-49890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49890"
},
{
"name": "CVE-2022-49891",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49891"
},
{
"name": "CVE-2022-49892",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49892"
},
{
"name": "CVE-2022-49900",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49900"
},
{
"name": "CVE-2022-49905",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49905"
},
{
"name": "CVE-2022-49906",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49906"
},
{
"name": "CVE-2022-49908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49908"
},
{
"name": "CVE-2022-49909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49909"
},
{
"name": "CVE-2022-49910",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49910"
},
{
"name": "CVE-2022-49915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49915"
},
{
"name": "CVE-2022-49916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49916"
},
{
"name": "CVE-2022-49922",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49922"
},
{
"name": "CVE-2022-49923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49923"
},
{
"name": "CVE-2022-49924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49924"
},
{
"name": "CVE-2022-49925",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49925"
},
{
"name": "CVE-2022-49927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49927"
},
{
"name": "CVE-2022-49928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49928"
},
{
"name": "CVE-2022-49931",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49931"
},
{
"name": "CVE-2023-53035",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53035"
},
{
"name": "CVE-2023-53038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53038"
},
{
"name": "CVE-2023-53039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53039"
},
{
"name": "CVE-2023-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53040"
},
{
"name": "CVE-2023-53041",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53041"
},
{
"name": "CVE-2023-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53044"
},
{
"name": "CVE-2023-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53045"
},
{
"name": "CVE-2023-53049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53049"
},
{
"name": "CVE-2023-53052",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53052"
},
{
"name": "CVE-2023-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53054"
},
{
"name": "CVE-2023-53056",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53056"
},
{
"name": "CVE-2023-53058",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53058"
},
{
"name": "CVE-2023-53059",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53059"
},
{
"name": "CVE-2023-53060",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53060"
},
{
"name": "CVE-2023-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53062"
},
{
"name": "CVE-2023-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53064"
},
{
"name": "CVE-2023-53065",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53065"
},
{
"name": "CVE-2023-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53066"
},
{
"name": "CVE-2023-53068",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53068"
},
{
"name": "CVE-2023-53075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53075"
},
{
"name": "CVE-2023-53077",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53077"
},
{
"name": "CVE-2023-53078",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53078"
},
{
"name": "CVE-2023-53079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53079"
},
{
"name": "CVE-2023-53081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53081"
},
{
"name": "CVE-2023-53084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53084"
},
{
"name": "CVE-2023-53087",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53087"
},
{
"name": "CVE-2023-53089",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53089"
},
{
"name": "CVE-2023-53090",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53090"
},
{
"name": "CVE-2023-53091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53091"
},
{
"name": "CVE-2023-53092",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53092"
},
{
"name": "CVE-2023-53093",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53093"
},
{
"name": "CVE-2023-53096",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53096"
},
{
"name": "CVE-2023-53098",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53098"
},
{
"name": "CVE-2023-53099",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53099"
},
{
"name": "CVE-2023-53100",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53100"
},
{
"name": "CVE-2023-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53101"
},
{
"name": "CVE-2023-53106",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53106"
},
{
"name": "CVE-2023-53108",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53108"
},
{
"name": "CVE-2023-53111",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53111"
},
{
"name": "CVE-2023-53114",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53114"
},
{
"name": "CVE-2023-53116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53116"
},
{
"name": "CVE-2023-53118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53118"
},
{
"name": "CVE-2023-53119",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53119"
},
{
"name": "CVE-2023-53123",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53123"
},
{
"name": "CVE-2023-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53124"
},
{
"name": "CVE-2023-53125",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53125"
},
{
"name": "CVE-2023-53131",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53131"
},
{
"name": "CVE-2023-53134",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53134"
},
{
"name": "CVE-2023-53137",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53137"
},
{
"name": "CVE-2023-53139",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53139"
},
{
"name": "CVE-2023-53140",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53140"
},
{
"name": "CVE-2023-53142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53142"
},
{
"name": "CVE-2023-53143",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53143"
},
{
"name": "CVE-2023-53145",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53145"
},
{
"name": "CVE-2025-22030",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22030"
},
{
"name": "CVE-2025-22057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22057"
},
{
"name": "CVE-2025-22070",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22070"
},
{
"name": "CVE-2025-22103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22103"
},
{
"name": "CVE-2025-22125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22125"
},
{
"name": "CVE-2025-23160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23160"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2025-37755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37755"
},
{
"name": "CVE-2025-37804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37804"
},
{
"name": "CVE-2025-37809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37809"
},
{
"name": "CVE-2025-37831",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37831"
},
{
"name": "CVE-2025-37833",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37833"
},
{
"name": "CVE-2025-37842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37842"
},
{
"name": "CVE-2025-37870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37870"
},
{
"name": "CVE-2025-37886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37886"
},
{
"name": "CVE-2025-37887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37887"
},
{
"name": "CVE-2025-37957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37957"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-37960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37960"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-40325",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40325"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0509",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01901-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501901-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01894-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501894-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01892-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501892-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20387-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520387-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01873-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501873-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01930-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501930-1"
},
{
"published_at": "2025-06-13",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01932-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501932-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20388-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520388-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01927-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501927-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01908-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501908-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01918-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501918-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01928-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501928-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01843-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501843-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01875-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501875-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01922-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501922-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20382-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520382-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01853-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501853-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01851-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501851-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01929-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501929-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20389-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520389-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01899-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501899-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01840-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501840-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01849-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501849-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01893-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501893-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20383-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520383-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20384-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520384-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20381-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520381-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01844-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501844-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01919-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501919-1"
},
{
"published_at": "2025-06-09",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01839-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501839-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01935-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501935-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01869-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501869-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01868-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501868-1"
},
{
"published_at": "2025-06-11",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01907-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501907-1"
},
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:20386-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520386-1"
},
{
"published_at": "2025-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2025:01906-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501906-1"
}
]
}
SUSE-SU-2025:20260-1
Vulnerability from csaf_suse - Published: 2025-04-17 09:25 - Updated: 2025-04-17 09:25Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).
- CVE-2024-56638: kABI fix for "netfilter: nft_inner: incorrect percpu area handling under softirq" (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).
- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).
- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).
- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
- CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).
- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).
- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).
- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).
- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).
- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).
- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).
- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).
- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
The following non-security bugs were fixed:
- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-fixes).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).
- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- Fix memory-hotplug regression (bsc#1237504)
- Grab mm lock before grabbing pt lock (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).
- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).
- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).
- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes).
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).
- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).
- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes).
- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).
- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).
- Move upstreamed ACPI patch into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: Use downstream bridges for distributing resources (bsc#1237325).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/efa: Reset device on probe failure (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Reapply "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes).
- Revert "dm: requeue IO if mapping table not yet available" (git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes).
- Revert "leds-pca955x: Remove the unused function pca95xx_num_led_regs()" (stable-fixes).
- Revert "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).
- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).
- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- add nf_tables for iptables non-legacy network handling.
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- bio-integrity: do not restrict the size of integrity metadata (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).
- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).
- blk-mq: add number of queue calc helper (bsc#1236897).
- blk-mq: create correct map for fallback case (bsc#1236896).
- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).
- blk_iocost: remove some duplicate irq disable/enables (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).
- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).
- block: change rq_integrity_vec to respect the iterator (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- block: ensure we hold a queue reference when using queue limits (git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).
- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).
- block: retry call probe after request_module in blk_request_module (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- block: use the right type for stub rq_integrity_vec() (git-fixes).
- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).
- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).
- cifs: Remove intermediate object of failed create reparse call (git-fixes).
- cifs: commands that are retried should have replay flag set (bsc#1231432).
- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).
- cifs: helper function to check replayable error codes (bsc#1231432).
- cifs: new mount option called retrans (bsc#1231432).
- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).
- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).
- cifs: update desired access while requesting for directory lease (git-fixes).
- cifs: update the same create_guid on replay (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- config: Set gcc version (jsc#PED-12251).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).
- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).
- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- doc/README.SUSE: Point to the updated version of LKMPG
- doc: update managed_irq documentation (bsc#1236897).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).
- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting" (git-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- drm/i915/selftests: avoid using uninitialized context (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).
- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).
- eth: gve: use appropriate helper to set xdp_features (git-fixes).
- exfat: convert to ctime accessor functions (git-fixes).
- exfat: do not zero the extended part (bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).
- exfat: fix file being changed by unaligned direct write (git-fixes).
- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).
- exfat: fix zero the unwritten part for dio read (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- futex: Do not include process MM in futex key on no-MMU (git-fixes).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
- gup: make the stack expansion warning a bit more targeted (bsc#1238214).
- hfs: Sanity check the root record (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).
- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).
- ice: put Rx buffers after being done with current frame (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).
- igc: return early when failing to read EECD register (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kabi: fix bus type (bsc#1236896).
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).
- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).
- kernel-source: Also replace bin/env
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).
- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: stackinit: hide never-taken branch from compiler (stable-fixes).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).
- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).
- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/raid0: do not free conf on raid0_run failure (git-fixes).
- md/raid1: do not free conf on raid0_run failure (git-fixes).
- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).
- md: Do not flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).
- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mptcp: export local_address (git-fixes)
- mptcp: fix NL PM announced address accounting (git-fixes)
- mptcp: fix data races on local_id (git-fixes)
- mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- mptcp: pm: do not try to create sf if alloc failed (git-fixes)
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- mptcp: pm: reduce indentation blocks (git-fixes)
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- mptcp: unify pm get_local_id interfaces (git-fixes)
- mptcp: unify pm set_flags interfaces (git-fixes)
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions (git-fixes).
- nbd: do not allow reconnect after disconnect (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).
- net: Fix undefined behavior in netdev name allocation (bsc#1233749).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns (bsc#1233749).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- net: do not send a MOVE event when netdev changes netns (bsc#1233749).
- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: fix removing a namespace with conflicting altnames (bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: move altnames together with the netdevice (bsc#1233749).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).
- net: remove else after return in dev_prep_valid_name() (bsc#1233749).
- net: rose: lock the socket in rose_bind() (git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).
- net: smc: fix spurious error message from __sock_release() (bsc#1237126).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).
- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).
- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- padata: fix sysfs store callback check (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).
- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (ltc#210895 bsc#1235933 ltc#210896
bsc#1235932).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).
- powerpc: Stop using no_llseek (bsc#1239573).
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).
- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).
- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).
- rbd: do not move requests to the running list on errors (git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).
- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).
- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices (bsc#1236752).
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/topology: Improve topology detection (bsc#1236591).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).
- scsi: core: Clear driver private data when retrying request (git-fixes).
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- scsi: core: Handle depopulation and restoration in progress (git-fixes).
- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).
- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).
- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).
- scsi: myrb: Remove dead code (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- scsi: sg: Enable runtime power management (git-fixes).
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).
- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- selftest: hugetlb_dio: fix test naming (git-fixes).
- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).
- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).
- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes).
- smb3: request handle caching when caching directories (bsc#1231432).
- smb3: retrying on failed server close (bsc#1231432).
- smb: cached directories can be more than root file handle (bsc#1231432).
- smb: cilent: set reparse mount points as automounts (git-fixes).
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).
- smb: client: Fix minor whitespace errors and warnings (git-fixes).
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).
- smb: client: add support for WSL reparse points (git-fixes).
- smb: client: allow creating special files via reparse points (git-fixes).
- smb: client: allow creating symlinks via reparse points (git-fixes).
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: do not query reparse points twice on symlinks (git-fixes).
- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).
- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).
- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).
- smb: client: fix hardlinking of reparse points (git-fixes).
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- smb: client: fix possible double free in smb2_set_ea() (git-fixes).
- smb: client: fix potential broken compound request (git-fixes).
- smb: client: fix renaming of reparse points (git-fixes).
- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).
- smb: client: handle path separator of created SMB symlinks (git-fixes).
- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).
- smb: client: ignore unhandled reparse tags (git-fixes).
- smb: client: implement ->query_reparse_point() for SMB1 (git-fixes).
- smb: client: instantiate when creating SFU files (git-fixes).
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- smb: client: introduce reparse mount option (git-fixes).
- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).
- smb: client: move most of reparse point handling code to common file (git-fixes).
- smb: client: move some params to cifs_open_info_data (bsc#1231432).
- smb: client: optimise reparse point querying (git-fixes).
- smb: client: parse owner/group when creating reparse points (git-fixes).
- smb: client: parse reparse point flag in create response (bsc#1231432).
- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).
- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).
- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).
- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- smb: client: retry compound request without reusing lease (git-fixes).
- smb: client: return reparse type in /proc/mounts (git-fixes).
- smb: client: reuse file lease key in compound operations (git-fixes).
- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).
- smb: client: set correct file type from NFS reparse points (git-fixes).
- smb: client: stop revalidating reparse points unnecessarily (git-fixes).
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes).
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).
- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).
- usbnet: ipheth: document scope of NCM implementation (stable-fixes).
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- virtio-mem: check if the config changed before fake offlining memory (git-fixes).
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).
- vsock/virtio: cancel close work in the destructor (git-fixes)
- vsock: Keep the binding until socket destruction (git-fixes)
- vsock: reset socket state when de-assigning the transport (git-fixes)
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/asm: Make serialize() always_inline (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
- xen/swiotlb: relax alignment requirements (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- zram: fix potential UAF of zram table (git-fixes).
- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).
- zram: refuse to use zero sized block device as backing device (git-fixes).
- zram: split memory-tracking and ac-time tracking (git-fixes).
Patchnames
SUSE-SLE-Micro-6.1-kernel-8
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).\n- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).\n- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).\n- CVE-2024-45010: mptcp: pm: only mark \u0027subflow\u0027 endp as available (bsc#1230439).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).\n- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).\n- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-50142: xfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset (bsc#1233028).\n- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).\n- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).\n- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).\n- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).\n- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).\n- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).\n- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).\n- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).\n- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).\n- CVE-2024-56638: kABI fix for \"netfilter: nft_inner: incorrect percpu area handling under softirq\" (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).\n- CVE-2024-56658: net: defer final \u0027struct net\u0027 free in netns dismantle (bsc#1235441).\n- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).\n- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current-\u003ensproxy (bsc#1236113).\n- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current-\u003ensproxy (bsc#1236114).\n- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current-\u003ensproxy (bsc#1236115).\n- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current-\u003ensproxy (bsc#1236122).\n- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy (bsc#1236123).\n- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).\n- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).\n- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).\n- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).\n- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).\n- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).\n- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).\n- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).\n- CVE-2025-21678: gtp: Destroy device along with udp socket\u0027s netns dismantle (bsc#1236698).\n- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).\n- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).\n- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).\n- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).\n- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).\n- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).\n- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).\n- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).\n- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).\n- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).\n- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).\n- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).\n- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).\n- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n\nThe following non-security bugs were fixed:\n\n- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).\n- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).\n- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).\n- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).\n- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).\n- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).\n- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).\n- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).\n- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).\n- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).\n- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).\n- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).\n- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).\n- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).\n- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).\n- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).\n- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).\n- ALSA: seq: Make dependency on UMP clearer (git-fixes).\n- ALSA: seq: remove redundant \u0027tristate\u0027 for SND_SEQ_UMP_CLIENT (stable-fixes).\n- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).\n- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).\n- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).\n- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).\n- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).\n- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).\n- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).\n- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).\n- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).\n- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).\n- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).\n- ASoC: es8328: fix route from DAC to output (git-fixes).\n- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).\n- ASoC: ops: Consistently treat platform_max as control value (git-fixes).\n- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).\n- ASoC: rt722-sdca: add missing readable registers (git-fixes).\n- ASoC: tas2764: Fix power control mask (stable-fixes).\n- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- ASoC: tas2770: Fix volume scale (stable-fixes).\n- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).\n- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).\n- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).\n- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- Documentation: qat: fix auto_reset attribute details (git-fixes).\n- Documentation: qat: fix auto_reset section (git-fixes).\n- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- Fix memory-hotplug regression (bsc#1237504)\n- Grab mm lock before grabbing pt lock (git-fixes).\n- HID: Enable playstation driver independently of sony driver (git-fixes).\n- HID: Wacom: Add PCI Wacom device support (stable-fixes).\n- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).\n- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).\n- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- HID: hid-steam: Add Deck IMU support (stable-fixes).\n- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).\n- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).\n- HID: hid-steam: Clean up locking (stable-fixes).\n- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).\n- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).\n- HID: hid-steam: Fix cleanup in probe() (git-fixes).\n- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).\n- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).\n- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).\n- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).\n- HID: hid-steam: remove pointless error message (stable-fixes).\n- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).\n- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).\n- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).\n- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).\n- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- IB/mad: Check available slots before posting receive WRs (git-fixes)\n- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)\n- Input: ads7846 - fix gpiod allocation (git-fixes).\n- Input: allocate keycode for phone linking (stable-fixes).\n- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- Input: iqs7222 - preserve system status register (git-fixes).\n- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- Input: xpad - add multiple supported devices (stable-fixes).\n- Input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- Input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).\n- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).\n- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).\n- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).\n- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).\n- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).\n- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).\n- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)\n- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).\n- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).\n- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).\n- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).\n- KVM: x86/mmu: Skip the \"try unsync\" path iff the old SPTE was a leaf SPTE (git-fixes).\n- KVM: x86: AMD\u0027s IBPB is not equivalent to Intel\u0027s IBPB (git-fixes).\n- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).\n- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).\n- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).\n- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).\n- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).\n- KVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel (git-fixes).\n- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).\n- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).\n- Move upstreamed ACPI patch into sorted section\n- Move upstreamed PCI and initramfs patches into sorted section\n- Move upstreamed nfsd and sunrpc patches into sorted section\n- Move upstreamed powerpc and SCSI patches into sorted section\n- PCI/ACS: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).\n- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)\n- PCI/DOE: Support discovery version 2 (bsc#1237853)\n- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).\n- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- PCI: Avoid reset when disabled via sysfs (git-fixes).\n- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- PCI: Use downstream bridges for distributing resources (bsc#1237325).\n- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- PCI: brcmstb: Use internal register to change link capability (git-fixes).\n- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- PCI: hookup irq_get_affinity callback (bsc#1236896).\n- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).\n- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).\n- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- PM: sleep: Adjust check before setting power.must_resume (git-fixes).\n- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).\n- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)\n- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)\n- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- RDMA/efa: Reset device on probe failure (git-fixes)\n- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)\n- RDMA/hns: Fix missing xa_destroy() (git-fixes)\n- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)\n- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)\n- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).\n- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- RDMA/mlx5: Fix AH static rate parsing (git-fixes)\n- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)\n- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)\n- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)\n- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)\n- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)\n- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)\n- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)\n- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- RDMA/rxe: Improve newline in printing messages (git-fixes)\n- Reapply \"wifi: ath11k: restore country code during resume\" (bsc#1207948).\n- Revert \"blk-throttle: Fix IO hang for a corner case\" (git-fixes).\n- Revert \"dm: requeue IO if mapping table not yet available\" (git-fixes).\n- Revert \"drivers/card_reader/rtsx_usb: Restore interrupt based detection\" (git-fixes).\n- Revert \"drm/amd/display: Use HW lock mgr for PSR1\" (stable-fixes).\n- Revert \"leds-pca955x: Remove the unused function pca95xx_num_led_regs()\" (stable-fixes).\n- Revert \"wifi: ath11k: restore country code during resume\" (bsc#1207948).\n- Revert \"wifi: ath11k: support hibernation\" (bsc#1207948).\n- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).\n- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).\n- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).\n- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).\n- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).\n- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).\n- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).\n- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).\n- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).\n- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).\n- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).\n- USB: serial: option: drop MeiG Smart defines (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).\n- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- Update \"drm/mgag200: Added support for the new device G200eH5\" (jsc#PED-12094)\n- Use gcc-13 for build on SLE16 (jsc#PED-10028).\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acct: block access to kernel internal filesystems (git-fixes).\n- acct: perform last write from workqueue (git-fixes).\n- add nf_tables for iptables non-legacy network handling.\n- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).\n- af_unix: Annotate data-race of sk-\u003esk_state in unix_stream_read_skb() (bsc#1239435).\n- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).\n- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)\n- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)\n- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)\n- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)\n- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- batman-adv: Drop unmanaged ELP metric worker (git-fixes).\n- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- batman-adv: fix panic during interface removal (git-fixes).\n- bio-integrity: do not restrict the size of integrity metadata (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- blk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage (bsc#1237558).\n- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).\n- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).\n- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).\n- blk-mq: add number of queue calc helper (bsc#1236897).\n- blk-mq: create correct map for fallback case (bsc#1236896).\n- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).\n- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).\n- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).\n- blk-mq: move cpuhp callback registering out of q-\u003esysfs_lock (git-fixes).\n- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).\n- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).\n- blk_iocost: remove some duplicate irq disable/enables (git-fixes).\n- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).\n- block: Clear zone limits for a non-zoned stacked queue (git-fixes).\n- block: Fix elevator_get_default() checking for NULL q-\u003etag_set (git-fixes).\n- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).\n- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).\n- block: Provide bdev_open_* functions (git-fixes).\n- block: Remove special-casing of compound pages (git-fixes).\n- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).\n- block: add a disk_has_partscan helper (git-fixes).\n- block: add a partscan sysfs attribute for disks (git-fixes).\n- block: add check of \u0027minors\u0027 and \u0027first_minor\u0027 in device_add_disk() (git-fixes).\n- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).\n- block: change rq_integrity_vec to respect the iterator (git-fixes).\n- block: cleanup and fix batch completion adding conditions (git-fixes).\n- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).\n- block: do not revert iter for -EIOCBQUEUED (git-fixes).\n- block: ensure we hold a queue reference when using queue limits (git-fixes).\n- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).\n- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).\n- block: fix integer overflow in BLKSECDISCARD (git-fixes).\n- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).\n- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).\n- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).\n- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).\n- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).\n- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).\n- block: retry call probe after request_module in blk_request_module (git-fixes).\n- block: return unsigned int from bdev_io_min (git-fixes).\n- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).\n- block: support to account io_ticks precisely (git-fixes).\n- block: use the right type for stub rq_integrity_vec() (git-fixes).\n- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).\n- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).\n- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).\n- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).\n- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).\n- bpf: Fix a verifier verbose message (git-fixes).\n- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).\n- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).\n- bpf: prevent r10 register from being marked as precise (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).\n- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).\n- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).\n- can: ctucanfd: handle skb allocation failure (git-fixes).\n- can: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdx: Fix possible UAF error in driver_override_show() (git-fixes).\n- char: misc: deallocate static minor in error path (git-fixes).\n- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).\n- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).\n- cifs: Remove intermediate object of failed create reparse call (git-fixes).\n- cifs: commands that are retried should have replay flag set (bsc#1231432).\n- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).\n- cifs: helper function to check replayable error codes (bsc#1231432).\n- cifs: new mount option called retrans (bsc#1231432).\n- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).\n- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).\n- cifs: update desired access while requesting for directory lease (git-fixes).\n- cifs: update the same create_guid on replay (git-fixes).\n- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).\n- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).\n- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).\n- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).\n- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).\n- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).\n- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- config: Set gcc version (jsc#PED-12251).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)\n- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).\n- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)\n- cpufreq/cppc: Move and rename (bsc#1237856)\n- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)\n- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)\n- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).\n- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).\n- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).\n- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).\n- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).\n- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).\n- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).\n- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).\n- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).\n- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).\n- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).\n- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).\n- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).\n- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \"Invalide\" -\u003e \"Invalid\" (jsc#PED-12416).\n- crypto: qat - Fix typo \"accelaration\" (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \"Full Going True\" macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- cxgb4: Avoid removal of uninserted tid (git-fixes).\n- cxgb4: use port number to set mac addr (git-fixes).\n- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).\n- dlm: fix srcu_read_lock() return type to int (git-fixes).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).\n- dm: Fix typo in error message (git-fixes).\n- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).\n- doc/README.SUSE: Point to the updated version of LKMPG\n- doc: update managed_irq documentation (bsc#1236897).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).\n- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).\n- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Fix HPD after gpu reset (stable-fixes).\n- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).\n- drm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params (git-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).\n- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).\n- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).\n- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/amdkfd: only flush the validate MES contex (stable-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \"gettin\" -\u003e \"getting\" (git-fixes).\n- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).\n- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).\n- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).\n- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).\n- drm/i915/selftests: avoid using uninitialized context (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).\n- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).\n- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).\n- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)\n- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).\n- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).\n- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).\n- drm/msm: Avoid rounding up to one jiffy (git-fixes).\n- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).\n- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).\n- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).\n- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).\n- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/sched: Fix preprocessor guard (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/virtio: New fence for every plane update (stable-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).\n- efi: libstub: Use \u0027-std=gnu11\u0027 to fix build with GCC 15 (stable-fixes).\n- eth: gve: use appropriate helper to set xdp_features (git-fixes).\n- exfat: convert to ctime accessor functions (git-fixes).\n- exfat: do not zero the extended part (bsc#1237356).\n- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).\n- exfat: fix file being changed by unaligned direct write (git-fixes).\n- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).\n- exfat: fix zero the unwritten part for dio read (git-fixes).\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Remove async regmap writes (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- futex: Do not include process MM in futex key on no-MMU (git-fixes).\n- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).\n- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).\n- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).\n- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).\n- gpio: pca953x: Improve interrupt support (git-fixes).\n- gpio: rcar: Fix missing of_node_put() call (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).\n- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).\n- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).\n- gup: make the stack expansion warning a bit more targeted (bsc#1238214).\n- hfs: Sanity check the root record (git-fixes).\n- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).\n- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).\n- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).\n- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).\n- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: ls2x: Fix frequency division register access (git-fixes).\n- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- iavf: allow changing VLAN state without calling PF (git-fixes).\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).\n- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).\n- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).\n- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).\n- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).\n- ice: fix max values for dpll pin phase adjust (git-fixes).\n- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).\n- ice: gather page_count()\u0027s of each frag right before XDP prog call (git-fixes).\n- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).\n- ice: put Rx buffers after being done with current frame (git-fixes).\n- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).\n- ice: use internal pf id instead of function number (git-fixes).\n- idpf: add read memory barrier when checking descriptor done bit (git-fixes).\n- idpf: call set_real_num_queues in idpf_open (bsc#1236661).\n- idpf: convert workqueues to unbound (git-fixes).\n- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).\n- idpf: fix handling rsc packet with a single segment (git-fixes).\n- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).\n- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).\n- igc: return early when failing to read EECD register (git-fixes).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).\n- iio: dac: ad3552r: clear reset status flag (git-fixes).\n- iio: filter: admv8818: Force initialization of SDO (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- init: add initramfs_internal.h (bsc#1232848).\n- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kabi: fix bus type (bsc#1236896).\n- kabi: fix group_cpus_evenly (bsc#1236897).\n- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).\n- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).\n- kernel-source: Also replace bin/env\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).\n- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).\n- l2tp: fix lockdep splat (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).\n- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).\n- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lib: stackinit: hide never-taken branch from compiler (stable-fixes).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).\n- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).\n- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).\n- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).\n- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).\n- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).\n- md/md-bitmap: add \u0027sync_size\u0027 into struct md_bitmap_stats (git-fixes).\n- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).\n- md/md-cluster: fix spares warnings for __le64 (git-fixes).\n- md/raid0: do not free conf on raid0_run failure (git-fixes).\n- md/raid1: do not free conf on raid0_run failure (git-fixes).\n- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).\n- md: Do not flush sync_work in md_write_start() (git-fixes).\n- md: convert comma to semicolon (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).\n- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).\n- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: ov08x40: Fix hblank out of range issue (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).\n- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).\n- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- memblock tests: fix warning: \"__ALIGN_KERNEL\" redefined (git-fixes).\n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).\n- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- mptcp: export local_address (git-fixes)\n- mptcp: fix NL PM announced address accounting (git-fixes)\n- mptcp: fix data races on local_id (git-fixes)\n- mptcp: fix inconsistent state on fastopen race (bsc#1222672).\n- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)\n- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)\n- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)\n- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)\n- mptcp: pm: deny endp with signal + subflow + port (git-fixes)\n- mptcp: pm: do not ignore \u0027subflow\u0027 if \u0027signal\u0027 flag is also set (git-fixes)\n- mptcp: pm: do not try to create sf if alloc failed (git-fixes)\n- mptcp: pm: fullmesh: select the right ID later (git-fixes)\n- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)\n- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)\n- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)\n- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)\n- mptcp: pm: re-using ID of unused removed subflows (git-fixes)\n- mptcp: pm: reduce indentation blocks (git-fixes)\n- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)\n- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)\n- mptcp: unify pm get_local_id interfaces (git-fixes)\n- mptcp: unify pm set_flags interfaces (git-fixes)\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).\n- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).\n- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).\n- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).\n- nbd: Fix signal handling (git-fixes).\n- nbd: Improve the documentation of the locking assumptions (git-fixes).\n- nbd: do not allow reconnect after disconnect (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- net l2tp: drop flow hash on forward (git-fixes).\n- net/mlx5: Correct TASR typo into TSAR (git-fixes).\n- net/mlx5: Fix RDMA TX steering prio (git-fixes).\n- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).\n- net/mlx5: SF, Fix add port error handling (git-fixes).\n- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).\n- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).\n- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).\n- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).\n- net: Fix undefined behavior in netdev name allocation (bsc#1233749).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: avoid UAF on deleted altname (bsc#1233749).\n- net: check for altname conflicts when changing netdev\u0027s netns (bsc#1233749).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).\n- net: do not send a MOVE event when netdev changes netns (bsc#1233749).\n- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).\n- net: fix ifname in netlink ntf during netns move (bsc#1233749).\n- net: fix removing a namespace with conflicting altnames (bsc#1233749).\n- net: free altname using an RCU callback (bsc#1233749).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: Cleanup \"mana\" debugfs dir after cleanup of all children (bsc#1236760).\n- net: mana: Enable debugfs files for MANA device (bsc#1236758).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: move altnames together with the netdevice (bsc#1233749).\n- net: netvsc: Update default VMBus channels (bsc#1236757).\n- net: reduce indentation of __dev_alloc_name() (bsc#1233749).\n- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).\n- net: remove else after return in dev_prep_valid_name() (bsc#1233749).\n- net: rose: lock the socket in rose_bind() (git-fixes).\n- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).\n- net: smc: fix spurious error message from __sock_release() (bsc#1237126).\n- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- nfsd: clear acl_access/acl_default after releasing them (git-fixes).\n- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).\n- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).\n- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).\n- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).\n- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).\n- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).\n- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).\n- null_blk: fix validation of block size (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).\n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-fc: use ctrl state getter (git-fixes).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).\n- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme/ioctl: add missing space in err message (git-fixes).\n- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: make nvme_tls_attrs_group static (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- nvme: tcp: Fix compilation warning with W=1 (git-fixes).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet: Fix crash when a namespace is disabled (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- orangefs: fix a oob in orangefs_debug_write (git-fixes).\n- padata: Clean up in padata_do_multithreaded() (bsc#1237563).\n- padata: Honor the caller\u0027s alignment in case of chunk_size 0 (bsc#1237563).\n- padata: fix sysfs store callback check (git-fixes).\n- partitions: ldm: remove the initial kernel-doc notation (git-fixes).\n- partitions: mac: fix handling of bogus partition table (git-fixes).\n- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).\n- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).\n- phy: tegra: xusb: reset VBUS \u0026 ID OVERRIDE (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).\n- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).\n- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- platform/x86: ISST: Ignore minor version change (bsc#1237452).\n- platform/x86: acer-wmi: Ignore AC events (stable-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: int3472: Check for adev == NULL (stable-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).\n- power: supply: da9150-fg: fix potential overflow (git-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).\n- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).\n- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).\n- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (ltc#210895 bsc#1235933 ltc#210896\n bsc#1235932).\n- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).\n- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).\n- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).\n- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).\n- rapidio: fix an API misues when rio_add_net() fails (git-fixes).\n- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).\n- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).\n- rbd: do not move requests to the running list on errors (git-fixes).\n- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).\n- regmap-irq: Add missing kfree() (git-fixes).\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)\n- s390/cio: rename bitmap_size() -\u003e idset_bitmap_size() (git-fixes bsc#1236205).\n- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).\n- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).\n- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).\n- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).\n- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).\n- s390/pci: Ignore RID for isolated VFs (bsc#1236752).\n- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).\n- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).\n- s390/pci: Use topology ID for multi-function devices (bsc#1236752).\n- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/topology: Improve topology detection (bsc#1236591).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).\n- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).\n- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).\n- scsi: core: Clear driver private data when retrying request (git-fixes).\n- scsi: core: Do not retry I/Os during depopulation (git-fixes).\n- scsi: core: Handle depopulation and restoration in progress (git-fixes).\n- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).\n- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).\n- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).\n- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).\n- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).\n- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).\n- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).\n- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).\n- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).\n- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).\n- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).\n- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).\n- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).\n- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).\n- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).\n- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).\n- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).\n- scsi: myrb: Remove dead code (git-fixes).\n- scsi: qedi: Fix potential deadlock on \u0026qedi_percpu-\u003ep_work_lock (git-fixes).\n- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).\n- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).\n- scsi: sg: Enable runtime power management (git-fixes).\n- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).\n- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).\n- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).\n- scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- selftest: hugetlb_dio: fix test naming (git-fixes).\n- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).\n- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).\n- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).\n- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).\n- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).\n- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).\n- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).\n- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: connect: -f: no reconnect (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- serial: 8250: Fix fifo underflow on flush (git-fixes).\n- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).\n- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).\n- smb3: fix creating FIFOs when mounting with \"sfu\" mount option (git-fixes).\n- smb3: request handle caching when caching directories (bsc#1231432).\n- smb3: retrying on failed server close (bsc#1231432).\n- smb: cached directories can be more than root file handle (bsc#1231432).\n- smb: cilent: set reparse mount points as automounts (git-fixes).\n- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).\n- smb: client: Fix minor whitespace errors and warnings (git-fixes).\n- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).\n- smb: client: add support for WSL reparse points (git-fixes).\n- smb: client: allow creating special files via reparse points (git-fixes).\n- smb: client: allow creating symlinks via reparse points (git-fixes).\n- smb: client: cleanup smb2_query_reparse_point() (git-fixes).\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- smb: client: do not query reparse points twice on symlinks (git-fixes).\n- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).\n- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).\n- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).\n- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).\n- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).\n- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).\n- smb: client: fix hardlinking of reparse points (git-fixes).\n- smb: client: fix missing mode bits for SMB symlinks (git-fixes).\n- smb: client: fix possible double free in smb2_set_ea() (git-fixes).\n- smb: client: fix potential broken compound request (git-fixes).\n- smb: client: fix renaming of reparse points (git-fixes).\n- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).\n- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).\n- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).\n- smb: client: handle path separator of created SMB symlinks (git-fixes).\n- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).\n- smb: client: ignore unhandled reparse tags (git-fixes).\n- smb: client: implement -\u003equery_reparse_point() for SMB1 (git-fixes).\n- smb: client: instantiate when creating SFU files (git-fixes).\n- smb: client: introduce -\u003eparse_reparse_point() (git-fixes).\n- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).\n- smb: client: introduce cifs_sfu_make_node() (git-fixes).\n- smb: client: introduce reparse mount option (git-fixes).\n- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).\n- smb: client: move most of reparse point handling code to common file (git-fixes).\n- smb: client: move some params to cifs_open_info_data (bsc#1231432).\n- smb: client: optimise reparse point querying (git-fixes).\n- smb: client: parse owner/group when creating reparse points (git-fixes).\n- smb: client: parse reparse point flag in create response (bsc#1231432).\n- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).\n- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).\n- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).\n- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).\n- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).\n- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).\n- smb: client: retry compound request without reusing lease (git-fixes).\n- smb: client: return reparse type in /proc/mounts (git-fixes).\n- smb: client: reuse file lease key in compound operations (git-fixes).\n- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).\n- smb: client: set correct file type from NFS reparse points (git-fixes).\n- smb: client: stop revalidating reparse points unnecessarily (git-fixes).\n- smb: use kernel_connect() and kernel_bind() (git-fixes).\n- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).\n- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).\n- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).\n- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- spi: sn-f-ospi: Fix division by zero (git-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- sunrpc: suppress warnings for unused procfs functions (git-fixes).\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: Update window clamping condition (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).\n- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).\n- tools: fix annoying \"mkdir -p ...\" logs when building tools in parallel (git-fixes).\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- tty: xilinx_uartps: split sysrq handling (git-fixes).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- ublk: fix error code for unsupported command (git-fixes).\n- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).\n- ublk: move ublk_cancel_dev() out of ub-\u003emutex (git-fixes).\n- ublk: move zone report data out of request pdu (git-fixes).\n- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).\n- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).\n- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).\n- usb: chipidea: ci_hdrc_imx: decrement device\u0027s refcount in .remove() and in the error path of .probe() (git-fixes).\n- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).\n- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).\n- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).\n- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).\n- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).\n- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).\n- usb: gadget: Fix setting self-powered state on suspend (git-fixes).\n- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).\n- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).\n- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).\n- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).\n- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).\n- usb: hub: lack of clearing xHC resources (git-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).\n- usb: renesas_usbhs: Call clk_put() (git-fixes).\n- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).\n- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).\n- usb: roles: set switch registered flag early on (git-fixes).\n- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).\n- usb: typec: ucsi: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).\n- usbnet: ipheth: document scope of NCM implementation (stable-fixes).\n- util_macros.h: fix/rework find_closest() macros (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- vfio/pci: Lock external INTx masking ops (bsc#1222803).\n- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).\n- virtio-mem: check if the config changed before fake offlining memory (git-fixes).\n- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).\n- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).\n- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).\n- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- virtio: hookup irq_get_affinity callback (bsc#1236896).\n- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).\n- vsock/virtio: cancel close work in the destructor (git-fixes)\n- vsock: Keep the binding until socket destruction (git-fixes)\n- vsock: reset socket state when de-assigning the transport (git-fixes)\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).\n- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).\n- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).\n- wifi: iwlwifi: avoid memory leak (stable-fixes).\n- wifi: iwlwifi: limit printed string from FW file (git-fixes).\n- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).\n- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).\n- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).\n- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/asm: Make serialize() always_inline (git-fixes).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).\n- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \"nosmt\" correctly (git-fixes).\n- x86/microcode: Handle \"offline\" CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).\n- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).\n- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).\n- xen/swiotlb: relax alignment requirements (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n- zram: clear IDLE flag after recompression (git-fixes).\n- zram: clear IDLE flag in mark_idle() (git-fixes).\n- zram: do not mark idle slots that cannot be idle (git-fixes).\n- zram: fix potential UAF of zram table (git-fixes).\n- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).\n- zram: refuse to use zero sized block device as backing device (git-fixes).\n- zram: split memory-tracking and ac-time tracking (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-8",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20260-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20260-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520260-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20260-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021058.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215211",
"url": "https://bugzilla.suse.com/1215211"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1219367",
"url": "https://bugzilla.suse.com/1219367"
},
{
"category": "self",
"summary": "SUSE Bug 1221651",
"url": "https://bugzilla.suse.com/1221651"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1222672",
"url": "https://bugzilla.suse.com/1222672"
},
{
"category": "self",
"summary": "SUSE Bug 1222803",
"url": "https://bugzilla.suse.com/1222803"
},
{
"category": "self",
"summary": "SUSE Bug 1223047",
"url": "https://bugzilla.suse.com/1223047"
},
{
"category": "self",
"summary": "SUSE Bug 1224049",
"url": "https://bugzilla.suse.com/1224049"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224610",
"url": "https://bugzilla.suse.com/1224610"
},
{
"category": "self",
"summary": "SUSE Bug 1225533",
"url": "https://bugzilla.suse.com/1225533"
},
{
"category": "self",
"summary": "SUSE Bug 1225606",
"url": "https://bugzilla.suse.com/1225606"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1225981",
"url": "https://bugzilla.suse.com/1225981"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1227937",
"url": "https://bugzilla.suse.com/1227937"
},
{
"category": "self",
"summary": "SUSE Bug 1228521",
"url": "https://bugzilla.suse.com/1228521"
},
{
"category": "self",
"summary": "SUSE Bug 1228653",
"url": "https://bugzilla.suse.com/1228653"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1229361",
"url": "https://bugzilla.suse.com/1229361"
},
{
"category": "self",
"summary": "SUSE Bug 1230235",
"url": "https://bugzilla.suse.com/1230235"
},
{
"category": "self",
"summary": "SUSE Bug 1230438",
"url": "https://bugzilla.suse.com/1230438"
},
{
"category": "self",
"summary": "SUSE Bug 1230439",
"url": "https://bugzilla.suse.com/1230439"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230728",
"url": "https://bugzilla.suse.com/1230728"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1230832",
"url": "https://bugzilla.suse.com/1230832"
},
{
"category": "self",
"summary": "SUSE Bug 1231088",
"url": "https://bugzilla.suse.com/1231088"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231432",
"url": "https://bugzilla.suse.com/1231432"
},
{
"category": "self",
"summary": "SUSE Bug 1231912",
"url": "https://bugzilla.suse.com/1231912"
},
{
"category": "self",
"summary": "SUSE Bug 1231920",
"url": "https://bugzilla.suse.com/1231920"
},
{
"category": "self",
"summary": "SUSE Bug 1231949",
"url": "https://bugzilla.suse.com/1231949"
},
{
"category": "self",
"summary": "SUSE Bug 1232159",
"url": "https://bugzilla.suse.com/1232159"
},
{
"category": "self",
"summary": "SUSE Bug 1232198",
"url": "https://bugzilla.suse.com/1232198"
},
{
"category": "self",
"summary": "SUSE Bug 1232201",
"url": "https://bugzilla.suse.com/1232201"
},
{
"category": "self",
"summary": "SUSE Bug 1232299",
"url": "https://bugzilla.suse.com/1232299"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232421",
"url": "https://bugzilla.suse.com/1232421"
},
{
"category": "self",
"summary": "SUSE Bug 1232508",
"url": "https://bugzilla.suse.com/1232508"
},
{
"category": "self",
"summary": "SUSE Bug 1232520",
"url": "https://bugzilla.suse.com/1232520"
},
{
"category": "self",
"summary": "SUSE Bug 1232743",
"url": "https://bugzilla.suse.com/1232743"
},
{
"category": "self",
"summary": "SUSE Bug 1232812",
"url": "https://bugzilla.suse.com/1232812"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1233028",
"url": "https://bugzilla.suse.com/1233028"
},
{
"category": "self",
"summary": "SUSE Bug 1233033",
"url": "https://bugzilla.suse.com/1233033"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233109",
"url": "https://bugzilla.suse.com/1233109"
},
{
"category": "self",
"summary": "SUSE Bug 1233221",
"url": "https://bugzilla.suse.com/1233221"
},
{
"category": "self",
"summary": "SUSE Bug 1233248",
"url": "https://bugzilla.suse.com/1233248"
},
{
"category": "self",
"summary": "SUSE Bug 1233259",
"url": "https://bugzilla.suse.com/1233259"
},
{
"category": "self",
"summary": "SUSE Bug 1233260",
"url": "https://bugzilla.suse.com/1233260"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233483",
"url": "https://bugzilla.suse.com/1233483"
},
{
"category": "self",
"summary": "SUSE Bug 1233522",
"url": "https://bugzilla.suse.com/1233522"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233749",
"url": "https://bugzilla.suse.com/1233749"
},
{
"category": "self",
"summary": "SUSE Bug 1234070",
"url": "https://bugzilla.suse.com/1234070"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234853",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "self",
"summary": "SUSE Bug 1234857",
"url": "https://bugzilla.suse.com/1234857"
},
{
"category": "self",
"summary": "SUSE Bug 1234891",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "self",
"summary": "SUSE Bug 1234894",
"url": "https://bugzilla.suse.com/1234894"
},
{
"category": "self",
"summary": "SUSE Bug 1234895",
"url": "https://bugzilla.suse.com/1234895"
},
{
"category": "self",
"summary": "SUSE Bug 1234896",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1234963",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "self",
"summary": "SUSE Bug 1235054",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "self",
"summary": "SUSE Bug 1235061",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "self",
"summary": "SUSE Bug 1235073",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "self",
"summary": "SUSE Bug 1235244",
"url": "https://bugzilla.suse.com/1235244"
},
{
"category": "self",
"summary": "SUSE Bug 1235435",
"url": "https://bugzilla.suse.com/1235435"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235441",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235485",
"url": "https://bugzilla.suse.com/1235485"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235592",
"url": "https://bugzilla.suse.com/1235592"
},
{
"category": "self",
"summary": "SUSE Bug 1235599",
"url": "https://bugzilla.suse.com/1235599"
},
{
"category": "self",
"summary": "SUSE Bug 1235609",
"url": "https://bugzilla.suse.com/1235609"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235698",
"url": "https://bugzilla.suse.com/1235698"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235761",
"url": "https://bugzilla.suse.com/1235761"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235874",
"url": "https://bugzilla.suse.com/1235874"
},
{
"category": "self",
"summary": "SUSE Bug 1235914",
"url": "https://bugzilla.suse.com/1235914"
},
{
"category": "self",
"summary": "SUSE Bug 1235932",
"url": "https://bugzilla.suse.com/1235932"
},
{
"category": "self",
"summary": "SUSE Bug 1235933",
"url": "https://bugzilla.suse.com/1235933"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236099",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236113",
"url": "https://bugzilla.suse.com/1236113"
},
{
"category": "self",
"summary": "SUSE Bug 1236114",
"url": "https://bugzilla.suse.com/1236114"
},
{
"category": "self",
"summary": "SUSE Bug 1236115",
"url": "https://bugzilla.suse.com/1236115"
},
{
"category": "self",
"summary": "SUSE Bug 1236122",
"url": "https://bugzilla.suse.com/1236122"
},
{
"category": "self",
"summary": "SUSE Bug 1236123",
"url": "https://bugzilla.suse.com/1236123"
},
{
"category": "self",
"summary": "SUSE Bug 1236133",
"url": "https://bugzilla.suse.com/1236133"
},
{
"category": "self",
"summary": "SUSE Bug 1236138",
"url": "https://bugzilla.suse.com/1236138"
},
{
"category": "self",
"summary": "SUSE Bug 1236199",
"url": "https://bugzilla.suse.com/1236199"
},
{
"category": "self",
"summary": "SUSE Bug 1236200",
"url": "https://bugzilla.suse.com/1236200"
},
{
"category": "self",
"summary": "SUSE Bug 1236203",
"url": "https://bugzilla.suse.com/1236203"
},
{
"category": "self",
"summary": "SUSE Bug 1236205",
"url": "https://bugzilla.suse.com/1236205"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236573",
"url": "https://bugzilla.suse.com/1236573"
},
{
"category": "self",
"summary": "SUSE Bug 1236575",
"url": "https://bugzilla.suse.com/1236575"
},
{
"category": "self",
"summary": "SUSE Bug 1236576",
"url": "https://bugzilla.suse.com/1236576"
},
{
"category": "self",
"summary": "SUSE Bug 1236591",
"url": "https://bugzilla.suse.com/1236591"
},
{
"category": "self",
"summary": "SUSE Bug 1236661",
"url": "https://bugzilla.suse.com/1236661"
},
{
"category": "self",
"summary": "SUSE Bug 1236677",
"url": "https://bugzilla.suse.com/1236677"
},
{
"category": "self",
"summary": "SUSE Bug 1236680",
"url": "https://bugzilla.suse.com/1236680"
},
{
"category": "self",
"summary": "SUSE Bug 1236681",
"url": "https://bugzilla.suse.com/1236681"
},
{
"category": "self",
"summary": "SUSE Bug 1236682",
"url": "https://bugzilla.suse.com/1236682"
},
{
"category": "self",
"summary": "SUSE Bug 1236683",
"url": "https://bugzilla.suse.com/1236683"
},
{
"category": "self",
"summary": "SUSE Bug 1236684",
"url": "https://bugzilla.suse.com/1236684"
},
{
"category": "self",
"summary": "SUSE Bug 1236685",
"url": "https://bugzilla.suse.com/1236685"
},
{
"category": "self",
"summary": "SUSE Bug 1236689",
"url": "https://bugzilla.suse.com/1236689"
},
{
"category": "self",
"summary": "SUSE Bug 1236692",
"url": "https://bugzilla.suse.com/1236692"
},
{
"category": "self",
"summary": "SUSE Bug 1236694",
"url": "https://bugzilla.suse.com/1236694"
},
{
"category": "self",
"summary": "SUSE Bug 1236698",
"url": "https://bugzilla.suse.com/1236698"
},
{
"category": "self",
"summary": "SUSE Bug 1236700",
"url": "https://bugzilla.suse.com/1236700"
},
{
"category": "self",
"summary": "SUSE Bug 1236702",
"url": "https://bugzilla.suse.com/1236702"
},
{
"category": "self",
"summary": "SUSE Bug 1236752",
"url": "https://bugzilla.suse.com/1236752"
},
{
"category": "self",
"summary": "SUSE Bug 1236757",
"url": "https://bugzilla.suse.com/1236757"
},
{
"category": "self",
"summary": "SUSE Bug 1236758",
"url": "https://bugzilla.suse.com/1236758"
},
{
"category": "self",
"summary": "SUSE Bug 1236759",
"url": "https://bugzilla.suse.com/1236759"
},
{
"category": "self",
"summary": "SUSE Bug 1236760",
"url": "https://bugzilla.suse.com/1236760"
},
{
"category": "self",
"summary": "SUSE Bug 1236761",
"url": "https://bugzilla.suse.com/1236761"
},
{
"category": "self",
"summary": "SUSE Bug 1236821",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "self",
"summary": "SUSE Bug 1236822",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "self",
"summary": "SUSE Bug 1236896",
"url": "https://bugzilla.suse.com/1236896"
},
{
"category": "self",
"summary": "SUSE Bug 1236897",
"url": "https://bugzilla.suse.com/1236897"
},
{
"category": "self",
"summary": "SUSE Bug 1236952",
"url": "https://bugzilla.suse.com/1236952"
},
{
"category": "self",
"summary": "SUSE Bug 1236967",
"url": "https://bugzilla.suse.com/1236967"
},
{
"category": "self",
"summary": "SUSE Bug 1236994",
"url": "https://bugzilla.suse.com/1236994"
},
{
"category": "self",
"summary": "SUSE Bug 1237007",
"url": "https://bugzilla.suse.com/1237007"
},
{
"category": "self",
"summary": "SUSE Bug 1237017",
"url": "https://bugzilla.suse.com/1237017"
},
{
"category": "self",
"summary": "SUSE Bug 1237025",
"url": "https://bugzilla.suse.com/1237025"
},
{
"category": "self",
"summary": "SUSE Bug 1237028",
"url": "https://bugzilla.suse.com/1237028"
},
{
"category": "self",
"summary": "SUSE Bug 1237029",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "self",
"summary": "SUSE Bug 1237045",
"url": "https://bugzilla.suse.com/1237045"
},
{
"category": "self",
"summary": "SUSE Bug 1237126",
"url": "https://bugzilla.suse.com/1237126"
},
{
"category": "self",
"summary": "SUSE Bug 1237132",
"url": "https://bugzilla.suse.com/1237132"
},
{
"category": "self",
"summary": "SUSE Bug 1237139",
"url": "https://bugzilla.suse.com/1237139"
},
{
"category": "self",
"summary": "SUSE Bug 1237155",
"url": "https://bugzilla.suse.com/1237155"
},
{
"category": "self",
"summary": "SUSE Bug 1237158",
"url": "https://bugzilla.suse.com/1237158"
},
{
"category": "self",
"summary": "SUSE Bug 1237159",
"url": "https://bugzilla.suse.com/1237159"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237232",
"url": "https://bugzilla.suse.com/1237232"
},
{
"category": "self",
"summary": "SUSE Bug 1237234",
"url": "https://bugzilla.suse.com/1237234"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237325",
"url": "https://bugzilla.suse.com/1237325"
},
{
"category": "self",
"summary": "SUSE Bug 1237356",
"url": "https://bugzilla.suse.com/1237356"
},
{
"category": "self",
"summary": "SUSE Bug 1237415",
"url": "https://bugzilla.suse.com/1237415"
},
{
"category": "self",
"summary": "SUSE Bug 1237452",
"url": "https://bugzilla.suse.com/1237452"
},
{
"category": "self",
"summary": "SUSE Bug 1237504",
"url": "https://bugzilla.suse.com/1237504"
},
{
"category": "self",
"summary": "SUSE Bug 1237521",
"url": "https://bugzilla.suse.com/1237521"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237558",
"url": "https://bugzilla.suse.com/1237558"
},
{
"category": "self",
"summary": "SUSE Bug 1237562",
"url": "https://bugzilla.suse.com/1237562"
},
{
"category": "self",
"summary": "SUSE Bug 1237563",
"url": "https://bugzilla.suse.com/1237563"
},
{
"category": "self",
"summary": "SUSE Bug 1237565",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "self",
"summary": "SUSE Bug 1237571",
"url": "https://bugzilla.suse.com/1237571"
},
{
"category": "self",
"summary": "SUSE Bug 1237848",
"url": "https://bugzilla.suse.com/1237848"
},
{
"category": "self",
"summary": "SUSE Bug 1237849",
"url": "https://bugzilla.suse.com/1237849"
},
{
"category": "self",
"summary": "SUSE Bug 1237853",
"url": "https://bugzilla.suse.com/1237853"
},
{
"category": "self",
"summary": "SUSE Bug 1237856",
"url": "https://bugzilla.suse.com/1237856"
},
{
"category": "self",
"summary": "SUSE Bug 1237873",
"url": "https://bugzilla.suse.com/1237873"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237876",
"url": "https://bugzilla.suse.com/1237876"
},
{
"category": "self",
"summary": "SUSE Bug 1237877",
"url": "https://bugzilla.suse.com/1237877"
},
{
"category": "self",
"summary": "SUSE Bug 1237879",
"url": "https://bugzilla.suse.com/1237879"
},
{
"category": "self",
"summary": "SUSE Bug 1237881",
"url": "https://bugzilla.suse.com/1237881"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237889",
"url": "https://bugzilla.suse.com/1237889"
},
{
"category": "self",
"summary": "SUSE Bug 1237890",
"url": "https://bugzilla.suse.com/1237890"
},
{
"category": "self",
"summary": "SUSE Bug 1237891",
"url": "https://bugzilla.suse.com/1237891"
},
{
"category": "self",
"summary": "SUSE Bug 1237894",
"url": "https://bugzilla.suse.com/1237894"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237900",
"url": "https://bugzilla.suse.com/1237900"
},
{
"category": "self",
"summary": "SUSE Bug 1237901",
"url": "https://bugzilla.suse.com/1237901"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1237907",
"url": "https://bugzilla.suse.com/1237907"
},
{
"category": "self",
"summary": "SUSE Bug 1237911",
"url": "https://bugzilla.suse.com/1237911"
},
{
"category": "self",
"summary": "SUSE Bug 1237912",
"url": "https://bugzilla.suse.com/1237912"
},
{
"category": "self",
"summary": "SUSE Bug 1237950",
"url": "https://bugzilla.suse.com/1237950"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238214",
"url": "https://bugzilla.suse.com/1238214"
},
{
"category": "self",
"summary": "SUSE Bug 1238303",
"url": "https://bugzilla.suse.com/1238303"
},
{
"category": "self",
"summary": "SUSE Bug 1238347",
"url": "https://bugzilla.suse.com/1238347"
},
{
"category": "self",
"summary": "SUSE Bug 1238368",
"url": "https://bugzilla.suse.com/1238368"
},
{
"category": "self",
"summary": "SUSE Bug 1238474",
"url": "https://bugzilla.suse.com/1238474"
},
{
"category": "self",
"summary": "SUSE Bug 1238475",
"url": "https://bugzilla.suse.com/1238475"
},
{
"category": "self",
"summary": "SUSE Bug 1238479",
"url": "https://bugzilla.suse.com/1238479"
},
{
"category": "self",
"summary": "SUSE Bug 1238494",
"url": "https://bugzilla.suse.com/1238494"
},
{
"category": "self",
"summary": "SUSE Bug 1238496",
"url": "https://bugzilla.suse.com/1238496"
},
{
"category": "self",
"summary": "SUSE Bug 1238497",
"url": "https://bugzilla.suse.com/1238497"
},
{
"category": "self",
"summary": "SUSE Bug 1238500",
"url": "https://bugzilla.suse.com/1238500"
},
{
"category": "self",
"summary": "SUSE Bug 1238501",
"url": "https://bugzilla.suse.com/1238501"
},
{
"category": "self",
"summary": "SUSE Bug 1238502",
"url": "https://bugzilla.suse.com/1238502"
},
{
"category": "self",
"summary": "SUSE Bug 1238503",
"url": "https://bugzilla.suse.com/1238503"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238507",
"url": "https://bugzilla.suse.com/1238507"
},
{
"category": "self",
"summary": "SUSE Bug 1238509",
"url": "https://bugzilla.suse.com/1238509"
},
{
"category": "self",
"summary": "SUSE Bug 1238510",
"url": "https://bugzilla.suse.com/1238510"
},
{
"category": "self",
"summary": "SUSE Bug 1238511",
"url": "https://bugzilla.suse.com/1238511"
},
{
"category": "self",
"summary": "SUSE Bug 1238512",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "self",
"summary": "SUSE Bug 1238521",
"url": "https://bugzilla.suse.com/1238521"
},
{
"category": "self",
"summary": "SUSE Bug 1238523",
"url": "https://bugzilla.suse.com/1238523"
},
{
"category": "self",
"summary": "SUSE Bug 1238525",
"url": "https://bugzilla.suse.com/1238525"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238529",
"url": "https://bugzilla.suse.com/1238529"
},
{
"category": "self",
"summary": "SUSE Bug 1238531",
"url": "https://bugzilla.suse.com/1238531"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238570",
"url": "https://bugzilla.suse.com/1238570"
},
{
"category": "self",
"summary": "SUSE Bug 1238715",
"url": "https://bugzilla.suse.com/1238715"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238734",
"url": "https://bugzilla.suse.com/1238734"
},
{
"category": "self",
"summary": "SUSE Bug 1238735",
"url": "https://bugzilla.suse.com/1238735"
},
{
"category": "self",
"summary": "SUSE Bug 1238736",
"url": "https://bugzilla.suse.com/1238736"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238739",
"url": "https://bugzilla.suse.com/1238739"
},
{
"category": "self",
"summary": "SUSE Bug 1238747",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "self",
"summary": "SUSE Bug 1238751",
"url": "https://bugzilla.suse.com/1238751"
},
{
"category": "self",
"summary": "SUSE Bug 1238753",
"url": "https://bugzilla.suse.com/1238753"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238757",
"url": "https://bugzilla.suse.com/1238757"
},
{
"category": "self",
"summary": "SUSE Bug 1238759",
"url": "https://bugzilla.suse.com/1238759"
},
{
"category": "self",
"summary": "SUSE Bug 1238760",
"url": "https://bugzilla.suse.com/1238760"
},
{
"category": "self",
"summary": "SUSE Bug 1238762",
"url": "https://bugzilla.suse.com/1238762"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238767",
"url": "https://bugzilla.suse.com/1238767"
},
{
"category": "self",
"summary": "SUSE Bug 1238768",
"url": "https://bugzilla.suse.com/1238768"
},
{
"category": "self",
"summary": "SUSE Bug 1238771",
"url": "https://bugzilla.suse.com/1238771"
},
{
"category": "self",
"summary": "SUSE Bug 1238772",
"url": "https://bugzilla.suse.com/1238772"
},
{
"category": "self",
"summary": "SUSE Bug 1238773",
"url": "https://bugzilla.suse.com/1238773"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238781",
"url": "https://bugzilla.suse.com/1238781"
},
{
"category": "self",
"summary": "SUSE Bug 1238785",
"url": "https://bugzilla.suse.com/1238785"
},
{
"category": "self",
"summary": "SUSE Bug 1238860",
"url": "https://bugzilla.suse.com/1238860"
},
{
"category": "self",
"summary": "SUSE Bug 1238863",
"url": "https://bugzilla.suse.com/1238863"
},
{
"category": "self",
"summary": "SUSE Bug 1238864",
"url": "https://bugzilla.suse.com/1238864"
},
{
"category": "self",
"summary": "SUSE Bug 1238865",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1238877",
"url": "https://bugzilla.suse.com/1238877"
},
{
"category": "self",
"summary": "SUSE Bug 1238903",
"url": "https://bugzilla.suse.com/1238903"
},
{
"category": "self",
"summary": "SUSE Bug 1238904",
"url": "https://bugzilla.suse.com/1238904"
},
{
"category": "self",
"summary": "SUSE Bug 1238905",
"url": "https://bugzilla.suse.com/1238905"
},
{
"category": "self",
"summary": "SUSE Bug 1238909",
"url": "https://bugzilla.suse.com/1238909"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238917",
"url": "https://bugzilla.suse.com/1238917"
},
{
"category": "self",
"summary": "SUSE Bug 1238958",
"url": "https://bugzilla.suse.com/1238958"
},
{
"category": "self",
"summary": "SUSE Bug 1238959",
"url": "https://bugzilla.suse.com/1238959"
},
{
"category": "self",
"summary": "SUSE Bug 1238963",
"url": "https://bugzilla.suse.com/1238963"
},
{
"category": "self",
"summary": "SUSE Bug 1238964",
"url": "https://bugzilla.suse.com/1238964"
},
{
"category": "self",
"summary": "SUSE Bug 1238969",
"url": "https://bugzilla.suse.com/1238969"
},
{
"category": "self",
"summary": "SUSE Bug 1238971",
"url": "https://bugzilla.suse.com/1238971"
},
{
"category": "self",
"summary": "SUSE Bug 1238973",
"url": "https://bugzilla.suse.com/1238973"
},
{
"category": "self",
"summary": "SUSE Bug 1238975",
"url": "https://bugzilla.suse.com/1238975"
},
{
"category": "self",
"summary": "SUSE Bug 1238978",
"url": "https://bugzilla.suse.com/1238978"
},
{
"category": "self",
"summary": "SUSE Bug 1238979",
"url": "https://bugzilla.suse.com/1238979"
},
{
"category": "self",
"summary": "SUSE Bug 1238981",
"url": "https://bugzilla.suse.com/1238981"
},
{
"category": "self",
"summary": "SUSE Bug 1238984",
"url": "https://bugzilla.suse.com/1238984"
},
{
"category": "self",
"summary": "SUSE Bug 1238986",
"url": "https://bugzilla.suse.com/1238986"
},
{
"category": "self",
"summary": "SUSE Bug 1238993",
"url": "https://bugzilla.suse.com/1238993"
},
{
"category": "self",
"summary": "SUSE Bug 1238994",
"url": "https://bugzilla.suse.com/1238994"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239027",
"url": "https://bugzilla.suse.com/1239027"
},
{
"category": "self",
"summary": "SUSE Bug 1239029",
"url": "https://bugzilla.suse.com/1239029"
},
{
"category": "self",
"summary": "SUSE Bug 1239030",
"url": "https://bugzilla.suse.com/1239030"
},
{
"category": "self",
"summary": "SUSE Bug 1239033",
"url": "https://bugzilla.suse.com/1239033"
},
{
"category": "self",
"summary": "SUSE Bug 1239034",
"url": "https://bugzilla.suse.com/1239034"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239037",
"url": "https://bugzilla.suse.com/1239037"
},
{
"category": "self",
"summary": "SUSE Bug 1239038",
"url": "https://bugzilla.suse.com/1239038"
},
{
"category": "self",
"summary": "SUSE Bug 1239039",
"url": "https://bugzilla.suse.com/1239039"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239065",
"url": "https://bugzilla.suse.com/1239065"
},
{
"category": "self",
"summary": "SUSE Bug 1239068",
"url": "https://bugzilla.suse.com/1239068"
},
{
"category": "self",
"summary": "SUSE Bug 1239073",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "self",
"summary": "SUSE Bug 1239076",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "self",
"summary": "SUSE Bug 1239080",
"url": "https://bugzilla.suse.com/1239080"
},
{
"category": "self",
"summary": "SUSE Bug 1239085",
"url": "https://bugzilla.suse.com/1239085"
},
{
"category": "self",
"summary": "SUSE Bug 1239087",
"url": "https://bugzilla.suse.com/1239087"
},
{
"category": "self",
"summary": "SUSE Bug 1239095",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "self",
"summary": "SUSE Bug 1239104",
"url": "https://bugzilla.suse.com/1239104"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239109",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "self",
"summary": "SUSE Bug 1239112",
"url": "https://bugzilla.suse.com/1239112"
},
{
"category": "self",
"summary": "SUSE Bug 1239114",
"url": "https://bugzilla.suse.com/1239114"
},
{
"category": "self",
"summary": "SUSE Bug 1239115",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239167",
"url": "https://bugzilla.suse.com/1239167"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239435",
"url": "https://bugzilla.suse.com/1239435"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239615",
"url": "https://bugzilla.suse.com/1239615"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52831 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52924 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52925 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52926 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26708 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26810 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26873 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45010 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46736 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47701 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50036 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50142 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50185 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50251 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50258 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50294 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50304 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53123 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53147 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53173 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53176 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53177 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53178 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53226 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56539 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56548 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56579 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56592 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56647 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56658 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56720 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58079 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21631 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21636 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21638 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21639 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21640 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21647 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21666 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21666/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21667 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21668 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21669 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21675 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21680 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21681 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21684 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21687 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21688 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21689 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21690 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21692 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21697 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21699 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21700 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21704 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21708 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21715 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21716 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21719 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21724 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21731 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21733 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21736 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21745 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21784 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21802 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21828 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-04-17T09:25:13Z",
"generator": {
"date": "2025-04-17T09:25:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20260-1",
"initial_release_date": "2025-04-17T09:25:13Z",
"revision_history": [
{
"date": "2025-04-17T09:25:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-28.1.aarch64",
"product": {
"name": "kernel-rt-6.4.0-28.1.aarch64",
"product_id": "kernel-rt-6.4.0-28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-28.1.aarch64",
"product": {
"name": "kernel-rt-devel-6.4.0-28.1.aarch64",
"product_id": "kernel-rt-devel-6.4.0-28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-28.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-28.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-28.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-28.1.noarch",
"product_id": "kernel-source-rt-6.4.0-28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-28.1.x86_64",
"product_id": "kernel-rt-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-28.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-28.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-28.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64"
},
"product_reference": "kernel-rt-6.4.0-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-28.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64"
},
"product_reference": "kernel-rt-devel-6.4.0-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52831",
"url": "https://www.suse.com/security/cve/CVE-2023-52831"
},
{
"category": "external",
"summary": "SUSE Bug 1225533 for CVE-2023-52831",
"url": "https://bugzilla.suse.com/1225533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t skip expired elements during walk\n\nThere is an asymmetry between commit/abort and preparation phase if the\nfollowing conditions are met:\n\n1. set is a verdict map (\"1.2.3.4 : jump foo\")\n2. timeouts are enabled\n\nIn this case, following sequence is problematic:\n\n1. element E in set S refers to chain C\n2. userspace requests removal of set S\n3. kernel does a set walk to decrement chain-\u003euse count for all elements\n from preparation phase\n4. kernel does another set walk to remove elements from the commit phase\n (or another walk to do a chain-\u003euse increment for all elements from\n abort phase)\n\nIf E has already expired in 1), it will be ignored during list walk, so its use count\nwon\u0027t have been changed.\n\nThen, when set is culled, -\u003edestroy callback will zap the element via\nnf_tables_set_elem_destroy(), but this function is only safe for\nelements that have been deactivated earlier from the preparation phase:\nlack of earlier deactivate removes the element but leaks the chain use\ncount, which results in a WARN splat when the chain gets removed later,\nplus a leak of the nft_chain structure.\n\nUpdate pipapo_get() not to skip expired elements, otherwise flush\ncommand reports bogus ENOENT errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52924",
"url": "https://www.suse.com/security/cve/CVE-2023-52924"
},
{
"category": "external",
"summary": "SUSE Bug 1236821 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "external",
"summary": "SUSE Bug 1244630 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1244630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2023-52924"
},
{
"cve": "CVE-2023-52925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t fail inserts if duplicate has expired\n\nnftables selftests fail:\nrun-tests.sh testcases/sets/0044interval_overlap_0\nExpected: 0-2 . 0-3, got:\nW: [FAILED] ./testcases/sets/0044interval_overlap_0: got 1\n\nInsertion must ignore duplicate but expired entries.\n\nMoreover, there is a strange asymmetry in nft_pipapo_activate:\n\nIt refetches the current element, whereas the other -\u003eactivate callbacks\n(bitmap, hash, rhash, rbtree) use elem-\u003epriv.\nSame for .remove: other set implementations take elem-\u003epriv,\nnft_pipapo_remove fetches elem-\u003epriv, then does a relookup,\nremove this.\n\nI suspect this was the reason for the change that prompted the\nremoval of the expired check in pipapo_get() in the first place,\nbut skipping exired elements there makes no sense to me, this helper\nis used for normal get requests, insertions (duplicate check)\nand deactivate callback.\n\nIn first two cases expired elements must be skipped.\n\nFor -\u003edeactivate(), this gets called for DELSETELEM, so it\nseems to me that expired elements should be skipped as well, i.e.\ndelete request should fail with -ENOENT error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52925",
"url": "https://www.suse.com/security/cve/CVE-2023-52925"
},
{
"category": "external",
"summary": "SUSE Bug 1236822 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "external",
"summary": "SUSE Bug 1246009 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1246009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2023-52925"
},
{
"cve": "CVE-2023-52926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIORING_OP_READ did not correctly consume the provided buffer list when\nread i/o returned \u003c 0 (except for -EAGAIN and -EIOCBQUEUED return).\nThis can lead to a potential use-after-free when the completion via\nio_rw_done runs at separate context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52926",
"url": "https://www.suse.com/security/cve/CVE-2023-52926"
},
{
"category": "external",
"summary": "SUSE Bug 1237565 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "external",
"summary": "SUSE Bug 1237567 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-26634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26634",
"url": "https://www.suse.com/security/cve/CVE-2024-26634"
},
{
"category": "external",
"summary": "SUSE Bug 1221651 for CVE-2024-26634",
"url": "https://bugzilla.suse.com/1221651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: really cope with fastopen race\n\nFastopen and PM-trigger subflow shutdown can race, as reported by\nsyzkaller.\n\nIn my first attempt to close such race, I missed the fact that\nthe subflow status can change again before the subflow_state_change\ncallback is invoked.\n\nAddress the issue additionally copying with all the states directly\nreachable from TCP_FIN_WAIT1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26708",
"url": "https://www.suse.com/security/cve/CVE-2024-26708"
},
{
"category": "external",
"summary": "SUSE Bug 1222672 for CVE-2024-26708",
"url": "https://bugzilla.suse.com/1222672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-26708"
},
{
"cve": "CVE-2024-26810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Lock external INTx masking ops\n\nMask operations through config space changes to DisINTx may race INTx\nconfiguration changes via ioctl. Create wrappers that add locking for\npaths outside of the core interrupt code.\n\nIn particular, irq_type is updated holding igate, therefore testing\nis_intx() requires holding igate. For example clearing DisINTx from\nconfig space can otherwise race changes of the interrupt configuration.\n\nThis aligns interfaces which may trigger the INTx eventfd into two\ncamps, one side serialized by igate and the other only enabled while\nINTx is configured. A subsequent patch introduces synchronization for\nthe latter flows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26810",
"url": "https://www.suse.com/security/cve/CVE-2024-26810"
},
{
"category": "external",
"summary": "SUSE Bug 1222803 for CVE-2024-26810",
"url": "https://bugzilla.suse.com/1222803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-26810"
},
{
"cve": "CVE-2024-26873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix a deadlock issue related to automatic dump\n\nIf we issue a disabling PHY command, the device attached with it will go\noffline, if a 2 bit ECC error occurs at the same time, a hung task may be\nfound:\n\n[ 4613.652388] INFO: task kworker/u256:0:165233 blocked for more than 120 seconds.\n[ 4613.666297] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.674809] task:kworker/u256:0 state:D stack: 0 pid:165233 ppid: 2 flags:0x00000208\n[ 4613.683959] Workqueue: 0000:74:02.0_disco_q sas_revalidate_domain [libsas]\n[ 4613.691518] Call trace:\n[ 4613.694678] __switch_to+0xf8/0x17c\n[ 4613.698872] __schedule+0x660/0xee0\n[ 4613.703063] schedule+0xac/0x240\n[ 4613.706994] schedule_timeout+0x500/0x610\n[ 4613.711705] __down+0x128/0x36c\n[ 4613.715548] down+0x240/0x2d0\n[ 4613.719221] hisi_sas_internal_abort_timeout+0x1bc/0x260 [hisi_sas_main]\n[ 4613.726618] sas_execute_internal_abort+0x144/0x310 [libsas]\n[ 4613.732976] sas_execute_internal_abort_dev+0x44/0x60 [libsas]\n[ 4613.739504] hisi_sas_internal_task_abort_dev.isra.0+0xbc/0x1b0 [hisi_sas_main]\n[ 4613.747499] hisi_sas_dev_gone+0x174/0x250 [hisi_sas_main]\n[ 4613.753682] sas_notify_lldd_dev_gone+0xec/0x2e0 [libsas]\n[ 4613.759781] sas_unregister_common_dev+0x4c/0x7a0 [libsas]\n[ 4613.765962] sas_destruct_devices+0xb8/0x120 [libsas]\n[ 4613.771709] sas_do_revalidate_domain.constprop.0+0x1b8/0x31c [libsas]\n[ 4613.778930] sas_revalidate_domain+0x60/0xa4 [libsas]\n[ 4613.784716] process_one_work+0x248/0x950\n[ 4613.789424] worker_thread+0x318/0x934\n[ 4613.793878] kthread+0x190/0x200\n[ 4613.797810] ret_from_fork+0x10/0x18\n[ 4613.802121] INFO: task kworker/u256:4:316722 blocked for more than 120 seconds.\n[ 4613.816026] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.824538] task:kworker/u256:4 state:D stack: 0 pid:316722 ppid: 2 flags:0x00000208\n[ 4613.833670] Workqueue: 0000:74:02.0 hisi_sas_rst_work_handler [hisi_sas_main]\n[ 4613.841491] Call trace:\n[ 4613.844647] __switch_to+0xf8/0x17c\n[ 4613.848852] __schedule+0x660/0xee0\n[ 4613.853052] schedule+0xac/0x240\n[ 4613.856984] schedule_timeout+0x500/0x610\n[ 4613.861695] __down+0x128/0x36c\n[ 4613.865542] down+0x240/0x2d0\n[ 4613.869216] hisi_sas_controller_prereset+0x58/0x1fc [hisi_sas_main]\n[ 4613.876324] hisi_sas_rst_work_handler+0x40/0x8c [hisi_sas_main]\n[ 4613.883019] process_one_work+0x248/0x950\n[ 4613.887732] worker_thread+0x318/0x934\n[ 4613.892204] kthread+0x190/0x200\n[ 4613.896118] ret_from_fork+0x10/0x18\n[ 4613.900423] INFO: task kworker/u256:1:348985 blocked for more than 121 seconds.\n[ 4613.914341] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.922852] task:kworker/u256:1 state:D stack: 0 pid:348985 ppid: 2 flags:0x00000208\n[ 4613.931984] Workqueue: 0000:74:02.0_event_q sas_port_event_worker [libsas]\n[ 4613.939549] Call trace:\n[ 4613.942702] __switch_to+0xf8/0x17c\n[ 4613.946892] __schedule+0x660/0xee0\n[ 4613.951083] schedule+0xac/0x240\n[ 4613.955015] schedule_timeout+0x500/0x610\n[ 4613.959725] wait_for_common+0x200/0x610\n[ 4613.964349] wait_for_completion+0x3c/0x5c\n[ 4613.969146] flush_workqueue+0x198/0x790\n[ 4613.973776] sas_porte_broadcast_rcvd+0x1e8/0x320 [libsas]\n[ 4613.979960] sas_port_event_worker+0x54/0xa0 [libsas]\n[ 4613.985708] process_one_work+0x248/0x950\n[ 4613.990420] worker_thread+0x318/0x934\n[ 4613.994868] kthread+0x190/0x200\n[ 4613.998800] ret_from_fork+0x10/0x18\n\nThis is because when the device goes offline, we obtain the hisi_hba\nsemaphore and send the ABORT_DEV command to the device. However, the\ninternal abort timed out due to the 2 bit ECC error and triggers automatic\ndump. In addition, since the hisi_hba semaphore has been obtained, the dump\ncannot be executed and the controller cannot be reset.\n\nTherefore, the deadlocks occur on the following circular dependencies\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26873",
"url": "https://www.suse.com/security/cve/CVE-2024-26873"
},
{
"category": "external",
"summary": "SUSE Bug 1223047 for CVE-2024-26873",
"url": "https://bugzilla.suse.com/1223047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-35826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix page refcounts for unaligned buffers in __bio_release_pages()\n\nFix an incorrect number of pages being released for buffers that do not\nstart at the beginning of a page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35826",
"url": "https://www.suse.com/security/cve/CVE-2024-35826"
},
{
"category": "external",
"summary": "SUSE Bug 1224610 for CVE-2024-35826",
"url": "https://bugzilla.suse.com/1224610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-40980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: replace spin_lock by raw_spin_lock\n\ntrace_drop_common() is called with preemption disabled, and it acquires\na spin_lock. This is problematic for RT kernels because spin_locks are\nsleeping locks in this configuration, which causes the following splat:\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 449, name: rcuc/47\npreempt_count: 1, expected: 0\nRCU nest depth: 2, expected: 2\n5 locks held by rcuc/47/449:\n #0: ff1100086ec30a60 ((softirq_ctrl.lock)){+.+.}-{2:2}, at: __local_bh_disable_ip+0x105/0x210\n #1: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: rt_spin_lock+0xbf/0x130\n #2: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: __local_bh_disable_ip+0x11c/0x210\n #3: ffffffffb394a160 (rcu_callback){....}-{0:0}, at: rcu_do_batch+0x360/0xc70\n #4: ff1100086ee07520 (\u0026data-\u003elock){+.+.}-{2:2}, at: trace_drop_common.constprop.0+0xb5/0x290\nirq event stamp: 139909\nhardirqs last enabled at (139908): [\u003cffffffffb1df2b33\u003e] _raw_spin_unlock_irqrestore+0x63/0x80\nhardirqs last disabled at (139909): [\u003cffffffffb19bd03d\u003e] trace_drop_common.constprop.0+0x26d/0x290\nsoftirqs last enabled at (139892): [\u003cffffffffb07a1083\u003e] __local_bh_enable_ip+0x103/0x170\nsoftirqs last disabled at (139898): [\u003cffffffffb0909b33\u003e] rcu_cpu_kthread+0x93/0x1f0\nPreemption disabled at:\n[\u003cffffffffb1de786b\u003e] rt_mutex_slowunlock+0xab/0x2e0\nCPU: 47 PID: 449 Comm: rcuc/47 Not tainted 6.9.0-rc2-rt1+ #7\nHardware name: Dell Inc. PowerEdge R650/0Y2G81, BIOS 1.6.5 04/15/2022\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x8c/0xd0\n dump_stack+0x14/0x20\n __might_resched+0x21e/0x2f0\n rt_spin_lock+0x5e/0x130\n ? trace_drop_common.constprop.0+0xb5/0x290\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_drop_common.constprop.0+0xb5/0x290\n ? preempt_count_sub+0x1c/0xd0\n ? _raw_spin_unlock_irqrestore+0x4a/0x80\n ? __pfx_trace_drop_common.constprop.0+0x10/0x10\n ? rt_mutex_slowunlock+0x26a/0x2e0\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_rt_mutex_slowunlock+0x10/0x10\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_kfree_skb_hit+0x15/0x20\n trace_kfree_skb+0xe9/0x150\n kfree_skb_reason+0x7b/0x110\n skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_skb_queue_purge_reason.part.0+0x10/0x10\n ? mark_lock.part.0+0x8a/0x520\n...\n\ntrace_drop_common() also disables interrupts, but this is a minor issue\nbecause we could easily replace it with a local_lock.\n\nReplace the spin_lock with raw_spin_lock to avoid sleeping in atomic\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40980",
"url": "https://www.suse.com/security/cve/CVE-2024-40980"
},
{
"category": "external",
"summary": "SUSE Bug 1227937 for CVE-2024-40980",
"url": "https://bugzilla.suse.com/1227937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-40980"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section-\u003eusage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms-\u003eusage\" to fix a race with section_deactivate() where\nms-\u003eusage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41055",
"url": "https://www.suse.com/security/cve/CVE-2024-41055"
},
{
"category": "external",
"summary": "SUSE Bug 1228521 for CVE-2024-41055",
"url": "https://bugzilla.suse.com/1228521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-41055"
},
{
"cve": "CVE-2024-41077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix validation of block size\n\nBlock size should be between 512 and PAGE_SIZE and be a power of 2. The current\ncheck does not validate this, so update the check.\n\nWithout this patch, null_blk would Oops due to a null pointer deref when\nloaded with bs=1536 [1].\n\n\n[axboe: remove unnecessary braces and != 0 check]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41077",
"url": "https://www.suse.com/security/cve/CVE-2024-41077"
},
{
"category": "external",
"summary": "SUSE Bug 1228653 for CVE-2024-41077",
"url": "https://bugzilla.suse.com/1228653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41149",
"url": "https://www.suse.com/security/cve/CVE-2024-41149"
},
{
"category": "external",
"summary": "SUSE Bug 1235698 for CVE-2024-41149",
"url": "https://bugzilla.suse.com/1235698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n fs/smb/client/cifsfs.c:1981 init_cifs()\n error: we previously assumed \u0027serverclose_wq\u0027 could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42307",
"url": "https://www.suse.com/security/cve/CVE-2024-42307"
},
{
"category": "external",
"summary": "SUSE Bug 1229361 for CVE-2024-42307",
"url": "https://bugzilla.suse.com/1229361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-44974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: avoid possible UaF when selecting endp\n\nselect_local_address() and select_signal_address() both select an\nendpoint entry from the list inside an RCU protected section, but return\na reference to it, to be read later on. If the entry is dereferenced\nafter the RCU unlock, reading info could cause a Use-after-Free.\n\nA simple solution is to copy the required info while inside the RCU\nprotected section to avoid any risk of UaF later. The address ID might\nneed to be modified later to handle the ID0 case later, so a copy seems\nOK to deal with.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44974",
"url": "https://www.suse.com/security/cve/CVE-2024-44974"
},
{
"category": "external",
"summary": "SUSE Bug 1230235 for CVE-2024-44974",
"url": "https://bugzilla.suse.com/1230235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-44974"
},
{
"cve": "CVE-2024-45009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only decrement add_addr_accepted for MPJ req\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk-\u003epm.add_addr_accepted == 0)\n\n... before decrementing the add_addr_accepted counter helped to find a\nbug when running the \"remove single subflow\" subtest from the\nmptcp_join.sh selftest.\n\nRemoving a \u0027subflow\u0027 endpoint will first trigger a RM_ADDR, then the\nsubflow closure. Before this patch, and upon the reception of the\nRM_ADDR, the other peer will then try to decrement this\nadd_addr_accepted. That\u0027s not correct because the attached subflows have\nnot been created upon the reception of an ADD_ADDR.\n\nA way to solve that is to decrement the counter only if the attached\nsubflow was an MP_JOIN to a remote id that was not 0, and initiated by\nthe host receiving the RM_ADDR.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45009",
"url": "https://www.suse.com/security/cve/CVE-2024-45009"
},
{
"category": "external",
"summary": "SUSE Bug 1230438 for CVE-2024-45009",
"url": "https://bugzilla.suse.com/1230438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-45009"
},
{
"cve": "CVE-2024-45010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only mark \u0027subflow\u0027 endp as available\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk-\u003epm.local_addr_used == 0)\n\n... before decrementing the local_addr_used counter helped to find a bug\nwhen running the \"remove single address\" subtest from the mptcp_join.sh\nselftests.\n\nRemoving a \u0027signal\u0027 endpoint will trigger the removal of all subflows\nlinked to this endpoint via mptcp_pm_nl_rm_addr_or_subflow() with\nrm_type == MPTCP_MIB_RMSUBFLOW. This will decrement the local_addr_used\ncounter, which is wrong in this case because this counter is linked to\n\u0027subflow\u0027 endpoints, and here it is a \u0027signal\u0027 endpoint that is being\nremoved.\n\nNow, the counter is decremented, only if the ID is being used outside\nof mptcp_pm_nl_rm_addr_or_subflow(), only for \u0027subflow\u0027 endpoints, and\nif the ID is not 0 -- local_addr_used is not taking into account these\nones. This marking of the ID as being available, and the decrement is\ndone no matter if a subflow using this ID is currently available,\nbecause the subflow could have been closed before.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45010",
"url": "https://www.suse.com/security/cve/CVE-2024-45010"
},
{
"category": "external",
"summary": "SUSE Bug 1230439 for CVE-2024-45010",
"url": "https://bugzilla.suse.com/1230439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-45010"
},
{
"cve": "CVE-2024-46736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46736",
"url": "https://www.suse.com/security/cve/CVE-2024-46736"
},
{
"category": "external",
"summary": "SUSE Bug 1230728 for CVE-2024-46736",
"url": "https://bugzilla.suse.com/1230728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n CIFS: Attempting to mount //w22-fs0/scratch\n run fstests generic/013 at 2024-09-02 19:48:59\n ==================================================================\n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n 04/01/2014\n Workqueue: cifsoplockd cifs_oplock_break [cifs]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? detach_if_pending+0xab/0x200\n print_report+0x156/0x4d9\n ? detach_if_pending+0xab/0x200\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? detach_if_pending+0xab/0x200\n kasan_report+0xda/0x110\n ? detach_if_pending+0xab/0x200\n detach_if_pending+0xab/0x200\n timer_delete+0x96/0xe0\n ? __pfx_timer_delete+0x10/0x10\n ? rcu_is_watching+0x20/0x50\n try_to_grab_pending+0x46/0x3b0\n __cancel_work+0x89/0x1b0\n ? __pfx___cancel_work+0x10/0x10\n ? kasan_save_track+0x14/0x30\n cifs_close_deferred_file+0x110/0x2c0 [cifs]\n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n ? __pfx_down_read+0x10/0x10\n cifs_oplock_break+0x4c1/0xa50 [cifs]\n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n ? lock_is_held_type+0x85/0xf0\n ? mark_held_locks+0x1a/0x90\n process_one_work+0x4c6/0x9f0\n ? find_held_lock+0x8a/0xa0\n ? __pfx_process_one_work+0x10/0x10\n ? lock_acquired+0x220/0x550\n ? __list_add_valid_or_report+0x37/0x100\n worker_thread+0x2e4/0x570\n ? __kthread_parkme+0xd1/0xf0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x17f/0x1c0\n ? kthread+0xda/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 1118:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n cifs_atomic_open+0x467/0x770 [cifs]\n lookup_open.isra.0+0x665/0x8b0\n path_openat+0x4c3/0x1380\n do_filp_open+0x167/0x270\n do_sys_openat2+0x129/0x160\n __x64_sys_creat+0xad/0xe0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 83:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n poison_slab_object+0xe9/0x160\n __kasan_slab_free+0x32/0x50\n kfree+0xf2/0x300\n process_one_work+0x4c6/0x9f0\n worker_thread+0x2e4/0x570\n kthread+0x17f/0x1c0\n ret_from_fork+0x31/0x60\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x30/0x50\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x29/0xe0\n __queue_work+0x5ea/0x760\n queue_work_on+0x6d/0x90\n _cifsFileInfo_put+0x3f6/0x770 [cifs]\n smb2_compound_op+0x911/0x3940 [cifs]\n smb2_set_path_size+0x228/0x270 [cifs]\n cifs_set_file_size+0x197/0x460 [cifs]\n cifs_setattr+0xd9c/0x14b0 [cifs]\n notify_change+0x4e3/0x740\n do_truncate+0xfa/0x180\n vfs_truncate+0x195/0x200\n __x64_sys_truncate+0x109/0x150\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46796",
"url": "https://www.suse.com/security/cve/CVE-2024-46796"
},
{
"category": "external",
"summary": "SUSE Bug 1230832 for CVE-2024-46796",
"url": "https://bugzilla.suse.com/1230832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-46858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: Fix uaf in __timer_delete_sync\n\nThere are two paths to access mptcp_pm_del_add_timer, result in a race\ncondition:\n\n CPU1\t\t\t\tCPU2\n ==== ====\n net_rx_action\n napi_poll netlink_sendmsg\n __napi_poll netlink_unicast\n process_backlog netlink_unicast_kernel\n __netif_receive_skb genl_rcv\n __netif_receive_skb_one_core netlink_rcv_skb\n NF_HOOK genl_rcv_msg\n ip_local_deliver_finish genl_family_rcv_msg\n ip_protocol_deliver_rcu genl_family_rcv_msg_doit\n tcp_v4_rcv mptcp_pm_nl_flush_addrs_doit\n tcp_v4_do_rcv mptcp_nl_remove_addrs_list\n tcp_rcv_established mptcp_pm_remove_addrs_and_subflows\n tcp_data_queue remove_anno_list_by_saddr\n mptcp_incoming_options mptcp_pm_del_add_timer\n mptcp_pm_del_add_timer kfree(entry)\n\nIn remove_anno_list_by_saddr(running on CPU2), after leaving the critical\nzone protected by \"pm.lock\", the entry will be released, which leads to the\noccurrence of uaf in the mptcp_pm_del_add_timer(running on CPU1).\n\nKeeping a reference to add_timer inside the lock, and calling\nsk_stop_timer_sync() with this reference, instead of \"entry-\u003eadd_timer\".\n\nMove list_del(\u0026entry-\u003elist) to mptcp_pm_del_add_timer and inside the pm lock,\ndo not directly access any members of the entry outside the pm lock, which\ncan avoid similar \"entry-\u003ex\" uaf.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46858",
"url": "https://www.suse.com/security/cve/CVE-2024-46858"
},
{
"category": "external",
"summary": "SUSE Bug 1231088 for CVE-2024-46858",
"url": "https://bugzilla.suse.com/1231088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-46858"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n \u003c/TASK\u003e\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47701",
"url": "https://www.suse.com/security/cve/CVE-2024-47701"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1231920 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1231920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path-\u003ep_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49884",
"url": "https://www.suse.com/security/cve/CVE-2024-49884"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232198 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1232198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-49884"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session-\u003etunnel is non-NULL. However, session-\u003etunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession-\u003etunnel is non-NULL when the tunnel refcount hasn\u0027t been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession-\u003etunnel to get the tunnel\u0027s encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session-\u003etunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn\u0027t yet have session-\u003etunnel set. Add a check for\nthis case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49940",
"url": "https://www.suse.com/security/cve/CVE-2024-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1232812 for CVE-2024-49940",
"url": "https://bugzilla.suse.com/1232812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49950",
"url": "https://www.suse.com/security/cve/CVE-2024-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232159 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1232159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-49950"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync\n\nThis checks if the ACL connection remains valid as it could be destroyed\nwhile hci_enhanced_setup_sync is pending on cmd_sync leading to the\nfollowing trace:\n\nBUG: KASAN: slab-use-after-free in hci_enhanced_setup_sync+0x91b/0xa60\nRead of size 1 at addr ffff888002328ffd by task kworker/u5:2/37\n\nCPU: 0 UID: 0 PID: 37 Comm: kworker/u5:2 Not tainted 6.11.0-rc6-01300-g810be445d8d6 #7099\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? hci_enhanced_setup_sync+0x91b/0xa60\n print_report+0x152/0x4c0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n ? __virt_addr_valid+0x1fa/0x420\n ? hci_enhanced_setup_sync+0x91b/0xa60\n kasan_report+0xda/0x1b0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n hci_enhanced_setup_sync+0x91b/0xa60\n ? __pfx_hci_enhanced_setup_sync+0x10/0x10\n ? __pfx___mutex_lock+0x10/0x10\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n ? __pfx_lock_acquire+0x10/0x10\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x167/0x240\n worker_thread+0x5b7/0xf60\n ? __kthread_parkme+0xac/0x1c0\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x293/0x360\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 34:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __hci_conn_add+0x187/0x17d0\n hci_connect_sco+0x2e1/0xb90\n sco_sock_connect+0x2a2/0xb80\n __sys_connect+0x227/0x2a0\n __x64_sys_connect+0x6d/0xb0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 37:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x101/0x160\n kfree+0xd0/0x250\n device_release+0x9a/0x210\n kobject_put+0x151/0x280\n hci_conn_del+0x448/0xbf0\n hci_abort_conn_sync+0x46f/0x980\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n worker_thread+0x5b7/0xf60\n kthread+0x293/0x360\n ret_from_fork+0x2f/0x70\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50029",
"url": "https://www.suse.com/security/cve/CVE-2024-50029"
},
{
"category": "external",
"summary": "SUSE Bug 1231949 for CVE-2024-50029",
"url": "https://bugzilla.suse.com/1231949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50029"
},
{
"cve": "CVE-2024-50036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not delay dst_entries_add() in dst_release()\n\ndst_entries_add() uses per-cpu data that might be freed at netns\ndismantle from ip6_route_net_exit() calling dst_entries_destroy()\n\nBefore ip6_route_net_exit() can be called, we release all\nthe dsts associated with this netns, via calls to dst_release(),\nwhich waits an rcu grace period before calling dst_destroy()\n\ndst_entries_add() use in dst_destroy() is racy, because\ndst_entries_destroy() could have been called already.\n\nDecrementing the number of dsts must happen sooner.\n\nNotes:\n\n1) in CONFIG_XFRM case, dst_destroy() can call\n dst_release_immediate(child), this might also cause UAF\n if the child does not have DST_NOCOUNT set.\n IPSEC maintainers might take a look and see how to address this.\n\n2) There is also discussion about removing this count of dst,\n which might happen in future kernels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50036",
"url": "https://www.suse.com/security/cve/CVE-2024-50036"
},
{
"category": "external",
"summary": "SUSE Bug 1231912 for CVE-2024-50036",
"url": "https://bugzilla.suse.com/1231912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50036"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \u003cTASK\u003e\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50073",
"url": "https://www.suse.com/security/cve/CVE-2024-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232520 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1232520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-50073"
},
{
"cve": "CVE-2024-50085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow\n\nSyzkaller reported this splat:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n Read of size 4 at addr ffff8880569ac858 by task syz.1.2799/14662\n\n CPU: 0 UID: 0 PID: 14662 Comm: syz.1.2799 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:914 [inline]\n mptcp_nl_remove_id_zero_address+0x305/0x4a0 net/mptcp/pm_netlink.c:1572\n mptcp_pm_nl_del_addr_doit+0x5c9/0x770 net/mptcp/pm_netlink.c:1603\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg net/socket.c:744 [inline]\n ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661\n __sys_sendmsg+0x117/0x1f0 net/socket.c:2690\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0x73/0x120 arch/x86/entry/common.c:386\n do_fast_syscall_32+0x32/0x80 arch/x86/entry/common.c:411\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n RIP: 0023:0xf7fe4579\n Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 \u003c5d\u003e 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00\n RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172\n RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000140\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\n Allocated by task 5387:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kmalloc_noprof include/linux/slab.h:878 [inline]\n kzalloc_noprof include/linux/slab.h:1014 [inline]\n subflow_create_ctx+0x87/0x2a0 net/mptcp/subflow.c:1803\n subflow_ulp_init+0xc3/0x4d0 net/mptcp/subflow.c:1956\n __tcp_set_ulp net/ipv4/tcp_ulp.c:146 [inline]\n tcp_set_ulp+0x326/0x7f0 net/ipv4/tcp_ulp.c:167\n mptcp_subflow_create_socket+0x4ae/0x10a0 net/mptcp/subflow.c:1764\n __mptcp_subflow_connect+0x3cc/0x1490 net/mptcp/subflow.c:1592\n mptcp_pm_create_subflow_or_signal_addr+0xbda/0x23a0 net/mptcp/pm_netlink.c:642\n mptcp_pm_nl_fully_established net/mptcp/pm_netlink.c:650 [inline]\n mptcp_pm_nl_work+0x3a1/0x4f0 net/mptcp/pm_netlink.c:943\n mptcp_worker+0x15a/0x1240 net/mptcp/protocol.c:2777\n process_one_work+0x958/0x1b30 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/ke\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50085",
"url": "https://www.suse.com/security/cve/CVE-2024-50085"
},
{
"category": "external",
"summary": "SUSE Bug 1232508 for CVE-2024-50085",
"url": "https://bugzilla.suse.com/1232508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50085"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n usersa.sel.family = AF_UNSPEC\n usersa.sel.prefixlen_s = 128\n usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn\u0027t put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx-\u003esel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that\u0027s how\nprefixlen is going to be used later on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50142",
"url": "https://www.suse.com/security/cve/CVE-2024-50142"
},
{
"category": "external",
"summary": "SUSE Bug 1233028 for CVE-2024-50142",
"url": "https://bugzilla.suse.com/1233028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50142"
},
{
"cve": "CVE-2024-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n\u0027ea is initialized to NULL\u0027 -\u003e \u0027first successful memory allocation for\nea\u0027 -\u003e \u0027something failed, goto sea_exit\u0027 -\u003e \u0027first memory release for ea\u0027\n-\u003e \u0027goto replay_again\u0027 -\u003e \u0027second goto sea_exit before allocate memory\nfor ea\u0027 -\u003e \u0027second memory release for ea resulted in double free\u0027.\n\nRe-initialie \u0027ea\u0027 to NULL near to the replay_again label, it can fix this\ndouble free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50152",
"url": "https://www.suse.com/security/cve/CVE-2024-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1233033 for CVE-2024-50152",
"url": "https://bugzilla.suse.com/1233033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle consistently DSS corruption\n\nBugged peer implementation can send corrupted DSS options, consistently\nhitting a few warning in the data path. Use DEBUG_NET assertions, to\navoid the splat on some builds and handle consistently the error, dumping\nrelated MIBs and performing fallback and/or reset according to the\nsubflow type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50185",
"url": "https://www.suse.com/security/cve/CVE-2024-50185"
},
{
"category": "external",
"summary": "SUSE Bug 1233109 for CVE-2024-50185",
"url": "https://bugzilla.suse.com/1233109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50185"
},
{
"cve": "CVE-2024-50251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50251",
"url": "https://www.suse.com/security/cve/CVE-2024-50251"
},
{
"category": "external",
"summary": "SUSE Bug 1233248 for CVE-2024-50251",
"url": "https://bugzilla.suse.com/1233248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50251"
},
{
"cve": "CVE-2024-50258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix crash when config small gso_max_size/gso_ipv4_max_size\n\nConfig a small gso_max_size/gso_ipv4_max_size will lead to an underflow\nin sk_dst_gso_max_size(), which may trigger a BUG_ON crash,\nbecause sk-\u003esk_gso_max_size would be much bigger than device limits.\nCall Trace:\ntcp_write_xmit\n tso_segs = tcp_init_tso_segs(skb, mss_now);\n tcp_set_skb_tso_segs\n tcp_skb_pcount_set\n // skb-\u003elen = 524288, mss_now = 8\n // u16 tso_segs = 524288/8 = 65535 -\u003e 0\n tso_segs = DIV_ROUND_UP(skb-\u003elen, mss_now)\n BUG_ON(!tso_segs)\nAdd check for the minimum value of gso_max_size and gso_ipv4_max_size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50258",
"url": "https://www.suse.com/security/cve/CVE-2024-50258"
},
{
"category": "external",
"summary": "SUSE Bug 1233221 for CVE-2024-50258",
"url": "https://bugzilla.suse.com/1233221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50258"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50294"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix missing locking causing hanging calls\n\nIf a call gets aborted (e.g. because kafs saw a signal) between it being\nqueued for connection and the I/O thread picking up the call, the abort\nwill be prioritised over the connection and it will be removed from\nlocal-\u003enew_client_calls by rxrpc_disconnect_client_call() without a lock\nbeing held. This may cause other calls on the list to disappear if a race\noccurs.\n\nFix this by taking the client_call_lock when removing a call from whatever\nlist its -\u003ewait_link happens to be on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50294",
"url": "https://www.suse.com/security/cve/CVE-2024-50294"
},
{
"category": "external",
"summary": "SUSE Bug 1233483 for CVE-2024-50294",
"url": "https://bugzilla.suse.com/1233483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50294"
},
{
"cve": "CVE-2024-50304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()\n\nThe per-netns IP tunnel hash table is protected by the RTNL mutex and\nip_tunnel_find() is only called from the control path where the mutex is\ntaken.\n\nAdd a lockdep expression to hlist_for_each_entry_rcu() in\nip_tunnel_find() in order to validate that the mutex is held and to\nsilence the suspicious RCU usage warning [1].\n\n[1]\nWARNING: suspicious RCU usage\n6.12.0-rc3-custom-gd95d9a31aceb #139 Not tainted\n-----------------------------\nnet/ipv4/ip_tunnel.c:221 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n1 lock held by ip/362:\n #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60\n\nstack backtrace:\nCPU: 12 UID: 0 PID: 362 Comm: ip Not tainted 6.12.0-rc3-custom-gd95d9a31aceb #139\nHardware name: Bochs Bochs, BIOS Bochs 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xba/0x110\n lockdep_rcu_suspicious.cold+0x4f/0xd6\n ip_tunnel_find+0x435/0x4d0\n ip_tunnel_newlink+0x517/0x7a0\n ipgre_newlink+0x14c/0x170\n __rtnl_newlink+0x1173/0x19c0\n rtnl_newlink+0x6c/0xa0\n rtnetlink_rcv_msg+0x3cc/0xf60\n netlink_rcv_skb+0x171/0x450\n netlink_unicast+0x539/0x7f0\n netlink_sendmsg+0x8c1/0xd80\n ____sys_sendmsg+0x8f9/0xc20\n ___sys_sendmsg+0x197/0x1e0\n __sys_sendmsg+0x122/0x1f0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50304",
"url": "https://www.suse.com/security/cve/CVE-2024-50304"
},
{
"category": "external",
"summary": "SUSE Bug 1233522 for CVE-2024-50304",
"url": "https://bugzilla.suse.com/1233522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-50304"
},
{
"cve": "CVE-2024-52559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52559",
"url": "https://www.suse.com/security/cve/CVE-2024-52559"
},
{
"category": "external",
"summary": "SUSE Bug 1238507 for CVE-2024-52559",
"url": "https://bugzilla.suse.com/1238507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: error out earlier on disconnect\n\nEric reported a division by zero splat in the MPTCP protocol:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 6094 Comm: syz-executor317 Not tainted\n6.12.0-rc5-syzkaller-00291-g05b92660cdfe #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 09/13/2024\nRIP: 0010:__tcp_select_window+0x5b4/0x1310 net/ipv4/tcp_output.c:3163\nCode: f6 44 01 e3 89 df e8 9b 75 09 f8 44 39 f3 0f 8d 11 ff ff ff e8\n0d 74 09 f8 45 89 f4 e9 04 ff ff ff e8 00 74 09 f8 44 89 f0 99 \u003cf7\u003e 7c\n24 14 41 29 d6 45 89 f4 e9 ec fe ff ff e8 e8 73 09 f8 48 89\nRSP: 0018:ffffc900041f7930 EFLAGS: 00010293\nRAX: 0000000000017e67 RBX: 0000000000017e67 RCX: ffffffff8983314b\nRDX: 0000000000000000 RSI: ffffffff898331b0 RDI: 0000000000000004\nRBP: 00000000005d6000 R08: 0000000000000004 R09: 0000000000017e67\nR10: 0000000000003e80 R11: 0000000000000000 R12: 0000000000003e80\nR13: ffff888031d9b440 R14: 0000000000017e67 R15: 00000000002eb000\nFS: 00007feb5d7f16c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007feb5d8adbb8 CR3: 0000000074e4c000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n__tcp_cleanup_rbuf+0x3e7/0x4b0 net/ipv4/tcp.c:1493\nmptcp_rcv_space_adjust net/mptcp/protocol.c:2085 [inline]\nmptcp_recvmsg+0x2156/0x2600 net/mptcp/protocol.c:2289\ninet_recvmsg+0x469/0x6a0 net/ipv4/af_inet.c:885\nsock_recvmsg_nosec net/socket.c:1051 [inline]\nsock_recvmsg+0x1b2/0x250 net/socket.c:1073\n__sys_recvfrom+0x1a5/0x2e0 net/socket.c:2265\n__do_sys_recvfrom net/socket.c:2283 [inline]\n__se_sys_recvfrom net/socket.c:2279 [inline]\n__x64_sys_recvfrom+0xe0/0x1c0 net/socket.c:2279\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7feb5d857559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48\n89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d\n01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007feb5d7f1208 EFLAGS: 00000246 ORIG_RAX: 000000000000002d\nRAX: ffffffffffffffda RBX: 00007feb5d8e1318 RCX: 00007feb5d857559\nRDX: 000000800000000e RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007feb5d8e1310 R08: 0000000000000000 R09: ffffffff81000000\nR10: 0000000000000100 R11: 0000000000000246 R12: 00007feb5d8e131c\nR13: 00007feb5d8ae074 R14: 000000800000000e R15: 00000000fffffdef\n\nand provided a nice reproducer.\n\nThe root cause is the current bad handling of racing disconnect.\nAfter the blamed commit below, sk_wait_data() can return (with\nerror) with the underlying socket disconnected and a zero rcv_mss.\n\nCatch the error and return without performing any additional\noperations on the current socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53123",
"url": "https://www.suse.com/security/cve/CVE-2024-53123"
},
{
"category": "external",
"summary": "SUSE Bug 1234070 for CVE-2024-53123",
"url": "https://bugzilla.suse.com/1234070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53123"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix out-of-bounds access of directory entries\n\nIn the case of the directory size is greater than or equal to\nthe cluster size, if start_clu becomes an EOF cluster(an invalid\ncluster) due to file system corruption, then the directory entry\nwhere ei-\u003ehint_femp.eidx hint is outside the directory, resulting\nin an out-of-bounds access, which may cause further file system\ncorruption.\n\nThis commit adds a check for start_clu, if it is an invalid cluster,\nthe file or directory will be treated as empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53147",
"url": "https://www.suse.com/security/cve/CVE-2024-53147"
},
{
"category": "external",
"summary": "SUSE Bug 1234857 for CVE-2024-53147",
"url": "https://bugzilla.suse.com/1234857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53147"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53173",
"url": "https://www.suse.com/security/cve/CVE-2024-53173"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234891 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "external",
"summary": "SUSE Bug 1234892 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-53173"
},
{
"cve": "CVE-2024-53176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: During unmount, ensure all cached dir instances drop their dentry\n\nThe unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can\nrace with various cached directory operations, which ultimately results\nin dentries not being dropped and these kernel BUGs:\n\nBUG: Dentry ffff88814f37e358{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nVFS: Busy inodes after unmount of cifs (cifs)\n------------[ cut here ]------------\nkernel BUG at fs/super.c:661!\n\nThis happens when a cfid is in the process of being cleaned up when, and\nhas been removed from the cfids-\u003eentries list, including:\n\n- Receiving a lease break from the server\n- Server reconnection triggers invalidate_all_cached_dirs(), which\n removes all the cfids from the list\n- The laundromat thread decides to expire an old cfid.\n\nTo solve these problems, dropping the dentry is done in queued work done\nin a newly-added cfid_put_wq workqueue, and close_all_cached_dirs()\nflushes that workqueue after it drops all the dentries of which it\u0027s\naware. This is a global workqueue (rather than scoped to a mount), but\nthe queued work is minimal.\n\nThe final cleanup work for cleaning up a cfid is performed via work\nqueued in the serverclose_wq workqueue; this is done separate from\ndropping the dentries so that close_all_cached_dirs() doesn\u0027t block on\nany server operations.\n\nBoth of these queued works expect to invoked with a cfid reference and\na tcon reference to avoid those objects from being freed while the work\nis ongoing.\n\nWhile we\u0027re here, add proper locking to close_all_cached_dirs(), and\nlocking around the freeing of cfid-\u003edentry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53176",
"url": "https://www.suse.com/security/cve/CVE-2024-53176"
},
{
"category": "external",
"summary": "SUSE Bug 1234894 for CVE-2024-53176",
"url": "https://bugzilla.suse.com/1234894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53176"
},
{
"cve": "CVE-2024-53177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: prevent use-after-free due to open_cached_dir error paths\n\nIf open_cached_dir() encounters an error parsing the lease from the\nserver, the error handling may race with receiving a lease break,\nresulting in open_cached_dir() freeing the cfid while the queued work is\npending.\n\nUpdate open_cached_dir() to drop refs rather than directly freeing the\ncfid.\n\nHave cached_dir_lease_break(), cfids_laundromat_worker(), and\ninvalidate_all_cached_dirs() clear has_lease immediately while still\nholding cfids-\u003ecfid_list_lock, and then use this to also simplify the\nreference counting in cfids_laundromat_worker() and\ninvalidate_all_cached_dirs().\n\nFixes this KASAN splat (which manually injects an error and lease break\nin open_cached_dir()):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in smb2_cached_lease_break+0x27/0xb0\nRead of size 8 at addr ffff88811cc24c10 by task kworker/3:1/65\n\nCPU: 3 UID: 0 PID: 65 Comm: kworker/3:1 Not tainted 6.12.0-rc6-g255cf264e6e5-dirty #87\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nWorkqueue: cifsiod smb2_cached_lease_break\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x77/0xb0\n print_report+0xce/0x660\n kasan_report+0xd3/0x110\n smb2_cached_lease_break+0x27/0xb0\n process_one_work+0x50a/0xc50\n worker_thread+0x2ba/0x530\n kthread+0x17c/0x1c0\n ret_from_fork+0x34/0x60\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n open_cached_dir+0xa7d/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x51/0x70\n kfree+0x174/0x520\n open_cached_dir+0x97f/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x33/0x60\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x32/0x100\n __queue_work+0x5c9/0x870\n queue_work_on+0x82/0x90\n open_cached_dir+0x1369/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe buggy address belongs to the object at ffff88811cc24c00\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 16 bytes inside of\n freed 1024-byte region [ffff88811cc24c00, ffff88811cc25000)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53177",
"url": "https://www.suse.com/security/cve/CVE-2024-53177"
},
{
"category": "external",
"summary": "SUSE Bug 1234896 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "external",
"summary": "SUSE Bug 1235103 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1235103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-53177"
},
{
"cve": "CVE-2024-53178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Don\u0027t leak cfid when reconnect races with open_cached_dir\n\nopen_cached_dir() may either race with the tcon reconnection even before\ncompound_send_recv() or directly trigger a reconnection via\nSMB2_open_init() or SMB_query_info_init().\n\nThe reconnection process invokes invalidate_all_cached_dirs() via\ncifs_mark_open_files_invalid(), which removes all cfids from the\ncfids-\u003eentries list but doesn\u0027t drop a ref if has_lease isn\u0027t true. This\nresults in the currently-being-constructed cfid not being on the list,\nbut still having a refcount of 2. It leaks if returned from\nopen_cached_dir().\n\nFix this by setting cfid-\u003ehas_lease when the ref is actually taken; the\ncfid will not be used by other threads until it has a valid time.\n\nAddresses these kmemleaks:\n\nunreferenced object 0xffff8881090c4000 (size 1024):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 32 bytes):\n 00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de ........\".......\n 00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff ..E\"......O.....\n backtrace (crc 6f58c20f):\n [\u003cffffffff8b895a1e\u003e] __kmalloc_cache_noprof+0x2be/0x350\n [\u003cffffffff8bda06e3\u003e] open_cached_dir+0x993/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\nunreferenced object 0xffff8881044fdcf8 (size 8):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 8 bytes):\n 00 cc cc cc cc cc cc cc ........\n backtrace (crc 10c106a9):\n [\u003cffffffff8b89a3d3\u003e] __kmalloc_node_track_caller_noprof+0x363/0x480\n [\u003cffffffff8b7d7256\u003e] kstrdup+0x36/0x60\n [\u003cffffffff8bda0700\u003e] open_cached_dir+0x9b0/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAnd addresses these BUG splats when unmounting the SMB filesystem:\n\nBUG: Dentry ffff888140590ba0{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nWARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100\nModules linked in:\nCPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:umount_check+0xd0/0x100\nCode: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff \u003c0f\u003e 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41\nRSP: 0018:ffff88811cc27978 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40\nRBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3\nR10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08\nR13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0\nFS: 00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n d_walk+0x6a/0x530\n shrink_dcache_for_umount+0x6a/0x200\n generic_shutdown_super+0x52/0x2a0\n kill_anon_super+0x22/0x40\n cifs_kill_sb+0x159/0x1e0\n deactivate_locked_super+0x66/0xe0\n cleanup_mnt+0x140/0x210\n task_work_run+0xfb/0x170\n syscall_exit_to_user_mode+0x29f/0x2b0\n do_syscall_64+0xa1/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f23bfb93ae7\nCode: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53178",
"url": "https://www.suse.com/security/cve/CVE-2024-53178"
},
{
"category": "external",
"summary": "SUSE Bug 1234895 for CVE-2024-53178",
"url": "https://bugzilla.suse.com/1234895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53178"
},
{
"cve": "CVE-2024-53226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg()\n\nib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argument.\nThe driver needs to check whether it is a NULL pointer before\ndereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53226",
"url": "https://www.suse.com/security/cve/CVE-2024-53226"
},
{
"category": "external",
"summary": "SUSE Bug 1236576 for CVE-2024-53226",
"url": "https://bugzilla.suse.com/1236576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53226"
},
{
"cve": "CVE-2024-53239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: 6fire: Release resources at card release\n\nThe current 6fire code tries to release the resources right after the\ncall of usb6fire_chip_abort(). But at this moment, the card object\nmight be still in use (as we\u0027re calling snd_card_free_when_closed()).\n\nFor avoid potential UAFs, move the release of resources to the card\u0027s\nprivate_free instead of the manual call of usb6fire_chip_destroy() at\nthe USB disconnect callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53239",
"url": "https://www.suse.com/security/cve/CVE-2024-53239"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235054 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "external",
"summary": "SUSE Bug 1235055 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-53239"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[ 356.775250] ------------[ cut here ]------------\n[ 356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv-\u003essid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n ssid_len = user_scan_in-\u003essid_list[i].ssid_len;\n [...]\n memcpy(wildcard_ssid_tlv-\u003essid,\n user_scan_in-\u003essid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn\u0027t account for the size of the one-element\narray, so it doesn\u0027t need to be changed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56539",
"url": "https://www.suse.com/security/cve/CVE-2024-56539"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234963 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "external",
"summary": "SUSE Bug 1234964 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-56539"
},
{
"cve": "CVE-2024-56548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don\u0027t query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[ 419.944641] ==================================================================\n[ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[ 419.947612]\n[ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 419.950035] Call Trace:\n[ 419.950384] \u003cTASK\u003e\n[ 419.950676] dump_stack_lvl+0x57/0x78\n[ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.951830] print_report+0x14c/0x49e\n[ 419.952361] ? __virt_addr_valid+0x267/0x278\n[ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d\n[ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.954231] kasan_report+0x89/0xb0\n[ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955367] hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9\n[ 419.957214] ? _raw_spin_unlock+0x1a/0x2e\n[ 419.957772] hfsplus_fill_super+0x348/0x1590\n[ 419.958355] ? hlock_class+0x4c/0x109\n[ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.959499] ? __pfx_string+0x10/0x10\n[ 419.960006] ? lock_acquire+0x3e2/0x454\n[ 419.960532] ? bdev_name.constprop.0+0xce/0x243\n[ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10\n[ 419.961799] ? pointer+0x3f0/0x62f\n[ 419.962277] ? __pfx_pointer+0x10/0x10\n[ 419.962761] ? vsnprintf+0x6c4/0xfba\n[ 419.963178] ? __pfx_vsnprintf+0x10/0x10\n[ 419.963621] ? setup_bdev_super+0x376/0x3b3\n[ 419.964029] ? snprintf+0x9d/0xd2\n[ 419.964344] ? __pfx_snprintf+0x10/0x10\n[ 419.964675] ? lock_acquired+0x45c/0x5e9\n[ 419.965016] ? set_blocksize+0x139/0x1c1\n[ 419.965381] ? sb_set_blocksize+0x6d/0xae\n[ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.966179] mount_bdev+0x12f/0x1bf\n[ 419.966512] ? __pfx_mount_bdev+0x10/0x10\n[ 419.966886] ? vfs_parse_fs_string+0xce/0x111\n[ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10\n[ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10\n[ 419.968073] legacy_get_tree+0x104/0x178\n[ 419.968414] vfs_get_tree+0x86/0x296\n[ 419.968751] path_mount+0xba3/0xd0b\n[ 419.969157] ? __pfx_path_mount+0x10/0x10\n[ 419.969594] ? kmem_cache_free+0x1e2/0x260\n[ 419.970311] do_mount+0x99/0xe0\n[ 419.970630] ? __pfx_do_mount+0x10/0x10\n[ 419.971008] __do_sys_mount+0x199/0x1c9\n[ 419.971397] do_syscall_64+0xd0/0x135\n[ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 419.972233] RIP: 0033:0x7c3cb812972e\n[ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56548",
"url": "https://www.suse.com/security/cve/CVE-2024-56548"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235073 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "external",
"summary": "SUSE Bug 1235074 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-56548"
},
{
"cve": "CVE-2024-56579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: amphion: Set video drvdata before register video device\n\nThe video drvdata should be set before the video device is registered,\notherwise video_drvdata() may return NULL in the open() file ops, and led\nto oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56579",
"url": "https://www.suse.com/security/cve/CVE-2024-56579"
},
{
"category": "external",
"summary": "SUSE Bug 1236575 for CVE-2024-56579",
"url": "https://bugzilla.suse.com/1236575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56579"
},
{
"cve": "CVE-2024-56592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Call free_htab_elem() after htab_unlock_bucket()\n\nFor htab of maps, when the map is removed from the htab, it may hold the\nlast reference of the map. bpf_map_fd_put_ptr() will invoke\nbpf_map_free_id() to free the id of the removed map element. However,\nbpf_map_fd_put_ptr() is invoked while holding a bucket lock\n(raw_spin_lock_t), and bpf_map_free_id() attempts to acquire map_idr_lock\n(spinlock_t), triggering the following lockdep warning:\n\n =============================\n [ BUG: Invalid wait context ]\n 6.11.0-rc4+ #49 Not tainted\n -----------------------------\n test_maps/4881 is trying to lock:\n ffffffff84884578 (map_idr_lock){+...}-{3:3}, at: bpf_map_free_id.part.0+0x21/0x70\n other info that might help us debug this:\n context-{5:5}\n 2 locks held by test_maps/4881:\n #0: ffffffff846caf60 (rcu_read_lock){....}-{1:3}, at: bpf_fd_htab_map_update_elem+0xf9/0x270\n #1: ffff888149ced148 (\u0026htab-\u003elockdep_key#2){....}-{2:2}, at: htab_map_update_elem+0x178/0xa80\n stack backtrace:\n CPU: 0 UID: 0 PID: 4881 Comm: test_maps Not tainted 6.11.0-rc4+ #49\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), ...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6e/0xb0\n dump_stack+0x10/0x20\n __lock_acquire+0x73e/0x36c0\n lock_acquire+0x182/0x450\n _raw_spin_lock_irqsave+0x43/0x70\n bpf_map_free_id.part.0+0x21/0x70\n bpf_map_put+0xcf/0x110\n bpf_map_fd_put_ptr+0x9a/0xb0\n free_htab_elem+0x69/0xe0\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n bpf_map_update_value+0x266/0x380\n __sys_bpf+0x21bb/0x36b0\n __x64_sys_bpf+0x45/0x60\n x64_sys_call+0x1b2a/0x20d0\n do_syscall_64+0x5d/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nOne way to fix the lockdep warning is using raw_spinlock_t for\nmap_idr_lock as well. However, bpf_map_alloc_id() invokes\nidr_alloc_cyclic() after acquiring map_idr_lock, it will trigger a\nsimilar lockdep warning because the slab\u0027s lock (s-\u003ecpu_slab-\u003elock) is\nstill a spinlock.\n\nInstead of changing map_idr_lock\u0027s type, fix the issue by invoking\nhtab_put_fd_value() after htab_unlock_bucket(). However, only deferring\nthe invocation of htab_put_fd_value() is not enough, because the old map\npointers in htab of maps can not be saved during batched deletion.\nTherefore, also defer the invocation of free_htab_elem(), so these\nto-be-freed elements could be linked together similar to lru map.\n\nThere are four callers for -\u003emap_fd_put_ptr:\n\n(1) alloc_htab_elem() (through htab_put_fd_value())\nIt invokes -\u003emap_fd_put_ptr() under a raw_spinlock_t. The invocation of\nhtab_put_fd_value() can not simply move after htab_unlock_bucket(),\nbecause the old element has already been stashed in htab-\u003eextra_elems.\nIt may be reused immediately after htab_unlock_bucket() and the\ninvocation of htab_put_fd_value() after htab_unlock_bucket() may release\nthe newly-added element incorrectly. Therefore, saving the map pointer\nof the old element for htab of maps before unlocking the bucket and\nreleasing the map_ptr after unlock. Beside the map pointer in the old\nelement, should do the same thing for the special fields in the old\nelement as well.\n\n(2) free_htab_elem() (through htab_put_fd_value())\nIts caller includes __htab_map_lookup_and_delete_elem(),\nhtab_map_delete_elem() and __htab_map_lookup_and_delete_batch().\n\nFor htab_map_delete_elem(), simply invoke free_htab_elem() after\nhtab_unlock_bucket(). For __htab_map_lookup_and_delete_batch(), just\nlike lru map, linking the to-be-freed element into node_to_free list\nand invoking free_htab_elem() for these element after unlock. It is safe\nto reuse batch_flink as the link for node_to_free, because these\nelements have been removed from the hash llist.\n\nBecause htab of maps doesn\u0027t support lookup_and_delete operation,\n__htab_map_lookup_and_delete_elem() doesn\u0027t have the problem, so kept\nit as\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56592",
"url": "https://www.suse.com/security/cve/CVE-2024-56592"
},
{
"category": "external",
"summary": "SUSE Bug 1235244 for CVE-2024-56592",
"url": "https://bugzilla.suse.com/1235244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56592"
},
{
"cve": "CVE-2024-56605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56605",
"url": "https://www.suse.com/security/cve/CVE-2024-56605"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235061 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "external",
"summary": "SUSE Bug 1235062 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-56605"
},
{
"cve": "CVE-2024-56633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg\n\nThe current sk memory accounting logic in __SK_REDIRECT is pre-uncharging\ntosend bytes, which is either msg-\u003esg.size or a smaller value apply_bytes.\n\nPotential problems with this strategy are as follows:\n\n- If the actual sent bytes are smaller than tosend, we need to charge some\n bytes back, as in line 487, which is okay but seems not clean.\n\n- When tosend is set to apply_bytes, as in line 417, and (ret \u003c 0), we may\n miss uncharging (msg-\u003esg.size - apply_bytes) bytes.\n\n[...]\n415 tosend = msg-\u003esg.size;\n416 if (psock-\u003eapply_bytes \u0026\u0026 psock-\u003eapply_bytes \u003c tosend)\n417 tosend = psock-\u003eapply_bytes;\n[...]\n443 sk_msg_return(sk, msg, tosend);\n444 release_sock(sk);\n446 origsize = msg-\u003esg.size;\n447 ret = tcp_bpf_sendmsg_redir(sk_redir, redir_ingress,\n448 msg, tosend, flags);\n449 sent = origsize - msg-\u003esg.size;\n[...]\n454 lock_sock(sk);\n455 if (unlikely(ret \u003c 0)) {\n456 int free = sk_msg_free_nocharge(sk, msg);\n458 if (!cork)\n459 *copied -= free;\n460 }\n[...]\n487 if (eval == __SK_REDIRECT)\n488 sk_mem_charge(sk, tosend - sent);\n[...]\n\nWhen running the selftest test_txmsg_redir_wait_sndmem with txmsg_apply,\nthe following warning will be reported:\n\n------------[ cut here ]------------\nWARNING: CPU: 6 PID: 57 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x190/0x1a0\nModules linked in:\nCPU: 6 UID: 0 PID: 57 Comm: kworker/6:0 Not tainted 6.12.0-rc1.bm.1-amd64+ #43\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nWorkqueue: events sk_psock_destroy\nRIP: 0010:inet_sock_destruct+0x190/0x1a0\nRSP: 0018:ffffad0a8021fe08 EFLAGS: 00010206\nRAX: 0000000000000011 RBX: ffff9aab4475b900 RCX: ffff9aab481a0800\nRDX: 0000000000000303 RSI: 0000000000000011 RDI: ffff9aab4475b900\nRBP: ffff9aab4475b990 R08: 0000000000000000 R09: ffff9aab40050ec0\nR10: 0000000000000000 R11: ffff9aae6fdb1d01 R12: ffff9aab49c60400\nR13: ffff9aab49c60598 R14: ffff9aab49c60598 R15: dead000000000100\nFS: 0000000000000000(0000) GS:ffff9aae6fd80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffec7e47bd8 CR3: 00000001a1a1c004 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x89/0x130\n? inet_sock_destruct+0x190/0x1a0\n? report_bug+0xfc/0x1e0\n? handle_bug+0x5c/0xa0\n? exc_invalid_op+0x17/0x70\n? asm_exc_invalid_op+0x1a/0x20\n? inet_sock_destruct+0x190/0x1a0\n__sk_destruct+0x25/0x220\nsk_psock_destroy+0x2b2/0x310\nprocess_scheduled_works+0xa3/0x3e0\nworker_thread+0x117/0x240\n? __pfx_worker_thread+0x10/0x10\nkthread+0xcf/0x100\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x31/0x40\n? __pfx_kthread+0x10/0x10\nret_from_fork_asm+0x1a/0x30\n\u003c/TASK\u003e\n---[ end trace 0000000000000000 ]---\n\nIn __SK_REDIRECT, a more concise way is delaying the uncharging after sent\nbytes are finalized, and uncharge this value. When (ret \u003c 0), we shall\ninvoke sk_msg_free.\n\nSame thing happens in case __SK_DROP, when tosend is set to apply_bytes,\nwe may miss uncharging (msg-\u003esg.size - apply_bytes) bytes. The same\nwarning will be reported in selftest.\n\n[...]\n468 case __SK_DROP:\n469 default:\n470 sk_msg_free_partial(sk, msg, tosend);\n471 sk_msg_apply_bytes(psock, tosend);\n472 *copied -= (tosend + delta);\n473 return -EACCES;\n[...]\n\nSo instead of sk_msg_free_partial we can do sk_msg_free here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56633",
"url": "https://www.suse.com/security/cve/CVE-2024-56633"
},
{
"category": "external",
"summary": "SUSE Bug 1235485 for CVE-2024-56633",
"url": "https://bugzilla.suse.com/1235485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56633"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix icmp host relookup triggering ip_rt_bug\n\narp link failure may trigger ip_rt_bug while xfrm enabled, call trace is:\n\nWARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 ip_rt_bug+0x14/0x20\nModules linked in:\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:ip_rt_bug+0x14/0x20\nCall Trace:\n \u003cIRQ\u003e\n ip_send_skb+0x14/0x40\n __icmp_send+0x42d/0x6a0\n ipv4_link_failure+0xe2/0x1d0\n arp_error_report+0x3c/0x50\n neigh_invalidate+0x8d/0x100\n neigh_timer_handler+0x2e1/0x330\n call_timer_fn+0x21/0x120\n __run_timer_base.part.0+0x1c9/0x270\n run_timer_softirq+0x4c/0x80\n handle_softirqs+0xac/0x280\n irq_exit_rcu+0x62/0x80\n sysvec_apic_timer_interrupt+0x77/0x90\n\nThe script below reproduces this scenario:\nip xfrm policy add src 0.0.0.0/0 dst 0.0.0.0/0 \\\n\tdir out priority 0 ptype main flag localok icmp\nip l a veth1 type veth\nip a a 192.168.141.111/24 dev veth0\nip l s veth0 up\nping 192.168.141.155 -c 1\n\nicmp_route_lookup() create input routes for locally generated packets\nwhile xfrm relookup ICMP traffic.Then it will set input route\n(dst-\u003eout = ip_rt_bug) to skb for DESTUNREACH.\n\nFor ICMP err triggered by locally generated packets, dst-\u003edev of output\nroute is loopback. Generally, xfrm relookup verification is not required\non loopback interfaces (net.ipv4.conf.lo.disable_xfrm = 1).\n\nSkip icmp relookup for locally generated packets to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56647",
"url": "https://www.suse.com/security/cve/CVE-2024-56647"
},
{
"category": "external",
"summary": "SUSE Bug 1235435 for CVE-2024-56647",
"url": "https://bugzilla.suse.com/1235435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56647"
},
{
"cve": "CVE-2024-56658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: defer final \u0027struct net\u0027 free in netns dismantle\n\nIlya reported a slab-use-after-free in dst_destroy [1]\n\nIssue is in xfrm6_net_init() and xfrm4_net_init() :\n\nThey copy xfrm[46]_dst_ops_template into net-\u003exfrm.xfrm[46]_dst_ops.\n\nBut net structure might be freed before all the dst callbacks are\ncalled. So when dst_destroy() calls later :\n\nif (dst-\u003eops-\u003edestroy)\n dst-\u003eops-\u003edestroy(dst);\n\ndst-\u003eops points to the old net-\u003exfrm.xfrm[46]_dst_ops, which has been freed.\n\nSee a relevant issue fixed in :\n\nac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\")\n\nA fix is to queue the \u0027struct net\u0027 to be freed after one\nanother cleanup_net() round (and existing rcu_barrier())\n\n[1]\n\nBUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112)\nRead of size 8 at addr ffff8882137ccab0 by task swapper/37/0\nDec 03 05:46:18 kernel:\nCPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67\nHardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\ndump_stack_lvl (lib/dump_stack.c:124)\nprint_address_description.constprop.0 (mm/kasan/report.c:378)\n? dst_destroy (net/core/dst.c:112)\nprint_report (mm/kasan/report.c:489)\n? dst_destroy (net/core/dst.c:112)\n? kasan_addr_to_slab (mm/kasan/common.c:37)\nkasan_report (mm/kasan/report.c:603)\n? dst_destroy (net/core/dst.c:112)\n? rcu_do_batch (kernel/rcu/tree.c:2567)\ndst_destroy (net/core/dst.c:112)\nrcu_do_batch (kernel/rcu/tree.c:2567)\n? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406)\nrcu_core (kernel/rcu/tree.c:2825)\nhandle_softirqs (kernel/softirq.c:554)\n__irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637)\nirq_exit_rcu (kernel/softirq.c:651)\nsysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049)\n \u003c/IRQ\u003e\n \u003cTASK\u003e\nasm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702)\nRIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743)\nCode: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 \u003cfa\u003e c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90\nRSP: 0018:ffff888100d2fe00 EFLAGS: 00000246\nRAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123\nRBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d\nR10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000\nR13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000\n? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148)\n? cpuidle_idle_call (kernel/sched/idle.c:186)\ndefault_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118)\ncpuidle_idle_call (kernel/sched/idle.c:186)\n? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168)\n? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406)\n? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59)\ndo_idle (kernel/sched/idle.c:326)\ncpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1))\nstart_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282)\n? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232)\n? soft_restart_cpu (arch/x86/kernel/head_64.S:452)\ncommon_startup_64 (arch/x86/kernel/head_64.S:414)\n \u003c/TASK\u003e\nDec 03 05:46:18 kernel:\nAllocated by task 12184:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69)\n__kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\nkmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141)\ncopy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480)\ncreate_new_namespaces\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56658",
"url": "https://www.suse.com/security/cve/CVE-2024-56658"
},
{
"category": "external",
"summary": "SUSE Bug 1235441 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "external",
"summary": "SUSE Bug 1235442 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-56658"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core-indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Several fixes to bpf_msg_pop_data\n\nSeveral fixes to bpf_msg_pop_data,\n1. In sk_msg_shift_left, we should put_page\n2. if (len == 0), return early is better\n3. pop the entire sk_msg (last == msg-\u003esg.size) should be supported\n4. Fix for the value of variable \"a\"\n5. In sk_msg_shift_left, after shifting, i has already pointed to the next\nelement. Addtional sk_msg_iter_var_next may result in BUG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56720",
"url": "https://www.suse.com/security/cve/CVE-2024-56720"
},
{
"category": "external",
"summary": "SUSE Bug 1235592 for CVE-2024-56720",
"url": "https://bugzilla.suse.com/1235592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56720"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a \u0027possible circular locking dependency detected\u0027 warning\n CPU0 CPU1\n ---- ----\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n\nFix this by temporarily releasing the reset_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57807",
"url": "https://www.suse.com/security/cve/CVE-2024-57807"
},
{
"category": "external",
"summary": "SUSE Bug 1235761 for CVE-2024-57807",
"url": "https://bugzilla.suse.com/1235761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread\n\nsyzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1]\n\nIf dvb-\u003emux is not initialized successfully by vidtv_mux_init() in the\nvidtv_start_streaming(), it will trigger null pointer dereference about mux\nin vidtv_mux_stop_thread().\n\nAdjust the timing of streaming initialization and check it before\nstopping it.\n\n[1]\nKASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]\nCPU: 0 UID: 0 PID: 5842 Comm: syz-executor248 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:vidtv_mux_stop_thread+0x26/0x80 drivers/media/test-drivers/vidtv/vidtv_mux.c:471\nCode: 90 90 90 90 66 0f 1f 00 55 53 48 89 fb e8 82 2e c8 f9 48 8d bb 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 02 7e 3b 0f b6 ab 28 01 00 00 31 ff 89 ee e8\nRSP: 0018:ffffc90003f2faa8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87cfb125\nRDX: 0000000000000025 RSI: ffffffff87d120ce RDI: 0000000000000128\nRBP: ffff888029b8d220 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000003 R12: ffff888029b8d188\nR13: ffffffff8f590aa0 R14: ffffc9000581c5c8 R15: ffff888029a17710\nFS: 00007f7eef5156c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7eef5e635c CR3: 0000000076ca6000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vidtv_stop_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:209 [inline]\n vidtv_stop_feed+0x151/0x250 drivers/media/test-drivers/vidtv/vidtv_bridge.c:252\n dmx_section_feed_stop_filtering+0x90/0x160 drivers/media/dvb-core/dvb_demux.c:1000\n dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270 drivers/media/dvb-core/dmxdev.c:486\n dvb_dmxdev_filter_stop+0x22a/0x3a0 drivers/media/dvb-core/dmxdev.c:559\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3f8/0xb60 fs/file_table.c:450\n task_work_run+0x14e/0x250 kernel/task_work.c:239\n get_signal+0x1d3/0x2610 kernel/signal.c:2790\n arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218\n do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57834",
"url": "https://www.suse.com/security/cve/CVE-2024-57834"
},
{
"category": "external",
"summary": "SUSE Bug 1238993 for CVE-2024-57834",
"url": "https://bugzilla.suse.com/1238993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix TCP options overflow.\n\nSyzbot reported the following splat:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 UID: 0 PID: 5836 Comm: sshd Not tainted 6.13.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\nRIP: 0010:_compound_head include/linux/page-flags.h:242 [inline]\nRIP: 0010:put_page+0x23/0x260 include/linux/mm.h:1552\nCode: 90 90 90 90 90 90 90 55 41 57 41 56 53 49 89 fe 48 bd 00 00 00 00 00 fc ff df e8 f8 5e 12 f8 49 8d 5e 08 48 89 d8 48 c1 e8 03 \u003c80\u003e 3c 28 00 74 08 48 89 df e8 8f c7 78 f8 48 8b 1b 48 89 de 48 83\nRSP: 0000:ffffc90003916c90 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888030458000\nRDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: dffffc0000000000 R08: ffffffff898ca81d R09: 1ffff110054414ac\nR10: dffffc0000000000 R11: ffffed10054414ad R12: 0000000000000007\nR13: ffff88802a20a542 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f34f496e800(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9d6ec9ec28 CR3: 000000004d260000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n skb_page_unref include/linux/skbuff_ref.h:43 [inline]\n __skb_frag_unref include/linux/skbuff_ref.h:56 [inline]\n skb_release_data+0x483/0x8a0 net/core/skbuff.c:1119\n skb_release_all net/core/skbuff.c:1190 [inline]\n __kfree_skb+0x55/0x70 net/core/skbuff.c:1204\n tcp_clean_rtx_queue net/ipv4/tcp_input.c:3436 [inline]\n tcp_ack+0x2442/0x6bc0 net/ipv4/tcp_input.c:4032\n tcp_rcv_state_process+0x8eb/0x44e0 net/ipv4/tcp_input.c:6805\n tcp_v4_do_rcv+0x77d/0xc70 net/ipv4/tcp_ipv4.c:1939\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5672 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5785\n process_backlog+0x662/0x15b0 net/core/dev.c:6117\n __napi_poll+0xcb/0x490 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:7074\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x57/0xc0 arch/x86/kernel/apic/apic.c:1049\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\nRIP: 0033:0x7f34f4519ad5\nCode: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83\nRSP: 002b:00007ffec5b32ce0 EFLAGS: 00000246\nRAX: 0000000000000001 RBX: 00000000000668a0 RCX: 00007f34f4519ad5\nRDX: 00007ffec5b32d00 RSI: 0000000000000004 RDI: 0000564f4bc6cae0\nRBP: 0000564f4bc6b5a0 R08: 0000000000000008 R09: 0000000000000000\nR10: 00007ffec5b32de8 R11: 0000000000000246 R12: 0000564f48ea8aa4\nR13: 0000000000000001 R14: 0000564f48ea93e8 R15: 00007ffec5b32d68\n \u003c/TASK\u003e\n\nEric noted a probable shinfo-\u003enr_frags corruption, which indeed\noccurs.\n\nThe root cause is a buggy MPTCP option len computation in some\ncircumstances: the ADD_ADDR option should be mutually exclusive\nwith DSS since the blamed commit.\n\nStill, mptcp_established_options_add_addr() tries to set the\nrelevant info in mptcp_out_options, if \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57882",
"url": "https://www.suse.com/security/cve/CVE-2024-57882"
},
{
"category": "external",
"summary": "SUSE Bug 1235914 for CVE-2024-57882",
"url": "https://bugzilla.suse.com/1235914"
},
{
"category": "external",
"summary": "SUSE Bug 1235916 for CVE-2024-57882",
"url": "https://bugzilla.suse.com/1235916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-57882"
},
{
"cve": "CVE-2024-57889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking\n\nIf a device uses MCP23xxx IO expander to receive IRQs, the following\nbug can happen:\n\n BUG: sleeping function called from invalid context\n at kernel/locking/mutex.c:283\n in_atomic(): 1, irqs_disabled(): 1, non_block: 0, ...\n preempt_count: 1, expected: 0\n ...\n Call Trace:\n ...\n __might_resched+0x104/0x10e\n __might_sleep+0x3e/0x62\n mutex_lock+0x20/0x4c\n regmap_lock_mutex+0x10/0x18\n regmap_update_bits_base+0x2c/0x66\n mcp23s08_irq_set_type+0x1ae/0x1d6\n __irq_set_trigger+0x56/0x172\n __setup_irq+0x1e6/0x646\n request_threaded_irq+0xb6/0x160\n ...\n\nWe observed the problem while experimenting with a touchscreen driver which\nused MCP23017 IO expander (I2C).\n\nThe regmap in the pinctrl-mcp23s08 driver uses a mutex for protection from\nconcurrent accesses, which is the default for regmaps without .fast_io,\n.disable_locking, etc.\n\nmcp23s08_irq_set_type() calls regmap_update_bits_base(), and the latter\nlocks the mutex.\n\nHowever, __setup_irq() locks desc-\u003elock spinlock before calling these\nfunctions. As a result, the system tries to lock the mutex whole holding\nthe spinlock.\n\nIt seems, the internal regmap locks are not needed in this driver at all.\nmcp-\u003elock seems to protect the regmap from concurrent accesses already,\nexcept, probably, in mcp_pinconf_get/set.\n\nmcp23s08_irq_set_type() and mcp23s08_irq_mask/unmask() are called under\nchip_bus_lock(), which calls mcp23s08_irq_bus_lock(). The latter takes\nmcp-\u003elock and enables regmap caching, so that the potentially slow I2C\naccesses are deferred until chip_bus_unlock().\n\nThe accesses to the regmap from mcp23s08_probe_one() do not need additional\nlocking.\n\nIn all remaining places where the regmap is accessed, except\nmcp_pinconf_get/set(), the driver already takes mcp-\u003elock.\n\nThis patch adds locking in mcp_pinconf_get/set() and disables internal\nlocking in the regmap config. Among other things, it fixes the sleeping\nin atomic context described above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57889",
"url": "https://www.suse.com/security/cve/CVE-2024-57889"
},
{
"category": "external",
"summary": "SUSE Bug 1236573 for CVE-2024-57889",
"url": "https://bugzilla.suse.com/1236573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57889"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: check local interfaces before deleting sdata list\n\nsyzkaller reported a corrupted list in ieee802154_if_remove. [1]\n\nRemove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4\nhardware device from the system.\n\nCPU0\t\t\t\t\tCPU1\n====\t\t\t\t\t====\ngenl_family_rcv_msg_doit\t\tieee802154_unregister_hw\nieee802154_del_iface\t\t\tieee802154_remove_interfaces\nrdev_del_virtual_intf_deprecated\tlist_del(\u0026sdata-\u003elist)\nieee802154_if_remove\nlist_del_rcu\n\nThe net device has been unregistered, since the rcu grace period,\nunregistration must be run before ieee802154_if_remove.\n\nTo avoid this issue, add a check for local-\u003einterfaces before deleting\nsdata list.\n\n[1]\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 6277 Comm: syz-executor157 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:__list_del_entry_valid_or_report+0xf4/0x140 lib/list_debug.c:56\nCode: e8 a1 7e 00 07 90 0f 0b 48 c7 c7 e0 37 60 8c 4c 89 fe e8 8f 7e 00 07 90 0f 0b 48 c7 c7 40 38 60 8c 4c 89 fe e8 7d 7e 00 07 90 \u003c0f\u003e 0b 48 c7 c7 a0 38 60 8c 4c 89 fe e8 6b 7e 00 07 90 0f 0b 48 c7\nRSP: 0018:ffffc9000490f3d0 EFLAGS: 00010246\nRAX: 000000000000004e RBX: dead000000000122 RCX: d211eee56bb28d00\nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\nRBP: ffff88805b278dd8 R08: ffffffff8174a12c R09: 1ffffffff2852f0d\nR10: dffffc0000000000 R11: fffffbfff2852f0e R12: dffffc0000000000\nR13: dffffc0000000000 R14: dead000000000100 R15: ffff88805b278cc0\nFS: 0000555572f94380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000056262e4a3000 CR3: 0000000078496000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n __list_del_entry_valid include/linux/list.h:124 [inline]\n __list_del_entry include/linux/list.h:215 [inline]\n list_del_rcu include/linux/rculist.h:157 [inline]\n ieee802154_if_remove+0x86/0x1e0 net/mac802154/iface.c:687\n rdev_del_virtual_intf_deprecated net/ieee802154/rdev-ops.h:24 [inline]\n ieee802154_del_iface+0x2c0/0x5c0 net/ieee802154/nl-phy.c:323\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:744\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2607\n ___sys_sendmsg net/socket.c:2661 [inline]\n __sys_sendmsg+0x292/0x380 net/socket.c:2690\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57948",
"url": "https://www.suse.com/security/cve/CVE-2024-57948"
},
{
"category": "external",
"summary": "SUSE Bug 1236677 for CVE-2024-57948",
"url": "https://bugzilla.suse.com/1236677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57948"
},
{
"cve": "CVE-2024-57973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user. It comes from\nprocess_responses(). On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug. Use size_add() to prevent this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57973",
"url": "https://www.suse.com/security/cve/CVE-2024-57973"
},
{
"category": "external",
"summary": "SUSE Bug 1238531 for CVE-2024-57973",
"url": "https://bugzilla.suse.com/1238531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Fix potential error pointer dereference in detach_pm()\n\nThe proble is on the first line:\n\n\tif (jpeg-\u003epd_dev[i] \u0026\u0026 !pm_runtime_suspended(jpeg-\u003epd_dev[i]))\n\nIf jpeg-\u003epd_dev[i] is an error pointer, then passing it to\npm_runtime_suspended() will lead to an Oops. The other conditions\ncheck for both error pointers and NULL, but it would be more clear to\nuse the IS_ERR_OR_NULL() check for that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57978",
"url": "https://www.suse.com/security/cve/CVE-2024-57978"
},
{
"category": "external",
"summary": "SUSE Bug 1238523 for CVE-2024-57978",
"url": "https://bugzilla.suse.com/1238523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: Fix a use-after-free\n\nOn a board running ntpd and gpsd, I\u0027m seeing a consistent use-after-free\nin sys_exit() from gpsd when rebooting:\n\n pps pps1: removed\n ------------[ cut here ]------------\n kobject: \u0027(null)\u0027 (00000000db4bec24): is not initialized, yet kobject_put() is being called.\n WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150\n CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1\n Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : kobject_put+0x120/0x150\n lr : kobject_put+0x120/0x150\n sp : ffffffc0803d3ae0\n x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001\n x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440\n x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600\n x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20\n x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n kobject_put+0x120/0x150\n cdev_put+0x20/0x3c\n __fput+0x2c4/0x2d8\n ____fput+0x1c/0x38\n task_work_run+0x70/0xfc\n do_exit+0x2a0/0x924\n do_group_exit+0x34/0x90\n get_signal+0x7fc/0x8c0\n do_signal+0x128/0x13b4\n do_notify_resume+0xdc/0x160\n el0_svc+0xd4/0xf8\n el0t_64_sync_handler+0x140/0x14c\n el0t_64_sync+0x190/0x194\n ---[ end trace 0000000000000000 ]---\n\n...followed by more symptoms of corruption, with similar stacks:\n\n refcount_t: underflow; use-after-free.\n kernel BUG at lib/list_debug.c:62!\n Kernel panic - not syncing: Oops - BUG: Fatal exception\n\nThis happens because pps_device_destruct() frees the pps_device with the\nembedded cdev immediately after calling cdev_del(), but, as the comment\nabove cdev_del() notes, fops for previously opened cdevs are still\ncallable even after cdev_del() returns. I think this bug has always\nbeen there: I can\u0027t explain why it suddenly started happening every time\nI reboot this particular board.\n\nIn commit d953e0e837e6 (\"pps: Fix a use-after free bug when\nunregistering a source.\"), George Spelvin suggested removing the\nembedded cdev. That seems like the simplest way to fix this, so I\u0027ve\nimplemented his suggestion, using __register_chrdev() with pps_idr\nbecoming the source of truth for which minor corresponds to which\ndevice.\n\nBut now that pps_idr defines userspace visibility instead of cdev_add(),\nwe need to be sure the pps-\u003edev refcount can\u0027t reach zero while\nuserspace can still find it again. So, the idr_remove() call moves to\npps_unregister_cdev(), and pps_idr now holds a reference to pps-\u003edev.\n\n pps_core: source serial1 got cdev (251:1)\n \u003c...\u003e\n pps pps1: removed\n pps_core: unregistering pps1\n pps_core: deallocating pps1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57979",
"url": "https://www.suse.com/security/cve/CVE-2024-57979"
},
{
"category": "external",
"summary": "SUSE Bug 1238521 for CVE-2024-57979",
"url": "https://bugzilla.suse.com/1238521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57980",
"url": "https://www.suse.com/security/cve/CVE-2024-57980"
},
{
"category": "external",
"summary": "SUSE Bug 1237911 for CVE-2024-57980",
"url": "https://bugzilla.suse.com/1237911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57981",
"url": "https://www.suse.com/security/cve/CVE-2024-57981"
},
{
"category": "external",
"summary": "SUSE Bug 1237912 for CVE-2024-57981",
"url": "https://bugzilla.suse.com/1237912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Fix assumption that Resolution Multipliers must be in Logical Collections\n\nA report in 2019 by the syzbot fuzzer was found to be connected to two\nerrors in the HID core associated with Resolution Multipliers. One of\nthe errors was fixed by commit ea427a222d8b (\"HID: core: Fix deadloop\nin hid_apply_multiplier.\"), but the other has not been fixed.\n\nThis error arises because hid_apply_multipler() assumes that every\nResolution Multiplier control is contained in a Logical Collection,\ni.e., there\u0027s no way the routine can ever set multiplier_collection to\nNULL. This is in spite of the fact that the function starts with a\nbig comment saying:\n\n\t * \"The Resolution Multiplier control must be contained in the same\n\t * Logical Collection as the control(s) to which it is to be applied.\n\t ...\n\t * If no Logical Collection is\n\t * defined, the Resolution Multiplier is associated with all\n\t * controls in the report.\"\n\t * HID Usage Table, v1.12, Section 4.3.1, p30\n\t *\n\t * Thus, search from the current collection upwards until we find a\n\t * logical collection...\n\nThe comment and the code overlook the possibility that none of the\ncollections found may be a Logical Collection.\n\nThe fix is to set the multiplier_collection pointer to NULL if the\ncollection found isn\u0027t a Logical Collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57986",
"url": "https://www.suse.com/security/cve/CVE-2024-57986"
},
{
"category": "external",
"summary": "SUSE Bug 1237907 for CVE-2024-57986",
"url": "https://bugzilla.suse.com/1237907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: fix off by one in mt7925_load_clc()\n\nThis comparison should be \u003e= instead of \u003e to prevent an out of bounds\nread and write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57990",
"url": "https://www.suse.com/security/cve/CVE-2024-57990"
},
{
"category": "external",
"summary": "SUSE Bug 1237900 for CVE-2024-57990",
"url": "https://bugzilla.suse.com/1237900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check\n\nsyzbot has found a type mismatch between a USB pipe and the transfer\nendpoint, which is triggered by the hid-thrustmaster driver[1].\nThere is a number of similar, already fixed issues [2].\nIn this case as in others, implementing check for endpoint type fixes the issue.\n\n[1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470\n[2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57993",
"url": "https://www.suse.com/security/cve/CVE-2024-57993"
},
{
"category": "external",
"summary": "SUSE Bug 1237894 for CVE-2024-57993",
"url": "https://bugzilla.suse.com/1237894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptr_ring: do not block hard interrupts in ptr_ring_resize_multiple()\n\nJakub added a lockdep_assert_no_hardirq() check in __page_pool_put_page()\nto increase test coverage.\n\nsyzbot found a splat caused by hard irq blocking in\nptr_ring_resize_multiple() [1]\n\nAs current users of ptr_ring_resize_multiple() do not require\nhard irqs being masked, replace it to only block BH.\n\nRename helpers to better reflect they are safe against BH only.\n\n- ptr_ring_resize_multiple() to ptr_ring_resize_multiple_bh()\n- skb_array_resize_multiple() to skb_array_resize_multiple_bh()\n\n[1]\n\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 __page_pool_put_page net/core/page_pool.c:709 [inline]\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nModules linked in:\nCPU: 1 UID: 0 PID: 9150 Comm: syz.1.1052 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:__page_pool_put_page net/core/page_pool.c:709 [inline]\nRIP: 0010:page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nCode: 74 0e e8 7c aa fb f7 eb 43 e8 75 aa fb f7 eb 3c 65 8b 1d 38 a8 6a 76 31 ff 89 de e8 a3 ae fb f7 85 db 74 0b e8 5a aa fb f7 90 \u003c0f\u003e 0b 90 eb 1d 65 8b 1d 15 a8 6a 76 31 ff 89 de e8 84 ae fb f7 85\nRSP: 0018:ffffc9000bda6b58 EFLAGS: 00010083\nRAX: ffffffff8997e523 RBX: 0000000000000000 RCX: 0000000000040000\nRDX: ffffc9000fbd0000 RSI: 0000000000001842 RDI: 0000000000001843\nRBP: 0000000000000000 R08: ffffffff8997df2c R09: 1ffffd40003a000d\nR10: dffffc0000000000 R11: fffff940003a000e R12: ffffea0001d00040\nR13: ffff88802e8a4000 R14: dffffc0000000000 R15: 00000000ffffffff\nFS: 00007fb7aaf716c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa15a0d4b72 CR3: 00000000561b0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tun_ptr_free drivers/net/tun.c:617 [inline]\n __ptr_ring_swap_queue include/linux/ptr_ring.h:571 [inline]\n ptr_ring_resize_multiple_noprof include/linux/ptr_ring.h:643 [inline]\n tun_queue_resize drivers/net/tun.c:3694 [inline]\n tun_device_event+0xaaf/0x1080 drivers/net/tun.c:3714\n notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93\n call_netdevice_notifiers_extack net/core/dev.c:2032 [inline]\n call_netdevice_notifiers net/core/dev.c:2046 [inline]\n dev_change_tx_queue_len+0x158/0x2a0 net/core/dev.c:9024\n do_setlink+0xff6/0x41f0 net/core/rtnetlink.c:2923\n rtnl_setlink+0x40d/0x5a0 net/core/rtnetlink.c:3201\n rtnetlink_rcv_msg+0x73f/0xcf0 net/core/rtnetlink.c:6647\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57994",
"url": "https://www.suse.com/security/cve/CVE-2024-57994"
},
{
"category": "external",
"summary": "SUSE Bug 1237901 for CVE-2024-57994",
"url": "https://bugzilla.suse.com/1237901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57994"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wcn36xx: fix channel survey memory allocation size\n\nKASAN reported a memory allocation issue in wcn-\u003echan_survey\ndue to incorrect size calculation.\nThis commit uses kcalloc to allocate memory for wcn-\u003echan_survey,\nensuring proper initialization and preventing the use of uninitialized\nvalues when there are no frames on the channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57997",
"url": "https://www.suse.com/security/cve/CVE-2024-57997"
},
{
"category": "external",
"summary": "SUSE Bug 1238529 for CVE-2024-57997",
"url": "https://bugzilla.suse.com/1238529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58002",
"url": "https://www.suse.com/security/cve/CVE-2024-58002"
},
{
"category": "external",
"summary": "SUSE Bug 1238503 for CVE-2024-58002",
"url": "https://bugzilla.suse.com/1238503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58005",
"url": "https://www.suse.com/security/cve/CVE-2024-58005"
},
{
"category": "external",
"summary": "SUSE Bug 1237873 for CVE-2024-58005",
"url": "https://bugzilla.suse.com/1237873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()\n\nIn commit 4284c88fff0e (\"PCI: designware-ep: Allow pci_epc_set_bar() update\ninbound map address\") set_bar() was modified to support dynamically\nchanging the backing physical address of a BAR that was already configured.\n\nThis means that set_bar() can be called twice, without ever calling\nclear_bar() (as calling clear_bar() would clear the BAR\u0027s PCI address\nassigned by the host).\n\nThis can only be done if the new BAR size/flags does not differ from the\nexisting BAR configuration. Add these missing checks.\n\nIf we allow set_bar() to set e.g. a new BAR size that differs from the\nexisting BAR size, the new address translation range will be smaller than\nthe BAR size already determined by the host, which would mean that a read\npast the new BAR size would pass the iATU untranslated, which could allow\nthe host to read memory not belonging to the new struct pci_epf_bar.\n\nWhile at it, add comments which clarifies the support for dynamically\nchanging the physical address of a BAR. (Which was also missing.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58006",
"url": "https://www.suse.com/security/cve/CVE-2024-58006"
},
{
"category": "external",
"summary": "SUSE Bug 1238772 for CVE-2024-58006",
"url": "https://bugzilla.suse.com/1238772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It\u0027s always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it\u0027s\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58007",
"url": "https://www.suse.com/security/cve/CVE-2024-58007"
},
{
"category": "external",
"summary": "SUSE Bug 1238511 for CVE-2024-58007",
"url": "https://bugzilla.suse.com/1238511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58009",
"url": "https://www.suse.com/security/cve/CVE-2024-58009"
},
{
"category": "external",
"summary": "SUSE Bug 1238760 for CVE-2024-58009",
"url": "https://bugzilla.suse.com/1238760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58011",
"url": "https://www.suse.com/security/cve/CVE-2024-58011"
},
{
"category": "external",
"summary": "SUSE Bug 1239080 for CVE-2024-58011",
"url": "https://bugzilla.suse.com/1239080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params\n\nEach cpu DAI should associate with a widget. However, the topology might\nnot create the right number of DAI widgets for aggregated amps. And it\nwill cause NULL pointer deference.\nCheck that the DAI widget associated with the CPU DAI is valid to prevent\nNULL pointer deference due to missing DAI widgets in topologies with\naggregated amps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58012",
"url": "https://www.suse.com/security/cve/CVE-2024-58012"
},
{
"category": "external",
"summary": "SUSE Bug 1239104 for CVE-2024-58012",
"url": "https://bugzilla.suse.com/1239104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58013",
"url": "https://www.suse.com/security/cve/CVE-2024-58013"
},
{
"category": "external",
"summary": "SUSE Bug 1239095 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "external",
"summary": "SUSE Bug 1239096 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58014",
"url": "https://www.suse.com/security/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "SUSE Bug 1239109 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "external",
"summary": "SUSE Bug 1239110 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58017",
"url": "https://www.suse.com/security/cve/CVE-2024-58017"
},
{
"category": "external",
"summary": "SUSE Bug 1239112 for CVE-2024-58017",
"url": "https://bugzilla.suse.com/1239112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()\n\nAs of_find_node_by_name() release the reference of the argument device\nnode, tegra_emc_find_node_by_ram_code() releases some device nodes while\nstill in use, resulting in possible UAFs. According to the bindings and\nthe in-tree DTS files, the \"emc-tables\" node is always device\u0027s child\nnode with the property \"nvidia,use-ram-code\", and the \"lpddr2\" node is a\nchild of the \"emc-tables\" node. Thus utilize the\nfor_each_child_of_node() macro and of_get_child_by_name() instead of\nof_find_node_by_name() to simplify the code.\n\nThis bug was found by an experimental verification tool that I am\ndeveloping.\n\n[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58034",
"url": "https://www.suse.com/security/cve/CVE-2024-58034"
},
{
"category": "external",
"summary": "SUSE Bug 1238773 for CVE-2024-58034",
"url": "https://bugzilla.suse.com/1238773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: ipmb: Add check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this\nreturned value is not checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58051",
"url": "https://www.suse.com/security/cve/CVE-2024-58051"
},
{
"category": "external",
"summary": "SUSE Bug 1238963 for CVE-2024-58051",
"url": "https://bugzilla.suse.com/1238963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58052",
"url": "https://www.suse.com/security/cve/CVE-2024-58052"
},
{
"category": "external",
"summary": "SUSE Bug 1238986 for CVE-2024-58052",
"url": "https://bugzilla.suse.com/1238986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: max96712: fix kernel oops when removing module\n\nThe following kernel oops is thrown when trying to remove the max96712\nmodule:\n\nUnable to handle kernel paging request at virtual address 00007375746174db\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000\n[00007375746174db] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan\n snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2\n imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev\n snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils\n max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse\n [last unloaded: imx8_isi]\nCPU: 0 UID: 0 PID: 754 Comm: rmmod\n\t Tainted: G C 6.12.0-rc6-06364-g327fec852c31 #17\nTainted: [C]=CRAP\nHardware name: NXP i.MX95 19X19 board (DT)\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : led_put+0x1c/0x40\nlr : v4l2_subdev_put_privacy_led+0x48/0x58\nsp : ffff80008699bbb0\nx29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000\nx26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8\nx20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000\nx11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010\nx8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\nx5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1\nx2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473\nCall trace:\n led_put+0x1c/0x40\n v4l2_subdev_put_privacy_led+0x48/0x58\n v4l2_async_unregister_subdev+0x2c/0x1a4\n max96712_remove+0x1c/0x38 [max96712]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x4c/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n max96712_i2c_driver_exit+0x18/0x1d0 [max96712]\n __arm64_sys_delete_module+0x1a4/0x290\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xd8\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\nCode: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400)\n---[ end trace 0000000000000000 ]---\n\nThis happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata()\nis called again and the data is overwritten to point to sd, instead of\npriv. So, in remove(), the wrong pointer is passed to\nv4l2_async_unregister_subdev(), leading to a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58054",
"url": "https://www.suse.com/security/cve/CVE-2024-58054"
},
{
"category": "external",
"summary": "SUSE Bug 1238975 for CVE-2024-58054",
"url": "https://bugzilla.suse.com/1238975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don\u0027t free command immediately\n\nDon\u0027t prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58055",
"url": "https://www.suse.com/security/cve/CVE-2024-58055"
},
{
"category": "external",
"summary": "SUSE Bug 1238959 for CVE-2024-58055",
"url": "https://bugzilla.suse.com/1238959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been initialized to 0.\nida_free() is called reporting a warning:\n[ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[ 4.188854] ida_free called for id=0 which is not allocated.\n[ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[ 4.231481] Hardware name: STM32 (Device Tree Support)\n[ 4.236627] Workqueue: events_unbound deferred_probe_work_func\n[ 4.242504] Call trace:\n[ 4.242522] unwind_backtrace from show_stack+0x10/0x14\n[ 4.250218] show_stack from dump_stack_lvl+0x50/0x64\n[ 4.255274] dump_stack_lvl from __warn+0x80/0x12c\n[ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188\n[ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164\n[ 4.270565] ida_free from rproc_type_release+0x38/0x60\n[ 4.275832] rproc_type_release from device_release+0x30/0xa0\n[ 4.281601] device_release from kobject_put+0xc4/0x294\n[ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c\n[ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58056",
"url": "https://www.suse.com/security/cve/CVE-2024-58056"
},
{
"category": "external",
"summary": "SUSE Bug 1238981 for CVE-2024-58056",
"url": "https://bugzilla.suse.com/1238981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert workqueues to unbound\n\nWhen a workqueue is created with `WQ_UNBOUND`, its work items are\nserved by special worker-pools, whose host workers are not bound to\nany specific CPU. In the default configuration (i.e. when\n`queue_delayed_work` and friends do not specify which CPU to run the\nwork item on), `WQ_UNBOUND` allows the work item to be executed on any\nCPU in the same node of the CPU it was enqueued on. While this\nsolution potentially sacrifices locality, it avoids contention with\nother processes that might dominate the CPU time of the processor the\nwork item was scheduled on.\n\nThis is not just a theoretical problem: in a particular scenario\nmisconfigured process was hogging most of the time from CPU0, leaving\nless than 0.5% of its CPU time to the kworker. The IDPF workqueues\nthat were using the kworker on CPU0 suffered large completion delays\nas a result, causing performance degradation, timeouts and eventual\nsystem crash.\n\n\n* I have also run a manual test to gauge the performance\n improvement. The test consists of an antagonist process\n (`./stress --cpu 2`) consuming as much of CPU 0 as possible. This\n process is run under `taskset 01` to bind it to CPU0, and its\n priority is changed with `chrt -pQ 9900 10000 ${pid}` and\n `renice -n -20 ${pid}` after start.\n\n Then, the IDPF driver is forced to prefer CPU0 by editing all calls\n to `queue_delayed_work`, `mod_delayed_work`, etc... to use CPU 0.\n\n Finally, `ktraces` for the workqueue events are collected.\n\n Without the current patch, the antagonist process can force\n arbitrary delays between `workqueue_queue_work` and\n `workqueue_execute_start`, that in my tests were as high as\n `30ms`. With the current patch applied, the workqueue can be\n migrated to another unloaded CPU in the same node, and, keeping\n everything else equal, the maximum delay I could see was `6us`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58057",
"url": "https://www.suse.com/security/cve/CVE-2024-58057"
},
{
"category": "external",
"summary": "SUSE Bug 1238969 for CVE-2024-58057",
"url": "https://bugzilla.suse.com/1238969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58058",
"url": "https://www.suse.com/security/cve/CVE-2024-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1238979 for CVE-2024-58058",
"url": "https://bugzilla.suse.com/1238979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58061",
"url": "https://www.suse.com/security/cve/CVE-2024-58061"
},
{
"category": "external",
"summary": "SUSE Bug 1238973 for CVE-2024-58061",
"url": "https://bugzilla.suse.com/1238973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58063",
"url": "https://www.suse.com/security/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "SUSE Bug 1238984 for CVE-2024-58063",
"url": "https://bugzilla.suse.com/1238984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read\n\nThe nvmem interface supports variable buffer sizes, while the regmap\ninterface operates with fixed-size storage. If an nvmem client uses a\nbuffer size less than 4 bytes, regmap_read will write out of bounds\nas it expects the buffer to point at an unsigned int.\n\nFix this by using an intermediary unsigned int to hold the value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58069",
"url": "https://www.suse.com/security/cve/CVE-2024-58069"
},
{
"category": "external",
"summary": "SUSE Bug 1238978 for CVE-2024-58069",
"url": "https://bugzilla.suse.com/1238978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58072",
"url": "https://www.suse.com/security/cve/CVE-2024-58072"
},
{
"category": "external",
"summary": "SUSE Bug 1238964 for CVE-2024-58072",
"url": "https://bugzilla.suse.com/1238964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58076",
"url": "https://www.suse.com/security/cve/CVE-2024-58076"
},
{
"category": "external",
"summary": "SUSE Bug 1239037 for CVE-2024-58076",
"url": "https://bugzilla.suse.com/1239037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n\u003e \u003e WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n\u003e \u003e ida_free called for id=127 which is not allocated.\n\u003e \u003e \u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\n...\n\u003e \u003e [\u003c60941eb4\u003e] ida_free+0x3e0/0x41f\n\u003e \u003e [\u003c605ac993\u003e] misc_minor_free+0x3e/0xbc\n\u003e \u003e [\u003c605acb82\u003e] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58078",
"url": "https://www.suse.com/security/cve/CVE-2024-58078"
},
{
"category": "external",
"summary": "SUSE Bug 1239034 for CVE-2024-58078",
"url": "https://bugzilla.suse.com/1239034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58079",
"url": "https://www.suse.com/security/cve/CVE-2024-58079"
},
{
"category": "external",
"summary": "SUSE Bug 1239029 for CVE-2024-58079",
"url": "https://bugzilla.suse.com/1239029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58080",
"url": "https://www.suse.com/security/cve/CVE-2024-58080"
},
{
"category": "external",
"summary": "SUSE Bug 1239027 for CVE-2024-58080",
"url": "https://bugzilla.suse.com/1239027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don\u0027t emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58085",
"url": "https://www.suse.com/security/cve/CVE-2024-58085"
},
{
"category": "external",
"summary": "SUSE Bug 1239085 for CVE-2024-58085",
"url": "https://bugzilla.suse.com/1239085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58086",
"url": "https://www.suse.com/security/cve/CVE-2024-58086"
},
{
"category": "external",
"summary": "SUSE Bug 1239038 for CVE-2024-58086",
"url": "https://bugzilla.suse.com/1239038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2025-21631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix waker_bfqq UAF after bfq_split_bfqq()\n\nOur syzkaller report a following UAF for v6.6:\n\nBUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\nRead of size 8 at addr ffff8881b57147d8 by task fsstress/232726\n\nCPU: 2 PID: 232726 Comm: fsstress Not tainted 6.6.0-g3629d1885222 #39\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\n print_report+0x3e/0x70 mm/kasan/report.c:475\n kasan_report+0xb8/0xf0 mm/kasan/report.c:588\n hlist_add_head include/linux/list.h:1023 [inline]\n bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh+0x15e/0x2e0 fs/ext4/super.c:230\n __read_extent_tree_block+0x304/0x6f0 fs/ext4/extents.c:567\n ext4_find_extent+0x479/0xd20 fs/ext4/extents.c:947\n ext4_ext_map_blocks+0x1a3/0x2680 fs/ext4/extents.c:4182\n ext4_map_blocks+0x929/0x15a0 fs/ext4/inode.c:660\n ext4_iomap_begin_report+0x298/0x480 fs/ext4/inode.c:3569\n iomap_iter+0x3dd/0x1010 fs/iomap/iter.c:91\n iomap_fiemap+0x1f4/0x360 fs/iomap/fiemap.c:80\n ext4_fiemap+0x181/0x210 fs/ext4/extents.c:5051\n ioctl_fiemap.isra.0+0x1b4/0x290 fs/ioctl.c:220\n do_vfs_ioctl+0x31c/0x11a0 fs/ioctl.c:811\n __do_sys_ioctl fs/ioctl.c:869 [inline]\n __se_sys_ioctl+0xae/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nAllocated by task 232719:\n kasan_save_stack+0x22/0x50 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:768 [inline]\n slab_alloc_node mm/slub.c:3492 [inline]\n kmem_cache_alloc_node+0x1b8/0x6f0 mm/slub.c:3537\n bfq_get_queue+0x215/0x1f00 block/bfq-iosched.c:5869\n bfq_get_bfqq_handle_split+0x167/0x5f0 block/bfq-iosched.c:6776\n bfq_init_rq+0x13a4/0x17a0 block/bfq-iosched.c:6938\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh_nowait+0x15a/0x240 fs/ext4/super.c:217\n ext4_read_bh_lock+0xac/0xd0 fs/ext4/super.c:242\n ext4_bread_batch+0x268/0x500 fs/ext4/inode.c:958\n __ext4_find_entry+0x448/0x10f0 fs/ext4/namei.c:1671\n ext4_lookup_entry fs/ext4/namei.c:1774 [inline]\n ext4_lookup.part.0+0x359/0x6f0 fs/ext4/namei.c:1842\n ext4_lookup+0x72/0x90 fs/ext4/namei.c:1839\n __lookup_slow+0x257/0x480 fs/namei.c:1696\n lookup_slow fs/namei.c:1713 [inline]\n walk_component+0x454/0x5c0 fs/namei.c:2004\n link_path_walk.part.0+0x773/0xda0 fs/namei.c:2331\n link_path_walk fs/namei.c:3826 [inline]\n path_openat+0x1b9/0x520 fs/namei.c:3826\n do_filp_open+0x1b7/0x400 fs/namei.c:3857\n do_sys_openat2+0x5dc/0x6e0 fs/open.c:1428\n do_sys_open fs/open.c:1443 [inline]\n __do_sys_openat fs/open.c:1459 [inline]\n __se_sys_openat fs/open.c:1454 [inline]\n __x64_sys_openat+0x148/0x200 fs/open.c:1454\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_6\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21631",
"url": "https://www.suse.com/security/cve/CVE-2025-21631"
},
{
"category": "external",
"summary": "SUSE Bug 1236099 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "external",
"summary": "SUSE Bug 1236100 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: plpmtud_probe_interval: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.probe_interval\u0027 is\nused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21636",
"url": "https://www.suse.com/security/cve/CVE-2025-21636"
},
{
"category": "external",
"summary": "SUSE Bug 1236113 for CVE-2025-21636",
"url": "https://bugzilla.suse.com/1236113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21636"
},
{
"cve": "CVE-2025-21637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: udp_port: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21637",
"url": "https://www.suse.com/security/cve/CVE-2025-21637"
},
{
"category": "external",
"summary": "SUSE Bug 1236114 for CVE-2025-21637",
"url": "https://bugzilla.suse.com/1236114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21637"
},
{
"cve": "CVE-2025-21638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21638",
"url": "https://www.suse.com/security/cve/CVE-2025-21638"
},
{
"category": "external",
"summary": "SUSE Bug 1236115 for CVE-2025-21638",
"url": "https://bugzilla.suse.com/1236115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: rto_min/max: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.rto_min/max\u0027 is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21639",
"url": "https://www.suse.com/security/cve/CVE-2025-21639"
},
{
"category": "external",
"summary": "SUSE Bug 1236122 for CVE-2025-21639",
"url": "https://bugzilla.suse.com/1236122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.sctp_hmac_alg\u0027 is\nused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21640",
"url": "https://www.suse.com/security/cve/CVE-2025-21640"
},
{
"category": "external",
"summary": "SUSE Bug 1236123 for CVE-2025-21640",
"url": "https://bugzilla.suse.com/1236123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: sch_cake: add bounds checks to host bulk flow fairness counts\n\nEven though we fixed a logic error in the commit cited below, syzbot\nstill managed to trigger an underflow of the per-host bulk flow\ncounters, leading to an out of bounds memory access.\n\nTo avoid any such logic errors causing out of bounds memory accesses,\nthis commit factors out all accesses to the per-host bulk flow counters\nto a series of helpers that perform bounds-checking before any\nincrements and decrements. This also has the benefit of improving\nreadability by moving the conditional checks for the flow mode into\nthese helpers, instead of having them spread out throughout the\ncode (which was the cause of the original logic error).\n\nAs part of this change, the flow quantum calculation is consolidated\ninto a helper function, which means that the dithering applied to the\nost load scaling is now applied both in the DRR rotation and when a\nsparse flow\u0027s quantum is first initiated. The only user-visible effect\nof this is that the maximum packet size that can be sent while a flow\nstays sparse will now vary with +/- one byte in some cases. This should\nnot make a noticeable difference in practice, and thus it\u0027s not worth\ncomplicating the code to preserve the old behaviour.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21647",
"url": "https://www.suse.com/security/cve/CVE-2025-21647"
},
{
"category": "external",
"summary": "SUSE Bug 1236133 for CVE-2025-21647",
"url": "https://bugzilla.suse.com/1236133"
},
{
"category": "external",
"summary": "SUSE Bug 1236134 for CVE-2025-21647",
"url": "https://bugzilla.suse.com/1236134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21647"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: avoid truncating 64-bit offset to 32 bits\n\nOn 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a\n64-bit value to 32 bits, leading to a possible infinite loop when writing\nto an xfs filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21665",
"url": "https://www.suse.com/security/cve/CVE-2025-21665"
},
{
"category": "external",
"summary": "SUSE Bug 1236684 for CVE-2025-21665",
"url": "https://bugzilla.suse.com/1236684"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21665"
},
{
"cve": "CVE-2025-21666",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21666"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: prevent null-ptr-deref in vsock_*[has_data|has_space]\n\nRecent reports have shown how we sometimes call vsock_*_has_data()\nwhen a vsock socket has been de-assigned from a transport (see attached\nlinks), but we shouldn\u0027t.\n\nPrevious commits should have solved the real problems, but we may have\nmore in the future, so to avoid null-ptr-deref, we can return 0\n(no space, no data available) but with a warning.\n\nThis way the code should continue to run in a nearly consistent state\nand have a warning that allows us to debug future problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21666",
"url": "https://www.suse.com/security/cve/CVE-2025-21666"
},
{
"category": "external",
"summary": "SUSE Bug 1236680 for CVE-2025-21666",
"url": "https://bugzilla.suse.com/1236680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21666"
},
{
"cve": "CVE-2025-21667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: avoid avoid truncating 64-bit offset to 32 bits\n\non 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a\n32-bit position due to folio_next_index() returning an unsigned long.\nThis could lead to an infinite loop when writing to an xfs filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21667",
"url": "https://www.suse.com/security/cve/CVE-2025-21667"
},
{
"category": "external",
"summary": "SUSE Bug 1236681 for CVE-2025-21667",
"url": "https://bugzilla.suse.com/1236681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21667"
},
{
"cve": "CVE-2025-21668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: add missing loop break condition\n\nCurrently imx8mp_blk_ctrl_remove() will continue the for loop\nuntil an out-of-bounds exception occurs.\n\npstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : dev_pm_domain_detach+0x8/0x48\nlr : imx8mp_blk_ctrl_shutdown+0x58/0x90\nsp : ffffffc084f8bbf0\nx29: ffffffc084f8bbf0 x28: ffffff80daf32ac0 x27: 0000000000000000\nx26: ffffffc081658d78 x25: 0000000000000001 x24: ffffffc08201b028\nx23: ffffff80d0db9490 x22: ffffffc082340a78 x21: 00000000000005b0\nx20: ffffff80d19bc180 x19: 000000000000000a x18: ffffffffffffffff\nx17: ffffffc080a39e08 x16: ffffffc080a39c98 x15: 4f435f464f006c72\nx14: 0000000000000004 x13: ffffff80d0172110 x12: 0000000000000000\nx11: ffffff80d0537740 x10: ffffff80d05376c0 x9 : ffffffc0808ed2d8\nx8 : ffffffc084f8bab0 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : ffffff80d19b9420 x4 : fffffffe03466e60 x3 : 0000000080800077\nx2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000\nCall trace:\n dev_pm_domain_detach+0x8/0x48\n platform_shutdown+0x2c/0x48\n device_shutdown+0x158/0x268\n kernel_restart_prepare+0x40/0x58\n kernel_kexec+0x58/0xe8\n __do_sys_reboot+0x198/0x258\n __arm64_sys_reboot+0x2c/0x40\n invoke_syscall+0x5c/0x138\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x38/0xc8\n el0t_64_sync_handler+0x120/0x130\n el0t_64_sync+0x190/0x198\nCode: 8128c2d0 ffffffc0 aa1e03e9 d503201f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21668",
"url": "https://www.suse.com/security/cve/CVE-2025-21668"
},
{
"category": "external",
"summary": "SUSE Bug 1236682 for CVE-2025-21668",
"url": "https://bugzilla.suse.com/1236682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21668"
},
{
"cve": "CVE-2025-21669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: discard packets if the transport changes\n\nIf the socket has been de-assigned or assigned to another transport,\nwe must discard any packets received because they are not expected\nand would cause issues when we access vsk-\u003etransport.\n\nA possible scenario is described by Hyunwoo Kim in the attached link,\nwhere after a first connect() interrupted by a signal, and a second\nconnect() failed, we can find `vsk-\u003etransport` at NULL, leading to a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21669",
"url": "https://www.suse.com/security/cve/CVE-2025-21669"
},
{
"category": "external",
"summary": "SUSE Bug 1236683 for CVE-2025-21669",
"url": "https://bugzilla.suse.com/1236683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21669"
},
{
"cve": "CVE-2025-21670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/bpf: return early if transport is not assigned\n\nSome of the core functions can only be called if the transport\nhas been assigned.\n\nAs Michal reported, a socket might have the transport at NULL,\nfor example after a failed connect(), causing the following trace:\n\n BUG: kernel NULL pointer dereference, address: 00000000000000a0\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 12faf8067 P4D 12faf8067 PUD 113670067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 15 UID: 0 PID: 1198 Comm: a.out Not tainted 6.13.0-rc2+\n RIP: 0010:vsock_connectible_has_data+0x1f/0x40\n Call Trace:\n vsock_bpf_recvmsg+0xca/0x5e0\n sock_recvmsg+0xb9/0xc0\n __sys_recvfrom+0xb3/0x130\n __x64_sys_recvfrom+0x20/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nSo we need to check the `vsk-\u003etransport` in vsock_bpf_recvmsg(),\nespecially for connected sockets (stream/seqpacket) as we already\ndo in __vsock_connectible_recvmsg().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21670",
"url": "https://www.suse.com/security/cve/CVE-2025-21670"
},
{
"category": "external",
"summary": "SUSE Bug 1236685 for CVE-2025-21670",
"url": "https://bugzilla.suse.com/1236685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21670"
},
{
"cve": "CVE-2025-21671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram-\u003etable without\nsetting it NULL. Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21671",
"url": "https://www.suse.com/security/cve/CVE-2025-21671"
},
{
"category": "external",
"summary": "SUSE Bug 1236692 for CVE-2025-21671",
"url": "https://bugzilla.suse.com/1236692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double free of TCP_Server_Info::hostname\n\nWhen shutting down the server in cifs_put_tcp_session(), cifsd thread\nmight be reconnecting to multiple DFS targets before it realizes it\nshould exit the loop, so @server-\u003ehostname can\u0027t be freed as long as\ncifsd thread isn\u0027t done. Otherwise the following can happen:\n\n RIP: 0010:__slab_free+0x223/0x3c0\n Code: 5e 41 5f c3 cc cc cc cc 4c 89 de 4c 89 cf 44 89 44 24 08 4c 89\n 1c 24 e8 fb cf 8e 00 44 8b 44 24 08 4c 8b 1c 24 e9 5f fe ff ff \u003c0f\u003e\n 0b 41 f7 45 08 00 0d 21 00 0f 85 2d ff ff ff e9 1f ff ff ff 80\n RSP: 0018:ffffb26180dbfd08 EFLAGS: 00010246\n RAX: ffff8ea34728e510 RBX: ffff8ea34728e500 RCX: 0000000000800068\n RDX: 0000000000800068 RSI: 0000000000000000 RDI: ffff8ea340042400\n RBP: ffffe112041ca380 R08: 0000000000000001 R09: 0000000000000000\n R10: 6170732e31303000 R11: 70726f632e786563 R12: ffff8ea34728e500\n R13: ffff8ea340042400 R14: ffff8ea34728e500 R15: 0000000000800068\n FS: 0000000000000000(0000) GS:ffff8ea66fd80000(0000)\n 000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc25376080 CR3: 000000012a2ba001 CR4:\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __reconnect_target_unlocked+0x3e/0x160 [cifs]\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0xce/0x120\n ? __slab_free+0x223/0x3c0\n ? do_error_trap+0x65/0x80\n ? __slab_free+0x223/0x3c0\n ? exc_invalid_op+0x4e/0x70\n ? __slab_free+0x223/0x3c0\n ? asm_exc_invalid_op+0x16/0x20\n ? __slab_free+0x223/0x3c0\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? __kmalloc+0x4b/0x140\n __reconnect_target_unlocked+0x3e/0x160 [cifs]\n reconnect_dfs_server+0x145/0x430 [cifs]\n cifs_handle_standard+0x1ad/0x1d0 [cifs]\n cifs_demultiplex_thread+0x592/0x730 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21673",
"url": "https://www.suse.com/security/cve/CVE-2025-21673"
},
{
"category": "external",
"summary": "SUSE Bug 1236689 for CVE-2025-21673",
"url": "https://bugzilla.suse.com/1236689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21673"
},
{
"cve": "CVE-2025-21675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Clear port select structure when fail to create\n\nClear the port select structure on error so no stale values left after\ndefiners are destroyed. That\u0027s because the mlx5_lag_destroy_definers()\nalways try to destroy all lag definers in the tt_map, so in the flow\nbelow lag definers get double-destroyed and cause kernel crash:\n\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() \u003c- Failed on tt 1\n mlx5_lag_destroy_definers() \u003c- definers[tt=0] gets destroyed\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() \u003c- Failed on tt 0\n mlx5_lag_destroy_definers() \u003c- definers[tt=0] gets double-destroyed\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008\n Mem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 64k pages, 48-bit VAs, pgdp=0000000112ce2e00\n [0000000000000008] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n Modules linked in: iptable_raw bonding ip_gre ip6_gre gre ip6_tunnel tunnel6 geneve ip6_udp_tunnel udp_tunnel ipip tunnel4 ip_tunnel rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) mlx5_fwctl(OE) fwctl(OE) mlx5_core(OE) mlxdevm(OE) ib_core(OE) mlxfw(OE) memtrack(OE) mlx_compat(OE) openvswitch nsh nf_conncount psample xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc netconsole overlay efi_pstore sch_fq_codel zram ip_tables crct10dif_ce qemu_fw_cfg fuse ipv6 crc_ccitt [last unloaded: mlx_compat(OE)]\n CPU: 3 UID: 0 PID: 217 Comm: kworker/u53:2 Tainted: G OE 6.11.0+ #2\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n Workqueue: mlx5_lag mlx5_do_bond_work [mlx5_core]\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n lr : mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n sp : ffff800085fafb00\n x29: ffff800085fafb00 x28: ffff0000da0c8000 x27: 0000000000000000\n x26: ffff0000da0c8000 x25: ffff0000da0c8000 x24: ffff0000da0c8000\n x23: ffff0000c31f81a0 x22: 0400000000000000 x21: ffff0000da0c8000\n x20: 0000000000000000 x19: 0000000000000001 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffff8b0c9350\n x14: 0000000000000000 x13: ffff800081390d18 x12: ffff800081dc3cc0\n x11: 0000000000000001 x10: 0000000000000b10 x9 : ffff80007ab7304c\n x8 : ffff0000d00711f0 x7 : 0000000000000004 x6 : 0000000000000190\n x5 : ffff00027edb3010 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : ffff0000d39b8000 x1 : ffff0000d39b8000 x0 : 0400000000000000\n Call trace:\n mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n mlx5_lag_destroy_definers+0xa0/0x108 [mlx5_core]\n mlx5_lag_port_sel_create+0x2d4/0x6f8 [mlx5_core]\n mlx5_activate_lag+0x60c/0x6f8 [mlx5_core]\n mlx5_do_bond_work+0x284/0x5c8 [mlx5_core]\n process_one_work+0x170/0x3e0\n worker_thread+0x2d8/0x3e0\n kthread+0x11c/0x128\n ret_from_fork+0x10/0x20\n Code: a9025bf5 aa0003f6 a90363f7 f90023f9 (f9400400)\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21675",
"url": "https://www.suse.com/security/cve/CVE-2025-21675"
},
{
"category": "external",
"summary": "SUSE Bug 1236694 for CVE-2025-21675",
"url": "https://bugzilla.suse.com/1236694"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21675"
},
{
"cve": "CVE-2025-21678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Destroy device along with udp socket\u0027s netns dismantle.\n\ngtp_newlink() links the device to a list in dev_net(dev) instead of\nsrc_net, where a udp tunnel socket is created.\n\nEven when src_net is removed, the device stays alive on dev_net(dev).\nThen, removing src_net triggers the splat below. [0]\n\nIn this example, gtp0 is created in ns2, and the udp socket is created\nin ns1.\n\n ip netns add ns1\n ip netns add ns2\n ip -n ns1 link add netns ns2 name gtp0 type gtp role sgsn\n ip netns del ns1\n\nLet\u0027s link the device to the socket\u0027s netns instead.\n\nNow, gtp_net_exit_batch_rtnl() needs another netdev iteration to remove\nall gtp devices in the netns.\n\n[0]:\nref_tracker: net notrefcnt@000000003d6e7d05 has 1/2 users at\n sk_alloc (./include/net/net_namespace.h:345 net/core/sock.c:2236)\n inet_create (net/ipv4/af_inet.c:326 net/ipv4/af_inet.c:252)\n __sock_create (net/socket.c:1558)\n udp_sock_create4 (net/ipv4/udp_tunnel_core.c:18)\n gtp_create_sock (./include/net/udp_tunnel.h:59 drivers/net/gtp.c:1423)\n gtp_create_sockets (drivers/net/gtp.c:1447)\n gtp_newlink (drivers/net/gtp.c:1507)\n rtnl_newlink (net/core/rtnetlink.c:3786 net/core/rtnetlink.c:3897 net/core/rtnetlink.c:4012)\n rtnetlink_rcv_msg (net/core/rtnetlink.c:6922)\n netlink_rcv_skb (net/netlink/af_netlink.c:2542)\n netlink_unicast (net/netlink/af_netlink.c:1321 net/netlink/af_netlink.c:1347)\n netlink_sendmsg (net/netlink/af_netlink.c:1891)\n ____sys_sendmsg (net/socket.c:711 net/socket.c:726 net/socket.c:2583)\n ___sys_sendmsg (net/socket.c:2639)\n __sys_sendmsg (net/socket.c:2669)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n\nWARNING: CPU: 1 PID: 60 at lib/ref_tracker.c:179 ref_tracker_dir_exit (lib/ref_tracker.c:179)\nModules linked in:\nCPU: 1 UID: 0 PID: 60 Comm: kworker/u16:2 Not tainted 6.13.0-rc5-00147-g4c1224501e9d #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:ref_tracker_dir_exit (lib/ref_tracker.c:179)\nCode: 00 00 00 fc ff df 4d 8b 26 49 bd 00 01 00 00 00 00 ad de 4c 39 f5 0f 85 df 00 00 00 48 8b 74 24 08 48 89 df e8 a5 cc 12 02 90 \u003c0f\u003e 0b 90 48 8d 6b 44 be 04 00 00 00 48 89 ef e8 80 de 67 ff 48 89\nRSP: 0018:ff11000009a07b60 EFLAGS: 00010286\nRAX: 0000000000002bd3 RBX: ff1100000f4e1aa0 RCX: 1ffffffff0e40ac6\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8423ee3c\nRBP: ff1100000f4e1af0 R08: 0000000000000001 R09: fffffbfff0e395ae\nR10: 0000000000000001 R11: 0000000000036001 R12: ff1100000f4e1af0\nR13: dead000000000100 R14: ff1100000f4e1af0 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ff1100006ce80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9b2464bd98 CR3: 0000000005286005 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn (kernel/panic.c:748)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:285)\n ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:97 ./arch/x86/include/asm/irqflags.h:155 ./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:158)\n ? kfree (mm/slub.c:4613 mm/slub.c:4761)\n net_free (net/core/net_namespace.c:476 net/core/net_namespace.c:467)\n cleanup_net (net/core/net_namespace.c:664 (discriminator 3))\n process_one_work (kernel/workqueue.c:3229)\n worker_thread (kernel/workqueue.c:3304 kernel/workqueue.c:3391\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21678",
"url": "https://www.suse.com/security/cve/CVE-2025-21678"
},
{
"category": "external",
"summary": "SUSE Bug 1236698 for CVE-2025-21678",
"url": "https://bugzilla.suse.com/1236698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21678"
},
{
"cve": "CVE-2025-21680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npktgen: Avoid out-of-bounds access in get_imix_entries\n\nPassing a sufficient amount of imix entries leads to invalid access to the\npkt_dev-\u003eimix_entries array because of the incorrect boundary check.\n\nUBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24\nindex 20 is out of range for type \u0027imix_pkt [20]\u0027\nCPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl lib/dump_stack.c:117\n__ubsan_handle_out_of_bounds lib/ubsan.c:429\nget_imix_entries net/core/pktgen.c:874\npktgen_if_write net/core/pktgen.c:1063\npde_write fs/proc/inode.c:334\nproc_reg_write fs/proc/inode.c:346\nvfs_write fs/read_write.c:593\nksys_write fs/read_write.c:644\ndo_syscall_64 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[ fp: allow to fill the array completely; minor changelog cleanup ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21680",
"url": "https://www.suse.com/security/cve/CVE-2025-21680"
},
{
"category": "external",
"summary": "SUSE Bug 1236700 for CVE-2025-21680",
"url": "https://bugzilla.suse.com/1236700"
},
{
"category": "external",
"summary": "SUSE Bug 1236701 for CVE-2025-21680",
"url": "https://bugzilla.suse.com/1236701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21680"
},
{
"cve": "CVE-2025-21681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix lockup on tx to unregistering netdev with carrier\n\nCommit in a fixes tag attempted to fix the issue in the following\nsequence of calls:\n\n do_output\n -\u003e ovs_vport_send\n -\u003e dev_queue_xmit\n -\u003e __dev_queue_xmit\n -\u003e netdev_core_pick_tx\n -\u003e skb_tx_hash\n\nWhen device is unregistering, the \u0027dev-\u003ereal_num_tx_queues\u0027 goes to\nzero and the \u0027while (unlikely(hash \u003e= qcount))\u0027 loop inside the\n\u0027skb_tx_hash\u0027 becomes infinite, locking up the core forever.\n\nBut unfortunately, checking just the carrier status is not enough to\nfix the issue, because some devices may still be in unregistering\nstate while reporting carrier status OK.\n\nOne example of such device is a net/dummy. It sets carrier ON\non start, but it doesn\u0027t implement .ndo_stop to set the carrier off.\nAnd it makes sense, because dummy doesn\u0027t really have a carrier.\nTherefore, while this device is unregistering, it\u0027s still easy to hit\nthe infinite loop in the skb_tx_hash() from the OVS datapath. There\nmight be other drivers that do the same, but dummy by itself is\nimportant for the OVS ecosystem, because it is frequently used as a\npacket sink for tcpdump while debugging OVS deployments. And when the\nissue is hit, the only way to recover is to reboot.\n\nFix that by also checking if the device is running. The running\nstate is handled by the net core during unregistering, so it covers\nunregistering case better, and we don\u0027t really need to send packets\nto devices that are not running anyway.\n\nWhile only checking the running state might be enough, the carrier\ncheck is preserved. The running and the carrier states seem disjoined\nthroughout the code and different drivers. And other core functions\nlike __dev_direct_xmit() check both before attempting to transmit\na packet. So, it seems safer to check both flags in OVS as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21681",
"url": "https://www.suse.com/security/cve/CVE-2025-21681"
},
{
"category": "external",
"summary": "SUSE Bug 1236702 for CVE-2025-21681",
"url": "https://bugzilla.suse.com/1236702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21681"
},
{
"cve": "CVE-2025-21684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: xilinx: Convert gpio_lock to raw spinlock\n\nirq_chip functions may be called in raw spinlock context. Therefore, we\nmust also use a raw spinlock for our own internal locking.\n\nThis fixes the following lockdep splat:\n\n[ 5.349336] =============================\n[ 5.353349] [ BUG: Invalid wait context ]\n[ 5.357361] 6.13.0-rc5+ #69 Tainted: G W\n[ 5.363031] -----------------------------\n[ 5.367045] kworker/u17:1/44 is trying to lock:\n[ 5.371587] ffffff88018b02c0 (\u0026chip-\u003egpio_lock){....}-{3:3}, at: xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.380079] other info that might help us debug this:\n[ 5.385138] context-{5:5}\n[ 5.387762] 5 locks held by kworker/u17:1/44:\n[ 5.392123] #0: ffffff8800014958 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3204)\n[ 5.402260] #1: ffffffc082fcbdd8 (deferred_probe_work){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3205)\n[ 5.411528] #2: ffffff880172c900 (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach (drivers/base/dd.c:1006)\n[ 5.419929] #3: ffffff88039c8268 (request_class#2){+.+.}-{4:4}, at: __setup_irq (kernel/irq/internals.h:156 kernel/irq/manage.c:1596)\n[ 5.428331] #4: ffffff88039c80c8 (lock_class#2){....}-{2:2}, at: __setup_irq (kernel/irq/manage.c:1614)\n[ 5.436472] stack backtrace:\n[ 5.439359] CPU: 2 UID: 0 PID: 44 Comm: kworker/u17:1 Tainted: G W 6.13.0-rc5+ #69\n[ 5.448690] Tainted: [W]=WARN\n[ 5.451656] Hardware name: xlnx,zynqmp (DT)\n[ 5.455845] Workqueue: events_unbound deferred_probe_work_func\n[ 5.461699] Call trace:\n[ 5.464147] show_stack+0x18/0x24 C\n[ 5.467821] dump_stack_lvl (lib/dump_stack.c:123)\n[ 5.471501] dump_stack (lib/dump_stack.c:130)\n[ 5.474824] __lock_acquire (kernel/locking/lockdep.c:4828 kernel/locking/lockdep.c:4898 kernel/locking/lockdep.c:5176)\n[ 5.478758] lock_acquire (arch/arm64/include/asm/percpu.h:40 kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851 kernel/locking/lockdep.c:5814)\n[ 5.482429] _raw_spin_lock_irqsave (include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 5.486797] xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.490737] irq_enable (kernel/irq/internals.h:236 kernel/irq/chip.c:170 kernel/irq/chip.c:439 kernel/irq/chip.c:432 kernel/irq/chip.c:345)\n[ 5.494060] __irq_startup (kernel/irq/internals.h:241 kernel/irq/chip.c:180 kernel/irq/chip.c:250)\n[ 5.497645] irq_startup (kernel/irq/chip.c:270)\n[ 5.501143] __setup_irq (kernel/irq/manage.c:1807)\n[ 5.504728] request_threaded_irq (kernel/irq/manage.c:2208)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21684",
"url": "https://www.suse.com/security/cve/CVE-2025-21684"
},
{
"category": "external",
"summary": "SUSE Bug 1236952 for CVE-2025-21684",
"url": "https://bugzilla.suse.com/1236952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21684"
},
{
"cve": "CVE-2025-21687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/platform: check the bounds of read/write syscalls\n\ncount and offset are passed from user space and not checked, only\noffset is capped to 40 bits, which can be used to read/write out of\nbounds of the device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21687",
"url": "https://www.suse.com/security/cve/CVE-2025-21687"
},
{
"category": "external",
"summary": "SUSE Bug 1237045 for CVE-2025-21687",
"url": "https://bugzilla.suse.com/1237045"
},
{
"category": "external",
"summary": "SUSE Bug 1237046 for CVE-2025-21687",
"url": "https://bugzilla.suse.com/1237046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21687"
},
{
"cve": "CVE-2025-21688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Assign job pointer to NULL before signaling the fence\n\nIn commit e4b5ccd392b9 (\"drm/v3d: Ensure job pointer is set to NULL\nafter job completion\"), we introduced a change to assign the job pointer\nto NULL after completing a job, indicating job completion.\n\nHowever, this approach created a race condition between the DRM\nscheduler workqueue and the IRQ execution thread. As soon as the fence is\nsignaled in the IRQ execution thread, a new job starts to be executed.\nThis results in a race condition where the IRQ execution thread sets the\njob pointer to NULL simultaneously as the `run_job()` function assigns\na new job to the pointer.\n\nThis race condition can lead to a NULL pointer dereference if the IRQ\nexecution thread sets the job pointer to NULL after `run_job()` assigns\nit to the new job. When the new job completes and the GPU emits an\ninterrupt, `v3d_irq()` is triggered, potentially causing a crash.\n\n[ 466.310099] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000c0\n[ 466.318928] Mem abort info:\n[ 466.321723] ESR = 0x0000000096000005\n[ 466.325479] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 466.330807] SET = 0, FnV = 0\n[ 466.333864] EA = 0, S1PTW = 0\n[ 466.337010] FSC = 0x05: level 1 translation fault\n[ 466.341900] Data abort info:\n[ 466.344783] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n[ 466.350285] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 466.355350] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 466.360677] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000089772000\n[ 466.367140] [00000000000000c0] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 466.375875] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n[ 466.382163] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device algif_hash algif_skcipher af_alg bnep binfmt_misc vc4 snd_soc_hdmi_codec drm_display_helper cec brcmfmac_wcc spidev rpivid_hevc(C) drm_client_lib brcmfmac hci_uart drm_dma_helper pisp_be btbcm brcmutil snd_soc_core aes_ce_blk v4l2_mem2mem bluetooth aes_ce_cipher snd_compress videobuf2_dma_contig ghash_ce cfg80211 gf128mul snd_pcm_dmaengine videobuf2_memops ecdh_generic sha2_ce ecc videobuf2_v4l2 snd_pcm v3d sha256_arm64 rfkill videodev snd_timer sha1_ce libaes gpu_sched snd videobuf2_common sha1_generic drm_shmem_helper mc rp1_pio drm_kms_helper raspberrypi_hwmon spi_bcm2835 gpio_keys i2c_brcmstb rp1 raspberrypi_gpiomem rp1_mailbox rp1_adc nvmem_rmem uio_pdrv_genirq uio i2c_dev drm ledtrig_pattern drm_panel_orientation_quirks backlight fuse dm_mod ip_tables x_tables ipv6\n[ 466.458429] CPU: 0 UID: 1000 PID: 2008 Comm: chromium Tainted: G C 6.13.0-v8+ #18\n[ 466.467336] Tainted: [C]=CRAP\n[ 466.470306] Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT)\n[ 466.476157] pstate: 404000c9 (nZcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 466.483143] pc : v3d_irq+0x118/0x2e0 [v3d]\n[ 466.487258] lr : __handle_irq_event_percpu+0x60/0x228\n[ 466.492327] sp : ffffffc080003ea0\n[ 466.495646] x29: ffffffc080003ea0 x28: ffffff80c0c94200 x27: 0000000000000000\n[ 466.502807] x26: ffffffd08dd81d7b x25: ffffff80c0c94200 x24: ffffff8003bdc200\n[ 466.509969] x23: 0000000000000001 x22: 00000000000000a7 x21: 0000000000000000\n[ 466.517130] x20: ffffff8041bb0000 x19: 0000000000000001 x18: 0000000000000000\n[ 466.524291] x17: ffffffafadfb0000 x16: ffffffc080000000 x15: 0000000000000000\n[ 466.531452] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n[ 466.538613] x11: 0000000000000000 x10: 0000000000000000 x9 : ffffffd08c527eb0\n[ 466.545777] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n[ 466.552941] x5 : ffffffd08c4100d0 x4 : ffffffafadfb0000 x3 : ffffffc080003f70\n[ 466.560102] x2 : ffffffc0829e8058 x1 : 0000000000000001 x0 : 0000000000000000\n[ 466.567263] Call trace:\n[ 466.569711] v3d_irq+0x118/0x2e0 [v3d] (P)\n[ 466.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21688",
"url": "https://www.suse.com/security/cve/CVE-2025-21688"
},
{
"category": "external",
"summary": "SUSE Bug 1237007 for CVE-2025-21688",
"url": "https://bugzilla.suse.com/1237007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21688"
},
{
"cve": "CVE-2025-21689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()\n\nThis patch addresses a null-ptr-deref in qt2_process_read_urb() due to\nan incorrect bounds check in the following:\n\n if (newport \u003e serial-\u003enum_ports) {\n dev_err(\u0026port-\u003edev,\n \"%s - port change to invalid port: %i\\n\",\n __func__, newport);\n break;\n }\n\nThe condition doesn\u0027t account for the valid range of the serial-\u003eport\nbuffer, which is from 0 to serial-\u003enum_ports - 1. When newport is equal\nto serial-\u003enum_ports, the assignment of \"port\" in the\nfollowing code is out-of-bounds and NULL:\n\n serial_priv-\u003ecurrent_port = newport;\n port = serial-\u003eport[serial_priv-\u003ecurrent_port];\n\nThe fix checks if newport is greater than or equal to serial-\u003enum_ports\nindicating it is out-of-bounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21689",
"url": "https://www.suse.com/security/cve/CVE-2025-21689"
},
{
"category": "external",
"summary": "SUSE Bug 1237017 for CVE-2025-21689",
"url": "https://bugzilla.suse.com/1237017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21689"
},
{
"cve": "CVE-2025-21690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Ratelimit warning logs to prevent VM denial of service\n\nIf there\u0027s a persistent error in the hypervisor, the SCSI warning for\nfailed I/O can flood the kernel log and max out CPU utilization,\npreventing troubleshooting from the VM side. Ratelimit the warning so\nit doesn\u0027t DoS the VM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21690",
"url": "https://www.suse.com/security/cve/CVE-2025-21690"
},
{
"category": "external",
"summary": "SUSE Bug 1237025 for CVE-2025-21690",
"url": "https://bugzilla.suse.com/1237025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21690"
},
{
"cve": "CVE-2025-21692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ets qdisc OOB Indexing\n\nHaowei Yan \u003cg1042620637@gmail.com\u003e found that ets_class_from_arg() can\nindex an Out-Of-Bound class in ets_class_from_arg() when passed clid of\n0. The overflow may cause local privilege escalation.\n\n [ 18.852298] ------------[ cut here ]------------\n [ 18.853271] UBSAN: array-index-out-of-bounds in net/sched/sch_ets.c:93:20\n [ 18.853743] index 18446744073709551615 is out of range for type \u0027ets_class [16]\u0027\n [ 18.854254] CPU: 0 UID: 0 PID: 1275 Comm: poc Not tainted 6.12.6-dirty #17\n [ 18.854821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [ 18.856532] Call Trace:\n [ 18.857441] \u003cTASK\u003e\n [ 18.858227] dump_stack_lvl+0xc2/0xf0\n [ 18.859607] dump_stack+0x10/0x20\n [ 18.860908] __ubsan_handle_out_of_bounds+0xa7/0xf0\n [ 18.864022] ets_class_change+0x3d6/0x3f0\n [ 18.864322] tc_ctl_tclass+0x251/0x910\n [ 18.864587] ? lock_acquire+0x5e/0x140\n [ 18.865113] ? __mutex_lock+0x9c/0xe70\n [ 18.866009] ? __mutex_lock+0xa34/0xe70\n [ 18.866401] rtnetlink_rcv_msg+0x170/0x6f0\n [ 18.866806] ? __lock_acquire+0x578/0xc10\n [ 18.867184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n [ 18.867503] netlink_rcv_skb+0x59/0x110\n [ 18.867776] rtnetlink_rcv+0x15/0x30\n [ 18.868159] netlink_unicast+0x1c3/0x2b0\n [ 18.868440] netlink_sendmsg+0x239/0x4b0\n [ 18.868721] ____sys_sendmsg+0x3e2/0x410\n [ 18.869012] ___sys_sendmsg+0x88/0xe0\n [ 18.869276] ? rseq_ip_fixup+0x198/0x260\n [ 18.869563] ? rseq_update_cpu_node_id+0x10a/0x190\n [ 18.869900] ? trace_hardirqs_off+0x5a/0xd0\n [ 18.870196] ? syscall_exit_to_user_mode+0xcc/0x220\n [ 18.870547] ? do_syscall_64+0x93/0x150\n [ 18.870821] ? __memcg_slab_free_hook+0x69/0x290\n [ 18.871157] __sys_sendmsg+0x69/0xd0\n [ 18.871416] __x64_sys_sendmsg+0x1d/0x30\n [ 18.871699] x64_sys_call+0x9e2/0x2670\n [ 18.871979] do_syscall_64+0x87/0x150\n [ 18.873280] ? do_syscall_64+0x93/0x150\n [ 18.874742] ? lock_release+0x7b/0x160\n [ 18.876157] ? do_user_addr_fault+0x5ce/0x8f0\n [ 18.877833] ? irqentry_exit_to_user_mode+0xc2/0x210\n [ 18.879608] ? irqentry_exit+0x77/0xb0\n [ 18.879808] ? clear_bhb_loop+0x15/0x70\n [ 18.880023] ? clear_bhb_loop+0x15/0x70\n [ 18.880223] ? clear_bhb_loop+0x15/0x70\n [ 18.880426] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [ 18.880683] RIP: 0033:0x44a957\n [ 18.880851] Code: ff ff e8 fc 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 8974 24 10\n [ 18.881766] RSP: 002b:00007ffcdd00fad8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n [ 18.882149] RAX: ffffffffffffffda RBX: 00007ffcdd010db8 RCX: 000000000044a957\n [ 18.882507] RDX: 0000000000000000 RSI: 00007ffcdd00fb70 RDI: 0000000000000003\n [ 18.885037] RBP: 00007ffcdd010bc0 R08: 000000000703c770 R09: 000000000703c7c0\n [ 18.887203] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001\n [ 18.888026] R13: 00007ffcdd010da8 R14: 00000000004ca7d0 R15: 0000000000000001\n [ 18.888395] \u003c/TASK\u003e\n [ 18.888610] ---[ end trace ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21692",
"url": "https://www.suse.com/security/cve/CVE-2025-21692"
},
{
"category": "external",
"summary": "SUSE Bug 1237028 for CVE-2025-21692",
"url": "https://bugzilla.suse.com/1237028"
},
{
"category": "external",
"summary": "SUSE Bug 1237048 for CVE-2025-21692",
"url": "https://bugzilla.suse.com/1237048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21692"
},
{
"cve": "CVE-2025-21693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that\u0027s discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21693",
"url": "https://www.suse.com/security/cve/CVE-2025-21693"
},
{
"category": "external",
"summary": "SUSE Bug 1237029 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "external",
"summary": "SUSE Bug 1237047 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Ensure job pointer is set to NULL after job completion\n\nAfter a job completes, the corresponding pointer in the device must\nbe set to NULL. Failing to do so triggers a warning when unloading\nthe driver, as it appears the job is still active. To prevent this,\nassign the job pointer to NULL after completing the job, indicating\nthe job has finished.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21697",
"url": "https://www.suse.com/security/cve/CVE-2025-21697"
},
{
"category": "external",
"summary": "SUSE Bug 1237132 for CVE-2025-21697",
"url": "https://bugzilla.suse.com/1237132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "low"
}
],
"title": "CVE-2025-21697"
},
{
"cve": "CVE-2025-21699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Truncate address space when flipping GFS2_DIF_JDATA flag\n\nTruncate an inode\u0027s address space when flipping the GFS2_DIF_JDATA flag:\ndepending on that flag, the pages in the address space will either use\nbuffer heads or iomap_folio_state structs, and we cannot mix the two.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21699",
"url": "https://www.suse.com/security/cve/CVE-2025-21699"
},
{
"category": "external",
"summary": "SUSE Bug 1237139 for CVE-2025-21699",
"url": "https://bugzilla.suse.com/1237139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21699"
},
{
"cve": "CVE-2025-21700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug \u003c=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann \u003cnnamrec@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21700",
"url": "https://www.suse.com/security/cve/CVE-2025-21700"
},
{
"category": "external",
"summary": "SUSE Bug 1237159 for CVE-2025-21700",
"url": "https://bugzilla.suse.com/1237159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdc-acm: Check control transfer buffer size before access\n\nIf the first fragment is shorter than struct usb_cdc_notification, we can\u0027t\ncalculate an expected_size. Log an error and discard the notification\ninstead of reading lengths from memory outside the received data, which can\nlead to memory corruption when the expected_size decreases between\nfragments, causing `expected_size - acm-\u003enb_index` to wrap.\n\nThis issue has been present since the beginning of git history; however,\nit only leads to memory corruption since commit ea2583529cd1\n(\"cdc-acm: reassemble fragmented notifications\").\n\nA mitigating factor is that acm_ctrl_irq() can only execute after userspace\nhas opened /dev/ttyACM*; but if ModemManager is running, ModemManager will\ndo that automatically depending on the USB device\u0027s vendor/product IDs and\nits other interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21704",
"url": "https://www.suse.com/security/cve/CVE-2025-21704"
},
{
"category": "external",
"summary": "SUSE Bug 1237571 for CVE-2025-21704",
"url": "https://bugzilla.suse.com/1237571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle fastopen disconnect correctly\n\nSyzbot was able to trigger a data stream corruption:\n\n WARNING: CPU: 0 PID: 9846 at net/mptcp/protocol.c:1024 __mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Modules linked in:\n CPU: 0 UID: 0 PID: 9846 Comm: syz-executor351 Not tainted 6.13.0-rc2-syzkaller-00059-g00a5acdbf398 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\n RIP: 0010:__mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Code: fa ff ff 48 8b 4c 24 18 80 e1 07 fe c1 38 c1 0f 8c 8e fa ff ff 48 8b 7c 24 18 e8 e0 db 54 f6 e9 7f fa ff ff e8 e6 80 ee f5 90 \u003c0f\u003e 0b 90 4c 8b 6c 24 40 4d 89 f4 e9 04 f5 ff ff 44 89 f1 80 e1 07\n RSP: 0018:ffffc9000c0cf400 EFLAGS: 00010293\n RAX: ffffffff8bb0dd5a RBX: ffff888033f5d230 RCX: ffff888059ce8000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000c0cf518 R08: ffffffff8bb0d1dd R09: 1ffff110170c8928\n R10: dffffc0000000000 R11: ffffed10170c8929 R12: 0000000000000000\n R13: ffff888033f5d220 R14: dffffc0000000000 R15: ffff8880592b8000\n FS: 00007f6e866496c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f6e86f491a0 CR3: 00000000310e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup+0x7f/0x2d0 net/mptcp/protocol.c:1074\n mptcp_release_cb+0x7cb/0xb30 net/mptcp/protocol.c:3493\n release_sock+0x1aa/0x1f0 net/core/sock.c:3640\n inet_wait_for_connect net/ipv4/af_inet.c:609 [inline]\n __inet_stream_connect+0x8bd/0xf30 net/ipv4/af_inet.c:703\n mptcp_sendmsg_fastopen+0x2a2/0x530 net/mptcp/protocol.c:1755\n mptcp_sendmsg+0x1884/0x1b10 net/mptcp/protocol.c:1830\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f6e86ebfe69\n Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f6e86649168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f6e86f491b8 RCX: 00007f6e86ebfe69\n RDX: 0000000030004001 RSI: 0000000020000080 RDI: 0000000000000003\n RBP: 00007f6e86f491b0 R08: 00007f6e866496c0 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6e86f491bc\n R13: 000000000000006e R14: 00007ffe445d9420 R15: 00007ffe445d9508\n \u003c/TASK\u003e\n\nThe root cause is the bad handling of disconnect() generated internally\nby the MPTCP protocol in case of connect FASTOPEN errors.\n\nAddress the issue increasing the socket disconnect counter even on such\na case, to allow other threads waiting on the same socket lock to\nproperly error out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21705",
"url": "https://www.suse.com/security/cve/CVE-2025-21705"
},
{
"category": "external",
"summary": "SUSE Bug 1238525 for CVE-2025-21705",
"url": "https://bugzilla.suse.com/1238525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21705"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: enable basic endpoint checking\n\nSyzkaller reports [1] encountering a common issue of utilizing a wrong\nusb endpoint type during URB submitting stage. This, in turn, triggers\na warning shown below.\n\nFor now, enable simple endpoint checking (specifically, bulk and\ninterrupt eps, testing control one is not essential) to mitigate\nthe issue with a view to do other related cosmetic changes later,\nif they are necessary.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 1 PID: 2586 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 driv\u003e\nModules linked in:\nCPU: 1 UID: 0 PID: 2586 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00069-gfc88bb11617\u003e\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nCode: 84 3c 02 00 00 e8 05 e4 fc fc 4c 89 ef e8 fd 25 d7 fe 45 89 e0 89 e9 4c 89 f2 48 8\u003e\nRSP: 0018:ffffc9000441f740 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888112487a00 RCX: ffffffff811a99a9\nRDX: ffff88810df6ba80 RSI: ffffffff811a99b6 RDI: 0000000000000001\nRBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff8881023bf0a8 R14: ffff888112452a20 R15: ffff888112487a7c\nFS: 00007fc04eea5740(0000) GS:ffff8881f6300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0a1de9f870 CR3: 000000010dbd0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rtl8150_open+0x300/0xe30 drivers/net/usb/rtl8150.c:733\n __dev_open+0x2d4/0x4e0 net/core/dev.c:1474\n __dev_change_flags+0x561/0x720 net/core/dev.c:8838\n dev_change_flags+0x8f/0x160 net/core/dev.c:8910\n devinet_ioctl+0x127a/0x1f10 net/ipv4/devinet.c:1177\n inet_ioctl+0x3aa/0x3f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x116/0x280 net/socket.c:1222\n sock_ioctl+0x22e/0x6c0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fc04ef73d49\n...\n\nThis change has not been tested on real hardware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21708",
"url": "https://www.suse.com/security/cve/CVE-2025-21708"
},
{
"category": "external",
"summary": "SUSE Bug 1239087 for CVE-2025-21708",
"url": "https://bugzilla.suse.com/1239087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rose: prevent integer overflows in rose_setsockopt()\n\nIn case of possible unpredictably large arguments passed to\nrose_setsockopt() and multiplied by extra values on top of that,\ninteger overflows may occur.\n\nDo the safest minimum and fix these issues by checking the\ncontents of \u0027opt\u0027 and returning -EINVAL if they are too large. Also,\nswitch to unsigned int and remove useless check for negative \u0027opt\u0027\nin ROSE_IDLE case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21711",
"url": "https://www.suse.com/security/cve/CVE-2025-21711"
},
{
"category": "external",
"summary": "SUSE Bug 1239114 for CVE-2025-21711",
"url": "https://bugzilla.suse.com/1239114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP use after free\n\nPrevent double queueing of implicit ODP mr destroy work by using\n__xa_cmpxchg() to make sure this is the only time we are destroying this\nspecific mr.\n\nWithout this change, we could try to invalidate this mr twice, which in\nturn could result in queuing a MR work destroy twice, and eventually the\nsecond work could execute after the MR was freed due to the first work,\ncausing a user after free and trace below.\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 2 PID: 12178 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x130\n Modules linked in: bonding ib_ipoib vfio_pci ip_gre geneve nf_tables ip6_gre gre ip6_tunnel tunnel6 ipip tunnel4 ib_umad rdma_ucm mlx5_vfio_pci vfio_pci_core vfio_iommu_type1 mlx5_ib vfio ib_uverbs mlx5_core iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\n CPU: 2 PID: 12178 Comm: kworker/u20:5 Not tainted 6.5.0-rc1_net_next_mlx5_58c644e #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events_unbound free_implicit_child_mr_work [mlx5_ib]\n RIP: 0010:refcount_warn_saturate+0x12b/0x130\n Code: 48 c7 c7 38 95 2a 82 c6 05 bc c6 fe 00 01 e8 0c 66 aa ff 0f 0b 5b c3 48 c7 c7 e0 94 2a 82 c6 05 a7 c6 fe 00 01 e8 f5 65 aa ff \u003c0f\u003e 0b 5b c3 90 8b 07 3d 00 00 00 c0 74 12 83 f8 01 74 13 8d 50 ff\n RSP: 0018:ffff8881008e3e40 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000027\n RDX: ffff88852c91b5c8 RSI: 0000000000000001 RDI: ffff88852c91b5c0\n RBP: ffff8881dacd4e00 R08: 00000000ffffffff R09: 0000000000000019\n R10: 000000000000072e R11: 0000000063666572 R12: ffff88812bfd9e00\n R13: ffff8881c792d200 R14: ffff88810011c005 R15: ffff8881002099c0\n FS: 0000000000000000(0000) GS:ffff88852c900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5694b5e000 CR3: 00000001153f6003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0x12b/0x130\n free_implicit_child_mr_work+0x180/0x1b0 [mlx5_ib]\n process_one_work+0x1cc/0x3c0\n worker_thread+0x218/0x3c0\n kthread+0xc6/0xf0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21714",
"url": "https://www.suse.com/security/cve/CVE-2025-21714"
},
{
"category": "external",
"summary": "SUSE Bug 1237890 for CVE-2025-21714",
"url": "https://bugzilla.suse.com/1237890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: davicom: fix UAF in dm9000_drv_remove\n\ndm is netdev private data and it cannot be\nused after free_netdev() call. Using dm after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.\n\nThis is similar to the issue fixed in commit\nad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\").\n\nThis bug is detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21715",
"url": "https://www.suse.com/security/cve/CVE-2025-21715"
},
{
"category": "external",
"summary": "SUSE Bug 1237889 for CVE-2025-21715",
"url": "https://bugzilla.suse.com/1237889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21715"
},
{
"cve": "CVE-2025-21716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21716"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: Fix uninit-value in vxlan_vnifilter_dump()\n\nKMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1].\n\nIf the length of the netlink message payload is less than\nsizeof(struct tunnel_msg), vxlan_vnifilter_dump() accesses bytes\nbeyond the message. This can lead to uninit-value access. Fix this by\nreturning an error in such situations.\n\n[1]\nBUG: KMSAN: uninit-value in vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6786\n netlink_dump+0x93e/0x15f0 net/netlink/af_netlink.c:2317\n __netlink_dump_start+0x716/0xd60 net/netlink/af_netlink.c:2432\n netlink_dump_start include/linux/netlink.h:340 [inline]\n rtnetlink_dump_start net/core/rtnetlink.c:6815 [inline]\n rtnetlink_rcv_msg+0x1256/0x14a0 net/core/rtnetlink.c:6882\n netlink_rcv_skb+0x467/0x660 net/netlink/af_netlink.c:2542\n rtnetlink_rcv+0x35/0x40 net/core/rtnetlink.c:6944\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0xed6/0x1290 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x1092/0x1230 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4110 [inline]\n slab_alloc_node mm/slub.c:4153 [inline]\n kmem_cache_alloc_node_noprof+0x800/0xe80 mm/slub.c:4205\n kmalloc_reserve+0x13b/0x4b0 net/core/skbuff.c:587\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1323 [inline]\n netlink_alloc_large_skb+0xa5/0x280 net/netlink/af_netlink.c:1196\n netlink_sendmsg+0xac9/0x1230 net/netlink/af_netlink.c:1866\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 30991 Comm: syz.4.10630 Not tainted 6.12.0-10694-gc44daa7e3c73 #29\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21716",
"url": "https://www.suse.com/security/cve/CVE-2025-21716"
},
{
"category": "external",
"summary": "SUSE Bug 1237891 for CVE-2025-21716",
"url": "https://bugzilla.suse.com/1237891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21716"
},
{
"cve": "CVE-2025-21718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21718",
"url": "https://www.suse.com/security/cve/CVE-2025-21718"
},
{
"category": "external",
"summary": "SUSE Bug 1239073 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "external",
"summary": "SUSE Bug 1239074 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239074"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmr: do not call mr_mfc_uses_dev() for unres entries\n\nsyzbot found that calling mr_mfc_uses_dev() for unres entries\nwould crash [1], because c-\u003emfc_un.res.minvif / c-\u003emfc_un.res.maxvif\nalias to \"struct sk_buff_head unresolved\", which contain two pointers.\n\nThis code never worked, lets remove it.\n\n[1]\nUnable to handle kernel paging request at virtual address ffff5fff2d536613\nKASAN: maybe wild-memory-access in range [0xfffefff96a9b3098-0xfffefff96a9b309f]\nModules linked in:\nCPU: 1 UID: 0 PID: 7321 Comm: syz.0.16 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline]\n pc : mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334\n lr : mr_mfc_uses_dev net/ipv4/ipmr_base.c:289 [inline]\n lr : mr_table_dump+0x694/0x8b0 net/ipv4/ipmr_base.c:334\nCall trace:\n mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] (P)\n mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 (P)\n mr_rtm_dumproute+0x254/0x454 net/ipv4/ipmr_base.c:382\n ipmr_rtm_dumproute+0x248/0x4b4 net/ipv4/ipmr.c:2648\n rtnl_dump_all+0x2e4/0x4e8 net/core/rtnetlink.c:4327\n rtnl_dumpit+0x98/0x1d0 net/core/rtnetlink.c:6791\n netlink_dump+0x4f0/0xbc0 net/netlink/af_netlink.c:2317\n netlink_recvmsg+0x56c/0xe64 net/netlink/af_netlink.c:1973\n sock_recvmsg_nosec net/socket.c:1033 [inline]\n sock_recvmsg net/socket.c:1055 [inline]\n sock_read_iter+0x2d8/0x40c net/socket.c:1125\n new_sync_read fs/read_write.c:484 [inline]\n vfs_read+0x740/0x970 fs/read_write.c:565\n ksys_read+0x15c/0x26c fs/read_write.c:708",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21719",
"url": "https://www.suse.com/security/cve/CVE-2025-21719"
},
{
"category": "external",
"summary": "SUSE Bug 1238860 for CVE-2025-21719",
"url": "https://bugzilla.suse.com/1238860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix possible crash when setting up bsg fails\n\nIf bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.\nConsequently, in mpi3mr_bsg_exit(), the condition \"if(!mrioc-\u003ebsg_queue)\"\nwill not be satisfied, preventing execution from entering\nbsg_remove_queue(), which could lead to the following crash:\n\nBUG: kernel NULL pointer dereference, address: 000000000000041c\nCall Trace:\n \u003cTASK\u003e\n mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr]\n mpi3mr_remove+0x6f/0x340 [mpi3mr]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x19d/0x220\n unbind_store+0xa4/0xb0\n kernfs_fop_write_iter+0x11f/0x200\n vfs_write+0x1fc/0x3e0\n ksys_write+0x67/0xe0\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0xe2",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21723",
"url": "https://www.suse.com/security/cve/CVE-2025-21723"
},
{
"category": "external",
"summary": "SUSE Bug 1238864 for CVE-2025-21723",
"url": "https://bugzilla.suse.com/1238864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()\n\nResolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index()\nwhere shifting the constant \"1\" (of type int) by bitmap-\u003emapped.pgshift\n(an unsigned long value) could result in undefined behavior.\n\nThe constant \"1\" defaults to a 32-bit \"int\", and when \"pgshift\" exceeds\n31 (e.g., pgshift = 63) the shift operation overflows, as the result\ncannot be represented in a 32-bit type.\n\nTo resolve this, the constant is updated to \"1UL\", promoting it to an\nunsigned long type to match the operand\u0027s type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21724",
"url": "https://www.suse.com/security/cve/CVE-2025-21724"
},
{
"category": "external",
"summary": "SUSE Bug 1238863 for CVE-2025-21724",
"url": "https://bugzilla.suse.com/1238863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix oops due to unset link speed\n\nIt isn\u0027t guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will always\nbe set by the server, so the client must handle any values and then\nprevent oopses like below from happening:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 1323 Comm: cat Not tainted 6.13.0-rc7 #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nRIP: 0010:cifs_debug_data_proc_show+0xa45/0x1460 [cifs] Code: 00 00 48\n89 df e8 3b cd 1b c1 41 f6 44 24 2c 04 0f 84 50 01 00 00 48 89 ef e8\ne7 d0 1b c1 49 8b 44 24 18 31 d2 49 8d 7c 24 28 \u003c48\u003e f7 74 24 18 48 89\nc3 e8 6e cf 1b c1 41 8b 6c 24 28 49 8d 7c 24\nRSP: 0018:ffffc90001817be0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88811230022c RCX: ffffffffc041bd99\nRDX: 0000000000000000 RSI: 0000000000000567 RDI: ffff888112300228\nRBP: ffff888112300218 R08: fffff52000302f5f R09: ffffed1022fa58ac\nR10: ffff888117d2c566 R11: 00000000fffffffe R12: ffff888112300200\nR13: 000000012a15343f R14: 0000000000000001 R15: ffff888113f2db58\nFS: 00007fe27119e740(0000) GS:ffff888148600000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe2633c5000 CR3: 0000000124da0000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x27\n ? die+0x2e/0x50\n ? do_trap+0x159/0x1b0\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? do_error_trap+0x90/0x130\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? exc_divide_error+0x39/0x50\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? asm_exc_divide_error+0x1a/0x20\n ? cifs_debug_data_proc_show+0xa39/0x1460 [cifs]\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? seq_read_iter+0x42e/0x790\n seq_read_iter+0x19a/0x790\n proc_reg_read_iter+0xbe/0x110\n ? __pfx_proc_reg_read_iter+0x10/0x10\n vfs_read+0x469/0x570\n ? do_user_addr_fault+0x398/0x760\n ? __pfx_vfs_read+0x10/0x10\n ? find_held_lock+0x8a/0xa0\n ? __pfx_lock_release+0x10/0x10\n ksys_read+0xd3/0x170\n ? __pfx_ksys_read+0x10/0x10\n ? __rcu_read_unlock+0x50/0x270\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe271288911\nCode: 00 48 8b 15 01 25 10 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd e8\n20 ad 01 00 f3 0f 1e fa 80 3d b5 a7 10 00 00 74 13 31 c0 0f 05 \u003c48\u003e 3d\n00 f0 ff ff 77 4f c3 66 0f 1f 44 00 00 55 48 89 e5 48 83 ec\nRSP: 002b:00007ffe87c079d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\nRAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007fe271288911\nRDX: 0000000000040000 RSI: 00007fe2633c6000 RDI: 0000000000000003\nRBP: 00007ffe87c07a00 R08: 0000000000000000 R09: 00007fe2713e6380\nR10: 0000000000000022 R11: 0000000000000246 R12: 0000000000040000\nR13: 00007fe2633c6000 R14: 0000000000000003 R15: 0000000000000000\n \u003c/TASK\u003e\n\nFix this by setting cifs_server_iface::speed to a sane value (1Gbps)\nby default when link speed is unset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21725",
"url": "https://www.suse.com/security/cve/CVE-2025-21725"
},
{
"category": "external",
"summary": "SUSE Bug 1238877 for CVE-2025-21725",
"url": "https://bugzilla.suse.com/1238877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21725"
},
{
"cve": "CVE-2025-21726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: avoid UAF for reorder_work\n\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\n\ncrypto_request\t\t\tcrypto_request\t\tcrypto_del_alg\npadata_do_serial\n ...\n padata_reorder\n // processes all remaining\n // requests then breaks\n while (1) {\n if (!padata)\n break;\n ...\n }\n\n\t\t\t\tpadata_do_serial\n\t\t\t\t // new request added\n\t\t\t\t list_add\n // sees the new request\n queue_work(reorder_work)\n\t\t\t\t padata_reorder\n\t\t\t\t queue_work_on(squeue-\u003ework)\n...\n\n\t\t\t\t\u003ckworker context\u003e\n\t\t\t\tpadata_serial_worker\n\t\t\t\t// completes new request,\n\t\t\t\t// no more outstanding\n\t\t\t\t// requests\n\n\t\t\t\t\t\t\tcrypto_del_alg\n\t\t\t\t\t\t\t // free pd\n\n\u003ckworker context\u003e\ninvoke_padata_reorder\n // UAF of pd\n\nTo avoid UAF for \u0027reorder_work\u0027, get \u0027pd\u0027 ref before put \u0027reorder_work\u0027\ninto the \u0027serial_wq\u0027 and put \u0027pd\u0027 ref until the \u0027serial_wq\u0027 finish.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21726",
"url": "https://www.suse.com/security/cve/CVE-2025-21726"
},
{
"category": "external",
"summary": "SUSE Bug 1238865 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "external",
"summary": "SUSE Bug 1240837 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1240837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf \u0027mdelay(10)\u0027 is added before calling \u0027padata_find_next\u0027 in the\n\u0027padata_reorder\u0027 function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(\u0026pd-\u003erefcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps-\u003epd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in \u0027while\u0027, if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n\u0027padata_find_next\u0027, which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in \u0027padata_free_shell\u0027 wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21727",
"url": "https://www.suse.com/security/cve/CVE-2025-21727"
},
{
"category": "external",
"summary": "SUSE Bug 1237876 for CVE-2025-21727",
"url": "https://bugzilla.suse.com/1237876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Send signals asynchronously if !preemptible\n\nBPF programs can execute in all kinds of contexts and when a program\nrunning in a non-preemptible context uses the bpf_send_signal() kfunc,\nit will cause issues because this kfunc can sleep.\nChange `irqs_disabled()` to `!preemptible()`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21728",
"url": "https://www.suse.com/security/cve/CVE-2025-21728"
},
{
"category": "external",
"summary": "SUSE Bug 1237879 for CVE-2025-21728",
"url": "https://bugzilla.suse.com/1237879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd-\u003erecv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -\u003e succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -\u003e succeed\n nbd_reconnect_socket\n queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -\u003e nbd_config is freed\n atomic_dec(\u0026config-\u003erecv_threads)\n -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21731",
"url": "https://www.suse.com/security/cve/CVE-2025-21731"
},
{
"category": "external",
"summary": "SUSE Bug 1237881 for CVE-2025-21731",
"url": "https://bugzilla.suse.com/1237881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error\n\nThis patch addresses a race condition for an ODP MR that can result in a\nCQE with an error on the UMR QP.\n\nDuring the __mlx5_ib_dereg_mr() flow, the following sequence of calls\noccurs:\n\nmlx5_revoke_mr()\n mlx5r_umr_revoke_mr()\n mlx5r_umr_post_send_wait()\n\nAt this point, the lkey is freed from the hardware\u0027s perspective.\n\nHowever, concurrently, mlx5_ib_invalidate_range() might be triggered by\nanother task attempting to invalidate a range for the same freed lkey.\n\nThis task will:\n - Acquire the umem_odp-\u003eumem_mutex lock.\n - Call mlx5r_umr_update_xlt() on the UMR QP.\n - Since the lkey has already been freed, this can lead to a CQE error,\n causing the UMR QP to enter an error state [1].\n\nTo resolve this race condition, the umem_odp-\u003eumem_mutex lock is now also\nacquired as part of the mlx5_revoke_mr() scope. Upon successful revoke,\nwe set umem_odp-\u003eprivate which points to that MR to NULL, preventing any\nfurther invalidation attempts on its lkey.\n\n[1] From dmesg:\n\n infiniband rocep8s0f0: dump_cqe:277:(pid 0): WC error: 6, Message: memory bind operation error\n cqe_dump: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000030: 00 00 00 00 08 00 78 06 25 00 11 b9 00 0e dd d2\n\n WARNING: CPU: 15 PID: 1506 at drivers/infiniband/hw/mlx5/umr.c:394 mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n Modules linked in: ip6table_mangle ip6table_natip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\n CPU: 15 UID: 0 PID: 1506 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1626\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n [..]\n Call Trace:\n \u003cTASK\u003e\n mlx5r_umr_update_xlt+0x23c/0x3e0 [mlx5_ib]\n mlx5_ib_invalidate_range+0x2e1/0x330 [mlx5_ib]\n __mmu_notifier_invalidate_range_start+0x1e1/0x240\n zap_page_range_single+0xf1/0x1a0\n madvise_vma_behavior+0x677/0x6e0\n do_madvise+0x1a2/0x4b0\n __x64_sys_madvise+0x25/0x30\n do_syscall_64+0x6b/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21732",
"url": "https://www.suse.com/security/cve/CVE-2025-21732"
},
{
"category": "external",
"summary": "SUSE Bug 1237877 for CVE-2025-21732",
"url": "https://bugzilla.suse.com/1237877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Fix resetting of tracepoints\n\nIf a timerlat tracer is started with the osnoise option OSNOISE_WORKLOAD\ndisabled, but then that option is enabled and timerlat is removed, the\ntracepoints that were enabled on timerlat registration do not get\ndisabled. If the option is disabled again and timelat is started, then it\ntriggers a warning in the tracepoint code due to registering the\ntracepoint again without ever disabling it.\n\nDo not use the same user space defined options to know to disable the\ntracepoints when timerlat is removed. Instead, set a global flag when it\nis enabled and use that flag to know to disable the events.\n\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n ~# echo OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo nop \u003e /sys/kernel/tracing/current_tracer\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n\nTriggers:\n\n ------------[ cut here ]------------\n WARNING: CPU: 6 PID: 1337 at kernel/tracepoint.c:294 tracepoint_add_func+0x3b6/0x3f0\n Modules linked in:\n CPU: 6 UID: 0 PID: 1337 Comm: rtla Not tainted 6.13.0-rc4-test-00018-ga867c441128e-dirty #73\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:tracepoint_add_func+0x3b6/0x3f0\n Code: 48 8b 53 28 48 8b 73 20 4c 89 04 24 e8 23 59 11 00 4c 8b 04 24 e9 36 fe ff ff 0f 0b b8 ea ff ff ff 45 84 e4 0f 84 68 fe ff ff \u003c0f\u003e 0b e9 61 fe ff ff 48 8b 7b 18 48 85 ff 0f 84 4f ff ff ff 49 8b\n RSP: 0018:ffffb9b003a87ca0 EFLAGS: 00010202\n RAX: 00000000ffffffef RBX: ffffffff92f30860 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9bf59e91ccd0 RDI: ffffffff913b6410\n RBP: 000000000000000a R08: 00000000000005c7 R09: 0000000000000002\n R10: ffffb9b003a87ce0 R11: 0000000000000002 R12: 0000000000000001\n R13: ffffb9b003a87ce0 R14: ffffffffffffffef R15: 0000000000000008\n FS: 00007fce81209240(0000) GS:ffff9bf6fdd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055e99b728000 CR3: 00000001277c0002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ? __warn.cold+0xb7/0x14d\n ? tracepoint_add_func+0x3b6/0x3f0\n ? report_bug+0xea/0x170\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? tracepoint_add_func+0x3b6/0x3f0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n tracepoint_probe_register+0x78/0xb0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n osnoise_workload_start+0x2b5/0x370\n timerlat_tracer_init+0x76/0x1b0\n tracing_set_tracer+0x244/0x400\n tracing_set_trace_write+0xa0/0xe0\n vfs_write+0xfc/0x570\n ? do_sys_openat2+0x9c/0xe0\n ksys_write+0x72/0xf0\n do_syscall_64+0x79/0x1c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21733",
"url": "https://www.suse.com/security/cve/CVE-2025-21733"
},
{
"category": "external",
"summary": "SUSE Bug 1238494 for CVE-2025-21733",
"url": "https://bugzilla.suse.com/1238494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21734",
"url": "https://www.suse.com/security/cve/CVE-2025-21734"
},
{
"category": "external",
"summary": "SUSE Bug 1238734 for CVE-2025-21734",
"url": "https://bugzilla.suse.com/1238734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21735",
"url": "https://www.suse.com/security/cve/CVE-2025-21735"
},
{
"category": "external",
"summary": "SUSE Bug 1238497 for CVE-2025-21735",
"url": "https://bugzilla.suse.com/1238497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix possible int overflows in nilfs_fiemap()\n\nSince nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result\nby being prepared to go through potentially maxblocks == INT_MAX blocks,\nthe value in n may experience an overflow caused by left shift of blkbits.\n\nWhile it is extremely unlikely to occur, play it safe and cast right hand\nexpression to wider type to mitigate the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with static analysis\ntool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21736",
"url": "https://www.suse.com/security/cve/CVE-2025-21736"
},
{
"category": "external",
"summary": "SUSE Bug 1238715 for CVE-2025-21736",
"url": "https://bugzilla.suse.com/1238715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21738",
"url": "https://www.suse.com/security/cve/CVE-2025-21738"
},
{
"category": "external",
"summary": "SUSE Bug 1238917 for CVE-2025-21738",
"url": "https://bugzilla.suse.com/1238917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21741",
"url": "https://www.suse.com/security/cve/CVE-2025-21741"
},
{
"category": "external",
"summary": "SUSE Bug 1238767 for CVE-2025-21741",
"url": "https://bugzilla.suse.com/1238767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21742",
"url": "https://www.suse.com/security/cve/CVE-2025-21742"
},
{
"category": "external",
"summary": "SUSE Bug 1238771 for CVE-2025-21742",
"url": "https://bugzilla.suse.com/1238771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix possible overflow in DPE length check\n\nOriginally, it was possible for the DPE length check to overflow if\nwDatagramIndex + wDatagramLength \u003e U16_MAX. This could lead to an OoB\nread.\n\nMove the wDatagramIndex term to the other side of the inequality.\n\nAn existing condition ensures that wDatagramIndex \u003c urb-\u003eactual_length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21743",
"url": "https://www.suse.com/security/cve/CVE-2025-21743"
},
{
"category": "external",
"summary": "SUSE Bug 1238781 for CVE-2025-21743",
"url": "https://bugzilla.suse.com/1238781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr-\u003eif2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp-\u003endev-\u003estats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21744",
"url": "https://www.suse.com/security/cve/CVE-2025-21744"
},
{
"category": "external",
"summary": "SUSE Bug 1238903 for CVE-2025-21744",
"url": "https://bugzilla.suse.com/1238903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21745",
"url": "https://www.suse.com/security/cve/CVE-2025-21745"
},
{
"category": "external",
"summary": "SUSE Bug 1238785 for CVE-2025-21745",
"url": "https://bugzilla.suse.com/1238785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21749",
"url": "https://www.suse.com/security/cve/CVE-2025-21749"
},
{
"category": "external",
"summary": "SUSE Bug 1238904 for CVE-2025-21749",
"url": "https://bugzilla.suse.com/1238904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "low"
}
],
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS: 00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21750",
"url": "https://www.suse.com/security/cve/CVE-2025-21750"
},
{
"category": "external",
"summary": "SUSE Bug 1238905 for CVE-2025-21750",
"url": "https://bugzilla.suse.com/1238905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn\u0027t cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n ASSERT(!(flags \u0026 ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n FAULT_INJECTION: forcing a failure.\n name failslab, interval 1, probability 0, space 0, times 1\n CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n fail_dump lib/fault-inject.c:53 [inline]\n should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n should_failslab+0xac/0x100 mm/failslab.c:46\n slab_pre_alloc_hook mm/slub.c:4072 [inline]\n slab_alloc_node mm/slub.c:4148 [inline]\n __do_kmalloc_node mm/slub.c:4297 [inline]\n __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_pwritev fs/read_write.c:1146 [inline]\n __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f1281f85d29\n RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n \u003c/TASK\u003e\n BTRFS error (device loop0 state A): Transaction aborted (error -12)\n BTRFS: error (device loop0 state A\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21754",
"url": "https://www.suse.com/security/cve/CVE-2025-21754"
},
{
"category": "external",
"summary": "SUSE Bug 1238496 for CVE-2025-21754",
"url": "https://bugzilla.suse.com/1238496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context\n\nThe following bug report happened with a PREEMPT_RT kernel:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n get_random_u32+0x4f/0x110\n clocksource_verify_choose_cpus+0xab/0x1a0\n clocksource_verify_percpu.part.0+0x6b/0x330\n clocksource_watchdog_kthread+0x193/0x1a0\n\nIt is due to the fact that clocksource_verify_choose_cpus() is invoked with\npreemption disabled. This function invokes get_random_u32() to obtain\nrandom numbers for choosing CPUs. The batched_entropy_32 local lock and/or\nthe base_crng.lock spinlock in driver/char/random.c will be acquired during\nthe call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot\nbe acquired in atomic context.\n\nFix this problem by using migrate_disable() to allow smp_processor_id() to\nbe reliably used without introducing atomic context. preempt_disable() is\nthen called after clocksource_verify_choose_cpus() but before the\nclocksource measurement is being run to avoid introducing unexpected\nlatency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21767",
"url": "https://www.suse.com/security/cve/CVE-2025-21767"
},
{
"category": "external",
"summary": "SUSE Bug 1238509 for CVE-2025-21767",
"url": "https://bugzilla.suse.com/1238509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial\n\nThe driver assumed that es58x_dev-\u003eudev-\u003eserial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev-\u003eudev-\u003eserial before accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21773",
"url": "https://www.suse.com/security/cve/CVE-2025-21773"
},
{
"category": "external",
"summary": "SUSE Bug 1238762 for CVE-2025-21773",
"url": "https://bugzilla.suse.com/1238762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21775",
"url": "https://www.suse.com/security/cve/CVE-2025-21775"
},
{
"category": "external",
"summary": "SUSE Bug 1238501 for CVE-2025-21775",
"url": "https://bugzilla.suse.com/1238501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: hub: Ignore non-compliant devices with too many configs or interfaces\n\nRobert Morris created a test program which can cause\nusb_hub_to_struct_hub() to dereference a NULL or inappropriate\npointer:\n\nOops: general protection fault, probably for non-canonical address\n0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI\nCPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14\nHardware name: FreeBSD BHYVE/BHYVE, BIOS 14.0 10/17/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_hub_adjust_deviceremovable+0x78/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x31/0x80\n ? exc_general_protection+0x1b4/0x3c0\n ? asm_exc_general_protection+0x26/0x30\n ? usb_hub_adjust_deviceremovable+0x78/0x110\n hub_probe+0x7c7/0xab0\n usb_probe_interface+0x14b/0x350\n really_probe+0xd0/0x2d0\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x6e/0x110\n driver_probe_device+0x1a/0x90\n __device_attach_driver+0x7e/0xc0\n bus_for_each_drv+0x7f/0xd0\n __device_attach+0xaa/0x1a0\n bus_probe_device+0x8b/0xa0\n device_add+0x62e/0x810\n usb_set_configuration+0x65d/0x990\n usb_generic_driver_probe+0x4b/0x70\n usb_probe_device+0x36/0xd0\n\nThe cause of this error is that the device has two interfaces, and the\nhub driver binds to interface 1 instead of interface 0, which is where\nusb_hub_to_struct_hub() looks.\n\nWe can prevent the problem from occurring by refusing to accept hub\ndevices that violate the USB spec by having more than one\nconfiguration or interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21776",
"url": "https://www.suse.com/security/cve/CVE-2025-21776"
},
{
"category": "external",
"summary": "SUSE Bug 1238909 for CVE-2025-21776",
"url": "https://bugzilla.suse.com/1238909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21779",
"url": "https://www.suse.com/security/cve/CVE-2025-21779"
},
{
"category": "external",
"summary": "SUSE Bug 1238768 for CVE-2025-21779",
"url": "https://bugzilla.suse.com/1238768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21780",
"url": "https://www.suse.com/security/cve/CVE-2025-21780"
},
{
"category": "external",
"summary": "SUSE Bug 1239115 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "external",
"summary": "SUSE Bug 1239116 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn\u0027t a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh-\u003ebat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21781",
"url": "https://www.suse.com/security/cve/CVE-2025-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1238735 for CVE-2025-21781",
"url": "https://bugzilla.suse.com/1238735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21784",
"url": "https://www.suse.com/security/cve/CVE-2025-21784"
},
{
"category": "external",
"summary": "SUSE Bug 1238510 for CVE-2025-21784",
"url": "https://bugzilla.suse.com/1238510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21785",
"url": "https://www.suse.com/security/cve/CVE-2025-21785"
},
{
"category": "external",
"summary": "SUSE Bug 1238747 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "external",
"summary": "SUSE Bug 1240745 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1240745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: check vxlan_vnigroup_init() return value\n\nvxlan_init() must check vxlan_vnigroup_init() success\notherwise a crash happens later, spotted by syzbot.\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000002c: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000160-0x0000000000000167]\nCPU: 0 UID: 0 PID: 7313 Comm: syz-executor147 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:vxlan_vnigroup_uninit+0x89/0x500 drivers/net/vxlan/vxlan_vnifilter.c:912\nCode: 00 48 8b 44 24 08 4c 8b b0 98 41 00 00 49 8d 86 60 01 00 00 48 89 c2 48 89 44 24 10 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4d 04 00 00 49 8b 86 60 01 00 00 48 ba 00 00 00\nRSP: 0018:ffffc9000cc1eea8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff8672effb\nRDX: 000000000000002c RSI: ffffffff8672ecb9 RDI: ffff8880461b4f18\nRBP: ffff8880461b4ef4 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000020000\nR13: ffff8880461b0d80 R14: 0000000000000000 R15: dffffc0000000000\nFS: 00007fecfa95d6c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fecfa95cfb8 CR3: 000000004472c000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vxlan_uninit+0x1ab/0x200 drivers/net/vxlan/vxlan_core.c:2942\n unregister_netdevice_many_notify+0x12d6/0x1f30 net/core/dev.c:11824\n unregister_netdevice_many net/core/dev.c:11866 [inline]\n unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11736\n register_netdevice+0x1829/0x1eb0 net/core/dev.c:10901\n __vxlan_dev_create+0x7c6/0xa30 drivers/net/vxlan/vxlan_core.c:3981\n vxlan_newlink+0xd1/0x130 drivers/net/vxlan/vxlan_core.c:4407\n rtnl_newlink_create net/core/rtnetlink.c:3795 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21790",
"url": "https://www.suse.com/security/cve/CVE-2025-21790"
},
{
"category": "external",
"summary": "SUSE Bug 1238753 for CVE-2025-21790",
"url": "https://bugzilla.suse.com/1238753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21790"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21793",
"url": "https://www.suse.com/security/cve/CVE-2025-21793"
},
{
"category": "external",
"summary": "SUSE Bug 1238500 for CVE-2025-21793",
"url": "https://bugzilla.suse.com/1238500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()\n\nSyzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from\nhid-thrustmaster driver. This array is passed to usb_check_int_endpoints\nfunction from usb.c core driver, which executes a for loop that iterates\nover the elements of the passed array. Not finding a null element at the end of\nthe array, it tries to read the next, non-existent element, crashing the kernel.\n\nTo fix this, a 0 element was added at the end of the array to break the for\nloop.\n\n[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21794",
"url": "https://www.suse.com/security/cve/CVE-2025-21794"
},
{
"category": "external",
"summary": "SUSE Bug 1238502 for CVE-2025-21794",
"url": "https://bugzilla.suse.com/1238502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix hang in nfsd4_shutdown_callback\n\nIf nfs4_client is in courtesy state then there is no point to send\nthe callback. This causes nfsd4_shutdown_callback to hang since\ncl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP\nnotifies NFSD that the connection was dropped.\n\nThis patch modifies nfsd4_run_cb_work to skip the RPC call if\nnfs4_client is in courtesy state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21795",
"url": "https://www.suse.com/security/cve/CVE-2025-21795"
},
{
"category": "external",
"summary": "SUSE Bug 1238759 for CVE-2025-21795",
"url": "https://bugzilla.suse.com/1238759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()\n\nWhen getting the IRQ we use k3_udma_glue_tx_get_irq() which returns\nnegative error value on error. So not NULL check is not sufficient\nto deteremine if IRQ is valid. Check that IRQ is greater then zero\nto ensure it is valid.\n\nThere is no issue at probe time but at runtime user can invoke\n.set_channels which results in the following call chain.\nam65_cpsw_set_channels()\n am65_cpsw_nuss_update_tx_rx_chns()\n am65_cpsw_nuss_remove_tx_chns()\n am65_cpsw_nuss_init_tx_chns()\n\nAt this point if am65_cpsw_nuss_init_tx_chns() fails due to\nk3_udma_glue_tx_get_irq() then tx_chn-\u003eirq will be set to a\nnegative value.\n\nThen, at subsequent .set_channels with higher channel count we\nwill attempt to free an invalid IRQ in am65_cpsw_nuss_remove_tx_chns()\nleading to a kernel warning.\n\nThe issue is present in the original commit that introduced this driver,\nalthough there, am65_cpsw_nuss_update_tx_rx_chns() existed as\nam65_cpsw_nuss_update_tx_chns().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21799",
"url": "https://www.suse.com/security/cve/CVE-2025-21799"
},
{
"category": "external",
"summary": "SUSE Bug 1238739 for CVE-2025-21799",
"url": "https://bugzilla.suse.com/1238739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21799"
},
{
"cve": "CVE-2025-21802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix oops when unload drivers paralleling\n\nWhen unload hclge driver, it tries to disable sriov first for each\nae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at\nthe time, because it removes all the ae_dev nodes, and it may cause\noops.\n\nBut we can\u0027t simply use hnae3_common_lock for this. Because in the\nprocess flow of pci_disable_sriov(), it will trigger the remove flow\nof VF, which will also take hnae3_common_lock.\n\nTo fixes it, introduce a new mutex to protect the unload process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21802",
"url": "https://www.suse.com/security/cve/CVE-2025-21802"
},
{
"category": "external",
"summary": "SUSE Bug 1238751 for CVE-2025-21802",
"url": "https://bugzilla.suse.com/1238751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21802"
},
{
"cve": "CVE-2025-21804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n $ cat /proc/iomem\n 30000000-37ffffff :\n 38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n $ cat /proc/iomem\n 30000000-37ffffff : memory2\n 38000000-3fffffff : memory3\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21804",
"url": "https://www.suse.com/security/cve/CVE-2025-21804"
},
{
"category": "external",
"summary": "SUSE Bug 1238736 for CVE-2025-21804",
"url": "https://bugzilla.suse.com/1238736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: class: Fix wild pointer dereferences in API class_dev_iter_next()\n\nThere are a potential wild pointer dereferences issue regarding APIs\nclass_dev_iter_(init|next|exit)(), as explained by below typical usage:\n\n// All members of @iter are wild pointers.\nstruct class_dev_iter iter;\n\n// class_dev_iter_init(@iter, @class, ...) checks parameter @class for\n// potential class_to_subsys() error, and it returns void type and does\n// not initialize its output parameter @iter, so caller can not detect\n// the error and continues to invoke class_dev_iter_next(@iter) even if\n// @iter still contains wild pointers.\nclass_dev_iter_init(\u0026iter, ...);\n\n// Dereference these wild pointers in @iter here once suffer the error.\nwhile (dev = class_dev_iter_next(\u0026iter)) { ... };\n\n// Also dereference these wild pointers here.\nclass_dev_iter_exit(\u0026iter);\n\nActually, all callers of these APIs have such usage pattern in kernel tree.\nFix by:\n- Initialize output parameter @iter by memset() in class_dev_iter_init()\n and give callers prompt by pr_crit() for the error.\n- Check if @iter is valid in class_dev_iter_next().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21810",
"url": "https://www.suse.com/security/cve/CVE-2025-21810"
},
{
"category": "external",
"summary": "SUSE Bug 1238757 for CVE-2025-21810",
"url": "https://bugzilla.suse.com/1238757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/compaction: fix UBSAN shift-out-of-bounds warning\n\nsyzkaller reported a UBSAN shift-out-of-bounds warning of (1UL \u003c\u003c order)\nin isolate_freepages_block(). The bogus compound_order can be any value\nbecause it is union with flags. Add back the MAX_PAGE_ORDER check to fix\nthe warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21815",
"url": "https://www.suse.com/security/cve/CVE-2025-21815"
},
{
"category": "external",
"summary": "SUSE Bug 1238474 for CVE-2025-21815",
"url": "https://bugzilla.suse.com/1238474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/display: Use HW lock mgr for PSR1\"\n\nThis reverts commit\na2b5a9956269 (\"drm/amd/display: Use HW lock mgr for PSR1\")\n\nBecause it may cause system hang while connect with two edp panel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21819",
"url": "https://www.suse.com/security/cve/CVE-2025-21819"
},
{
"category": "external",
"summary": "SUSE Bug 1238994 for CVE-2025-21819",
"url": "https://bugzilla.suse.com/1238994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port-\u003esysrq)\n uart_port_lock(port)\n uart_handle_break()\n port-\u003esysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port-\u003esysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port-\u003esysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21820",
"url": "https://www.suse.com/security/cve/CVE-2025-21820"
},
{
"category": "external",
"summary": "SUSE Bug 1238479 for CVE-2025-21820",
"url": "https://bugzilla.suse.com/1238479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21823",
"url": "https://www.suse.com/security/cve/CVE-2025-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1238475 for CVE-2025-21823",
"url": "https://bugzilla.suse.com/1238475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Cancel the running bpf_timer through kworker for PREEMPT_RT\n\nDuring the update procedure, when overwrite element in a pre-allocated\nhtab, the freeing of old_element is protected by the bucket lock. The\nreason why the bucket lock is necessary is that the old_element has\nalready been stashed in htab-\u003eextra_elems after alloc_htab_elem()\nreturns. If freeing the old_element after the bucket lock is unlocked,\nthe stashed element may be reused by concurrent update procedure and the\nfreeing of old_element will run concurrently with the reuse of the\nold_element. However, the invocation of check_and_free_fields() may\nacquire a spin-lock which violates the lockdep rule because its caller\nhas already held a raw-spin-lock (bucket lock). The following warning\nwill be reported when such race happens:\n\n BUG: scheduling while atomic: test_progs/676/0x00000003\n 3 locks held by test_progs/676:\n #0: ffffffff864b0240 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830\n #1: ffff88810e961188 (\u0026htab-\u003elockdep_key){....}-{2:2}, at: htab_map_update_elem+0x306/0x1500\n #2: ffff8881f4eac1b8 (\u0026base-\u003esoftirq_expiry_lock){....}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0\n Modules linked in: bpf_testmod(O)\n Preemption disabled at:\n [\u003cffffffff817837a3\u003e] htab_map_update_elem+0x293/0x1500\n CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G ... 6.12.0+ #11\n Tainted: [W]=WARN, [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n __schedule_bug+0x120/0x170\n __schedule+0x300c/0x4800\n schedule_rtlock+0x37/0x60\n rtlock_slowlock_locked+0x6d9/0x54c0\n rt_spin_lock+0x168/0x230\n hrtimer_cancel_wait_running+0xe9/0x1b0\n hrtimer_cancel+0x24/0x30\n bpf_timer_delete_work+0x1d/0x40\n bpf_timer_cancel_and_free+0x5e/0x80\n bpf_obj_free_fields+0x262/0x4a0\n check_and_free_fields+0x1d0/0x280\n htab_map_update_elem+0x7fc/0x1500\n bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43\n bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e\n bpf_prog_test_run_syscall+0x322/0x830\n __sys_bpf+0x135d/0x3ca0\n __x64_sys_bpf+0x75/0xb0\n x64_sys_call+0x1b5/0xa10\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n ...\n \u003c/TASK\u003e\n\nIt seems feasible to break the reuse and refill of per-cpu extra_elems\ninto two independent parts: reuse the per-cpu extra_elems with bucket\nlock being held and refill the old_element as per-cpu extra_elems after\nthe bucket lock is unlocked. However, it will make the concurrent\noverwrite procedures on the same CPU return unexpected -E2BIG error when\nthe map is full.\n\nTherefore, the patch fixes the lock problem by breaking the cancelling\nof bpf_timer into two steps for PREEMPT_RT:\n1) use hrtimer_try_to_cancel() and check its return value\n2) if the timer is running, use hrtimer_cancel() through a kworker to\n cancel it again\nConsidering that the current implementation of hrtimer_cancel() will try\nto acquire a being held softirq_expiry_lock when the current timer is\nrunning, these steps above are reasonable. However, it also has\ndownside. When the timer is running, the cancelling of the timer is\ndelayed when releasing the last map uref. The delay is also fixable\n(e.g., break the cancelling of bpf timer into two parts: one part in\nlocked scope, another one in unlocked scope), it can be revised later if\nnecessary.\n\nIt is a bit hard to decide the right fix tag. One reason is that the\nproblem depends on PREEMPT_RT which is enabled in v6.12. Considering the\nsoftirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced\nin v5.15, the bpf_timer commit is used in the fixes tag and an extra\ndepends-on tag is added to state the dependency on PREEMPT_RT.\n\nDepends-on: v6.12+ with PREEMPT_RT enabled",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21825",
"url": "https://www.suse.com/security/cve/CVE-2025-21825"
},
{
"category": "external",
"summary": "SUSE Bug 1238971 for CVE-2025-21825",
"url": "https://bugzilla.suse.com/1238971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t flush non-uploaded STAs\n\nIf STA state is pre-moved to AUTHORIZED (such as in IBSS\nscenarios) and insertion fails, the station is freed.\nIn this case, the driver never knew about the station,\nso trying to flush it is unexpected and may crash.\n\nCheck if the sta was uploaded to the driver before and\nfix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21828",
"url": "https://www.suse.com/security/cve/CVE-2025-21828"
},
{
"category": "external",
"summary": "SUSE Bug 1238958 for CVE-2025-21828",
"url": "https://bugzilla.suse.com/1238958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n \u003cTASK\u003e\n ? show_regs.cold+0x1a/0x1f\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __warn+0x84/0xd0\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? report_bug+0x105/0x180\n ? handle_bug+0x46/0x80\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n ib_destroy_qp_user+0x118/0x190 [ib_core]\n rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n process_one_work+0x21d/0x3f0\n worker_thread+0x4a/0x3c0\n ? process_one_work+0x3f0/0x3f0\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21829",
"url": "https://www.suse.com/security/cve/CVE-2025-21829"
},
{
"category": "external",
"summary": "SUSE Bug 1239030 for CVE-2025-21829",
"url": "https://bugzilla.suse.com/1239030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21830",
"url": "https://www.suse.com/security/cve/CVE-2025-21830"
},
{
"category": "external",
"summary": "SUSE Bug 1239033 for CVE-2025-21830",
"url": "https://bugzilla.suse.com/1239033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won\u0027t be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21831",
"url": "https://www.suse.com/security/cve/CVE-2025-21831"
},
{
"category": "external",
"summary": "SUSE Bug 1239039 for CVE-2025-21831",
"url": "https://bugzilla.suse.com/1239039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21835",
"url": "https://www.suse.com/security/cve/CVE-2025-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1239068 for CVE-2025-21835",
"url": "https://bugzilla.suse.com/1239068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget-\u003ework\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(\u0026gadget-\u003ework)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21838",
"url": "https://www.suse.com/security/cve/CVE-2025-21838"
},
{
"category": "external",
"summary": "SUSE Bug 1239065 for CVE-2025-21838",
"url": "https://bugzilla.suse.com/1239065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-rt-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T09:25:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
}
]
}
SUSE-SU-2025:20270-1
Vulnerability from csaf_suse - Published: 2025-04-17 14:30 - Updated: 2025-04-17 14:30Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- CVE-2024-27415: netfilter: br_netfilter: skip conntrack input hook for promisc packets (bsc#1224757).
- CVE-2024-35910: kABI fix for tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).
- CVE-2024-56638: kABI fix for "netfilter: nft_inner: incorrect percpu area handling under softirq" (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).
- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).
- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).
- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
- CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).
- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).
- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).
- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).
- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).
- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).
- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).
- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).
- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed
if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21969: Bluetooth: L2CAP: Fix build errors in some archs (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
The following non-security bugs were fixed:
- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-fixes).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).
- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- Fix memory-hotplug regression (bsc#1237504)
- Grab mm lock before grabbing pt lock (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).
- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).
- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).
- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes).
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).
- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).
- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes).
- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).
- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).
- Move upstreamed ACPI patch into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: Use downstream bridges for distributing resources (bsc#1237325).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/efa: Reset device on probe failure (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Reapply "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes).
- Revert "dm: requeue IO if mapping table not yet available" (git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes).
- Revert "leds-pca955x: Remove the unused function pca95xx_num_led_regs()" (stable-fixes).
- Revert "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).
- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).
- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- bio-integrity: do not restrict the size of integrity metadata (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).
- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).
- blk-mq: add number of queue calc helper (bsc#1236897).
- blk-mq: create correct map for fallback case (bsc#1236896).
- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).
- blk_iocost: remove some duplicate irq disable/enables (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).
- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).
- block: change rq_integrity_vec to respect the iterator (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- block: ensure we hold a queue reference when using queue limits (git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).
- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).
- block: retry call probe after request_module in blk_request_module (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- block: use the right type for stub rq_integrity_vec() (git-fixes).
- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: fix potential error return (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).
- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).
- cifs: Remove intermediate object of failed create reparse call (git-fixes).
- cifs: commands that are retried should have replay flag set (bsc#1231432).
- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).
- cifs: helper function to check replayable error codes (bsc#1231432).
- cifs: new mount option called retrans (bsc#1231432).
- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).
- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).
- cifs: update desired access while requesting for directory lease (git-fixes).
- cifs: update the same create_guid on replay (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- config: Set gcc version (jsc#PED-12251).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)
Keep the feature disabled by default on x86_64
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).
- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).
- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init()
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- doc/README.SUSE: Point to the updated version of LKMPG
- doc: update managed_irq documentation (bsc#1236897).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to
avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).
- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting" (git-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- drm/i915/selftests: avoid using uninitialized context (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).
- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).
- eth: gve: use appropriate helper to set xdp_features (git-fixes).
- exfat: convert to ctime accessor functions (git-fixes).
- exfat: do not zero the extended part (bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).
- exfat: fix file being changed by unaligned direct write (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).
- exfat: fix zero the unwritten part for dio read (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- futex: Do not include process MM in futex key on no-MMU (git-fixes).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
- gup: make the stack expansion warning a bit more targeted (bsc#1238214).
- hfs: Sanity check the root record (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).
- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).
- ice: put Rx buffers after being done with current frame (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).
- igc: return early when failing to read EECD register (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kabi: fix bus type (bsc#1236896).
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).
- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).
- kernel-binary: Support livepatch_rt with merged RT branch
- kernel-source: Also replace bin/env
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).
- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- lib: stackinit: hide never-taken branch from compiler (stable-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to
perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698
jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).
- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).
- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/raid0: do not free conf on raid0_run failure (git-fixes).
- md/raid1: do not free conf on raid0_run failure (git-fixes).
- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).
- md: Do not flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).
- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mptcp: export local_address (git-fixes)
- mptcp: fix NL PM announced address accounting (git-fixes)
- mptcp: fix data races on local_id (git-fixes)
- mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- mptcp: pm: do not try to create sf if alloc failed (git-fixes)
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- mptcp: pm: reduce indentation blocks (git-fixes)
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- mptcp: unify pm get_local_id interfaces (git-fixes)
- mptcp: unify pm set_flags interfaces (git-fixes)
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions (git-fixes).
- nbd: do not allow reconnect after disconnect (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).
- net: Fix undefined behavior in netdev name allocation (bsc#1233749).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns (bsc#1233749).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- net: do not send a MOVE event when netdev changes netns (bsc#1233749).
- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: fix removing a namespace with conflicting altnames (bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: move altnames together with the netdevice (bsc#1233749).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).
- net: remove else after return in dev_prep_valid_name() (bsc#1233749).
- net: rose: lock the socket in rose_bind() (git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).
- net: smc: fix spurious error message from __sock_release() (bsc#1237126).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).
- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).
- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- padata: fix sysfs store callback check (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).
- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid
mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).
- powerpc: Stop using no_llseek (bsc#1239573).
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).
- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).
- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).
- rbd: do not move requests to the running list on errors (git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/cio: Fix CHPID "configure" attribute caching (git-fixes bsc#1240979).
- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).
- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).
- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices (bsc#1236752).
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/topology: Improve topology detection (bsc#1236591).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).
- scsi: core: Clear driver private data when retrying request (git-fixes).
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- scsi: core: Handle depopulation and restoration in progress (git-fixes).
- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).
- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).
- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).
- scsi: myrb: Remove dead code (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- scsi: sg: Enable runtime power management (git-fixes).
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).
- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftest: hugetlb_dio: fix test naming (git-fixes).
- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).
- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).
- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes).
- smb3: request handle caching when caching directories (bsc#1231432).
- smb3: retrying on failed server close (bsc#1231432).
- smb: cached directories can be more than root file handle (bsc#1231432).
- smb: cilent: set reparse mount points as automounts (git-fixes).
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).
- smb: client: Fix minor whitespace errors and warnings (git-fixes).
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).
- smb: client: add support for WSL reparse points (git-fixes).
- smb: client: allow creating special files via reparse points (git-fixes).
- smb: client: allow creating symlinks via reparse points (git-fixes).
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: do not query reparse points twice on symlinks (git-fixes).
- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).
- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).
- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).
- smb: client: fix hardlinking of reparse points (git-fixes).
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- smb: client: fix possible double free in smb2_set_ea() (git-fixes).
- smb: client: fix potential broken compound request (git-fixes).
- smb: client: fix renaming of reparse points (git-fixes).
- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).
- smb: client: handle path separator of created SMB symlinks (git-fixes).
- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).
- smb: client: ignore unhandled reparse tags (git-fixes).
- smb: client: implement ->query_reparse_point() for SMB1 (git-fixes).
- smb: client: instantiate when creating SFU files (git-fixes).
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- smb: client: introduce reparse mount option (git-fixes).
- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).
- smb: client: move most of reparse point handling code to common file (git-fixes).
- smb: client: move some params to cifs_open_info_data (bsc#1231432).
- smb: client: optimise reparse point querying (git-fixes).
- smb: client: parse owner/group when creating reparse points (git-fixes).
- smb: client: parse reparse point flag in create response (bsc#1231432).
- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).
- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).
- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).
- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- smb: client: retry compound request without reusing lease (git-fixes).
- smb: client: return reparse type in /proc/mounts (git-fixes).
- smb: client: reuse file lease key in compound operations (git-fixes).
- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).
- smb: client: set correct file type from NFS reparse points (git-fixes).
- smb: client: stop revalidating reparse points unnecessarily (git-fixes).
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).
- usbnet: ipheth: document scope of NCM implementation (stable-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- virtio-mem: check if the config changed before fake offlining memory (git-fixes).
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).
- vsock/virtio: cancel close work in the destructor (git-fixes)
- vsock: Keep the binding until socket destruction (git-fixes)
- vsock: reset socket state when de-assigning the transport (git-fixes)
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/asm: Make serialize() always_inline (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
- xen/swiotlb: relax alignment requirements (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- zram: fix potential UAF of zram table (git-fixes).
- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).
- zram: refuse to use zero sized block device as backing device (git-fixes).
- zram: split memory-tracking and ac-time tracking (git-fixes).
Patchnames
SUSE-SLE-Micro-6.1-kernel-14
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).\n- CVE-2024-27415: netfilter: br_netfilter: skip conntrack input hook for promisc packets (bsc#1224757).\n- CVE-2024-35910: kABI fix for tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).\n- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).\n- CVE-2024-45010: mptcp: pm: only mark \u0027subflow\u0027 endp as available (bsc#1230439).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-49940: l2tp: prevent possible tunnel refcount underflow (bsc#1232812).\n- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).\n- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).\n- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-50142: xfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset (bsc#1233028).\n- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).\n- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).\n- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).\n- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).\n- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).\n- CVE-2024-53124: net: fix data-races around sk-\u003esk_forward_alloc (bsc#1234074).\n- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).\n- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).\n- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).\n- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).\n- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).\n- CVE-2024-56638: kABI fix for \"netfilter: nft_inner: incorrect percpu area handling under softirq\" (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).\n- CVE-2024-56658: net: defer final \u0027struct net\u0027 free in netns dismantle (bsc#1235441).\n- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).\n- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).\n- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current-\u003ensproxy (bsc#1236113).\n- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current-\u003ensproxy (bsc#1236114).\n- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current-\u003ensproxy (bsc#1236115).\n- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current-\u003ensproxy (bsc#1236122).\n- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy (bsc#1236123).\n- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).\n- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).\n- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).\n- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).\n- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).\n- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).\n- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).\n- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).\n- CVE-2025-21678: gtp: Destroy device along with udp socket\u0027s netns dismantle (bsc#1236698).\n- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).\n- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).\n- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).\n- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).\n- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).\n- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).\n- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).\n- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).\n- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).\n- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).\n- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).\n- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).\n- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).\n- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).\n- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).\n- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).\n- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).\n- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).\n- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).\n- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).\n- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).\n- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).\n- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).\n- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).\n- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).\n- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).\n- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).\n- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed\n if hclge_ptp_get_cycle returns an error (bsc#1240720).\n- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level \u003e 2 (bsc#1240742).\n- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).\n- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).\n- CVE-2025-21969: Bluetooth: L2CAP: Fix build errors in some archs (bsc#1240784).\n- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).\n- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).\n- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).\n- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).\n- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).\n- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).\n- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).\n\nThe following non-security bugs were fixed:\n\n- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).\n- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).\n- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).\n- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).\n- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).\n- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).\n- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).\n- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).\n- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).\n- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).\n- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).\n- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).\n- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).\n- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).\n- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).\n- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).\n- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).\n- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).\n- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).\n- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).\n- ALSA: seq: Make dependency on UMP clearer (git-fixes).\n- ALSA: seq: remove redundant \u0027tristate\u0027 for SND_SEQ_UMP_CLIENT (stable-fixes).\n- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).\n- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).\n- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).\n- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).\n- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).\n- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).\n- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).\n- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).\n- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).\n- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).\n- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).\n- ASoC: es8328: fix route from DAC to output (git-fixes).\n- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).\n- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).\n- ASoC: ops: Consistently treat platform_max as control value (git-fixes).\n- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).\n- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).\n- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).\n- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).\n- ASoC: rt722-sdca: add missing readable registers (git-fixes).\n- ASoC: tas2764: Fix power control mask (stable-fixes).\n- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- ASoC: tas2770: Fix volume scale (stable-fixes).\n- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).\n- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).\n- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).\n- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- Documentation: qat: fix auto_reset attribute details (git-fixes).\n- Documentation: qat: fix auto_reset section (git-fixes).\n- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- Fix memory-hotplug regression (bsc#1237504)\n- Grab mm lock before grabbing pt lock (git-fixes).\n- HID: Enable playstation driver independently of sony driver (git-fixes).\n- HID: Wacom: Add PCI Wacom device support (stable-fixes).\n- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).\n- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).\n- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).\n- HID: hid-steam: Add Deck IMU support (stable-fixes).\n- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).\n- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).\n- HID: hid-steam: Clean up locking (stable-fixes).\n- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).\n- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).\n- HID: hid-steam: Fix cleanup in probe() (git-fixes).\n- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).\n- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).\n- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).\n- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).\n- HID: hid-steam: remove pointless error message (stable-fixes).\n- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).\n- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).\n- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).\n- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).\n- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).\n- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- IB/mad: Check available slots before posting receive WRs (git-fixes)\n- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)\n- Input: ads7846 - fix gpiod allocation (git-fixes).\n- Input: allocate keycode for phone linking (stable-fixes).\n- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- Input: iqs7222 - preserve system status register (git-fixes).\n- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).\n- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).\n- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- Input: xpad - add multiple supported devices (stable-fixes).\n- Input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- Input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).\n- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).\n- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).\n- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).\n- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).\n- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).\n- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).\n- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)\n- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).\n- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).\n- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).\n- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).\n- KVM: x86/mmu: Skip the \"try unsync\" path iff the old SPTE was a leaf SPTE (git-fixes).\n- KVM: x86: AMD\u0027s IBPB is not equivalent to Intel\u0027s IBPB (git-fixes).\n- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).\n- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).\n- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).\n- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).\n- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).\n- KVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel (git-fixes).\n- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).\n- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).\n- Move upstreamed ACPI patch into sorted section\n- Move upstreamed PCI and initramfs patches into sorted section\n- Move upstreamed nfsd and sunrpc patches into sorted section\n- Move upstreamed powerpc and SCSI patches into sorted section\n- PCI/ACS: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).\n- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)\n- PCI/DOE: Support discovery version 2 (bsc#1237853)\n- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).\n- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- PCI: Avoid reset when disabled via sysfs (git-fixes).\n- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).\n- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).\n- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- PCI: Use downstream bridges for distributing resources (bsc#1237325).\n- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- PCI: brcmstb: Use internal register to change link capability (git-fixes).\n- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).\n- PCI: hookup irq_get_affinity callback (bsc#1236896).\n- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).\n- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).\n- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- PM: sleep: Adjust check before setting power.must_resume (git-fixes).\n- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).\n- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)\n- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)\n- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- RDMA/efa: Reset device on probe failure (git-fixes)\n- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)\n- RDMA/hns: Fix missing xa_destroy() (git-fixes)\n- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)\n- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)\n- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).\n- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- RDMA/mlx5: Fix AH static rate parsing (git-fixes)\n- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)\n- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)\n- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)\n- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)\n- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)\n- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)\n- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)\n- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- RDMA/rxe: Improve newline in printing messages (git-fixes)\n- Reapply \"wifi: ath11k: restore country code during resume\" (bsc#1207948).\n- Revert \"blk-throttle: Fix IO hang for a corner case\" (git-fixes).\n- Revert \"dm: requeue IO if mapping table not yet available\" (git-fixes).\n- Revert \"drivers/card_reader/rtsx_usb: Restore interrupt based detection\" (git-fixes).\n- Revert \"drm/amd/display: Use HW lock mgr for PSR1\" (stable-fixes).\n- Revert \"leds-pca955x: Remove the unused function pca95xx_num_led_regs()\" (stable-fixes).\n- Revert \"wifi: ath11k: restore country code during resume\" (bsc#1207948).\n- Revert \"wifi: ath11k: support hibernation\" (bsc#1207948).\n- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).\n- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).\n- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).\n- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).\n- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).\n- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).\n- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).\n- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).\n- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).\n- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).\n- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).\n- USB: serial: option: drop MeiG Smart defines (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).\n- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- Update \"drm/mgag200: Added support for the new device G200eH5\" (jsc#PED-12094)\n- Use gcc-13 for build on SLE16 (jsc#PED-10028).\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acct: block access to kernel internal filesystems (git-fixes).\n- acct: perform last write from workqueue (git-fixes).\n- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).\n- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).\n- af_unix: Annotate data-race of sk-\u003esk_state in unix_stream_read_skb() (bsc#1239435).\n- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- affs: do not write overlarge OFS data block size fields (git-fixes).\n- affs: generate OFS sequence numbers starting at 1 (git-fixes).\n- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).\n- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)\n- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)\n- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)\n- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)\n- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)\n- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)\n- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)\n- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)\n- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)\n- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)\n- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)\n- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)\n- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)\n- arm64: mm: Correct the update of max_pfn (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- batman-adv: Drop unmanaged ELP metric worker (git-fixes).\n- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- batman-adv: fix panic during interface removal (git-fixes).\n- bio-integrity: do not restrict the size of integrity metadata (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- blk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage (bsc#1237558).\n- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).\n- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).\n- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).\n- blk-mq: add number of queue calc helper (bsc#1236897).\n- blk-mq: create correct map for fallback case (bsc#1236896).\n- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).\n- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).\n- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).\n- blk-mq: move cpuhp callback registering out of q-\u003esysfs_lock (git-fixes).\n- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).\n- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).\n- blk_iocost: remove some duplicate irq disable/enables (git-fixes).\n- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).\n- block: Clear zone limits for a non-zoned stacked queue (git-fixes).\n- block: Fix elevator_get_default() checking for NULL q-\u003etag_set (git-fixes).\n- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).\n- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).\n- block: Provide bdev_open_* functions (git-fixes).\n- block: Remove special-casing of compound pages (git-fixes).\n- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).\n- block: add a disk_has_partscan helper (git-fixes).\n- block: add a partscan sysfs attribute for disks (git-fixes).\n- block: add check of \u0027minors\u0027 and \u0027first_minor\u0027 in device_add_disk() (git-fixes).\n- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).\n- block: change rq_integrity_vec to respect the iterator (git-fixes).\n- block: cleanup and fix batch completion adding conditions (git-fixes).\n- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).\n- block: do not revert iter for -EIOCBQUEUED (git-fixes).\n- block: ensure we hold a queue reference when using queue limits (git-fixes).\n- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).\n- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).\n- block: fix integer overflow in BLKSECDISCARD (git-fixes).\n- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).\n- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).\n- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).\n- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).\n- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).\n- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).\n- block: retry call probe after request_module in blk_request_module (git-fixes).\n- block: return unsigned int from bdev_io_min (git-fixes).\n- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).\n- block: support to account io_ticks precisely (git-fixes).\n- block: use the right type for stub rq_integrity_vec() (git-fixes).\n- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).\n- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).\n- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).\n- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).\n- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).\n- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).\n- bpf: Fix a verifier verbose message (git-fixes).\n- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).\n- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).\n- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).\n- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).\n- bpf: fix potential error return (git-fixes).\n- bpf: prevent r10 register from being marked as precise (git-fixes).\n- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).\n- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).\n- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).\n- can: ctucanfd: handle skb allocation failure (git-fixes).\n- can: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdx: Fix possible UAF error in driver_override_show() (git-fixes).\n- char: misc: deallocate static minor in error path (git-fixes).\n- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).\n- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).\n- cifs: Remove intermediate object of failed create reparse call (git-fixes).\n- cifs: commands that are retried should have replay flag set (bsc#1231432).\n- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).\n- cifs: helper function to check replayable error codes (bsc#1231432).\n- cifs: new mount option called retrans (bsc#1231432).\n- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).\n- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).\n- cifs: update desired access while requesting for directory lease (git-fixes).\n- cifs: update the same create_guid on replay (git-fixes).\n- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).\n- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).\n- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).\n- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).\n- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).\n- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).\n- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- config: Set gcc version (jsc#PED-12251).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- counter: fix privdata alignment (git-fixes).\n- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).\n- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).\n- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)\n- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).\n- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)\n- cpufreq/cppc: Move and rename (bsc#1237856)\n- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)\n- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)\n- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)\n Keep the feature disabled by default on x86_64\n- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)\n- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)\n- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).\n- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).\n- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).\n- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).\n- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).\n- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).\n- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).\n- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).\n- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).\n- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).\n- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).\n- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).\n- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).\n- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init()\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \"Invalide\" -\u003e \"Invalid\" (jsc#PED-12416).\n- crypto: qat - Fix typo \"accelaration\" (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \"Full Going True\" macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- cxgb4: Avoid removal of uninserted tid (git-fixes).\n- cxgb4: use port number to set mac addr (git-fixes).\n- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).\n- dlm: fix srcu_read_lock() return type to int (git-fixes).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).\n- dm: Fix typo in error message (git-fixes).\n- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).\n- doc/README.SUSE: Point to the updated version of LKMPG\n- doc: update managed_irq documentation (bsc#1236897).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).\n- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).\n- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Fix HPD after gpu reset (stable-fixes).\n- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).\n- drm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params (git-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/pm/smu11: Prevent division by zero (git-fixes).\n- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).\n- drm/amd/pm: Prevent division by zero (git-fixes).\n- drm/amd: Keep display off while going into S4 (stable-fixes).\n- drm/amdgpu/dma_buf: fix page_link check (git-fixes).\n- drm/amdgpu/gfx11: fix num_mec (git-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to\n avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).\n- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).\n- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).\n- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/amdkfd: only flush the validate MES contex (stable-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \"gettin\" -\u003e \"getting\" (git-fixes).\n- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).\n- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).\n- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).\n- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).\n- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).\n- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).\n- drm/i915/selftests: avoid using uninitialized context (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).\n- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).\n- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).\n- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)\n- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).\n- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).\n- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).\n- drm/msm: Avoid rounding up to one jiffy (git-fixes).\n- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).\n- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).\n- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).\n- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).\n- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/sched: Fix preprocessor guard (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/sti: remove duplicate object names (git-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/virtio: New fence for every plane update (stable-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).\n- efi: libstub: Use \u0027-std=gnu11\u0027 to fix build with GCC 15 (stable-fixes).\n- eth: gve: use appropriate helper to set xdp_features (git-fixes).\n- exfat: convert to ctime accessor functions (git-fixes).\n- exfat: do not zero the extended part (bsc#1237356).\n- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).\n- exfat: fix file being changed by unaligned direct write (git-fixes).\n- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).\n- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).\n- exfat: fix zero the unwritten part for dio read (git-fixes).\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).\n- firmware: cs_dsp: Remove async regmap writes (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- futex: Do not include process MM in futex key on no-MMU (git-fixes).\n- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).\n- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).\n- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).\n- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).\n- gpio: pca953x: Improve interrupt support (git-fixes).\n- gpio: rcar: Fix missing of_node_put() call (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).\n- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).\n- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).\n- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).\n- gup: make the stack expansion warning a bit more targeted (bsc#1238214).\n- hfs: Sanity check the root record (git-fixes).\n- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).\n- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).\n- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).\n- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).\n- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).\n- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: ls2x: Fix frequency division register access (git-fixes).\n- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- iavf: allow changing VLAN state without calling PF (git-fixes).\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).\n- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).\n- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).\n- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).\n- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).\n- ice: fix max values for dpll pin phase adjust (git-fixes).\n- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).\n- ice: gather page_count()\u0027s of each frag right before XDP prog call (git-fixes).\n- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).\n- ice: put Rx buffers after being done with current frame (git-fixes).\n- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).\n- ice: use internal pf id instead of function number (git-fixes).\n- idpf: add read memory barrier when checking descriptor done bit (git-fixes).\n- idpf: call set_real_num_queues in idpf_open (bsc#1236661).\n- idpf: convert workqueues to unbound (git-fixes).\n- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).\n- idpf: fix handling rsc packet with a single segment (git-fixes).\n- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).\n- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).\n- igc: return early when failing to read EECD register (git-fixes).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).\n- iio: dac: ad3552r: clear reset status flag (git-fixes).\n- iio: filter: admv8818: Force initialization of SDO (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- init: add initramfs_internal.h (bsc#1232848).\n- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kabi: fix bus type (bsc#1236896).\n- kabi: fix group_cpus_evenly (bsc#1236897).\n- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).\n- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).\n- kernel-binary: Support livepatch_rt with merged RT branch\n- kernel-source: Also replace bin/env\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).\n- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).\n- l2tp: fix lockdep splat (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).\n- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).\n- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).\n- lib: stackinit: hide never-taken branch from compiler (stable-fixes).\n- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__default_new() to\n perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698\n jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).\n- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).\n- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).\n- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).\n- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).\n- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).\n- md/md-bitmap: add \u0027sync_size\u0027 into struct md_bitmap_stats (git-fixes).\n- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).\n- md/md-cluster: fix spares warnings for __le64 (git-fixes).\n- md/raid0: do not free conf on raid0_run failure (git-fixes).\n- md/raid1: do not free conf on raid0_run failure (git-fixes).\n- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).\n- md: Do not flush sync_work in md_write_start() (git-fixes).\n- md: convert comma to semicolon (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).\n- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).\n- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: ov08x40: Fix hblank out of range issue (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).\n- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).\n- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- memblock tests: fix warning: \"__ALIGN_KERNEL\" redefined (git-fixes).\n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).\n- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).\n- mptcp: export local_address (git-fixes)\n- mptcp: fix NL PM announced address accounting (git-fixes)\n- mptcp: fix data races on local_id (git-fixes)\n- mptcp: fix inconsistent state on fastopen race (bsc#1222672).\n- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)\n- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)\n- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)\n- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)\n- mptcp: pm: deny endp with signal + subflow + port (git-fixes)\n- mptcp: pm: do not ignore \u0027subflow\u0027 if \u0027signal\u0027 flag is also set (git-fixes)\n- mptcp: pm: do not try to create sf if alloc failed (git-fixes)\n- mptcp: pm: fullmesh: select the right ID later (git-fixes)\n- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)\n- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)\n- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)\n- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)\n- mptcp: pm: re-using ID of unused removed subflows (git-fixes)\n- mptcp: pm: reduce indentation blocks (git-fixes)\n- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)\n- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)\n- mptcp: unify pm get_local_id interfaces (git-fixes)\n- mptcp: unify pm set_flags interfaces (git-fixes)\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: rawnand: Add status chack in r852_ready() (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).\n- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).\n- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).\n- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).\n- nbd: Fix signal handling (git-fixes).\n- nbd: Improve the documentation of the locking assumptions (git-fixes).\n- nbd: do not allow reconnect after disconnect (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- net l2tp: drop flow hash on forward (git-fixes).\n- net/mlx5: Correct TASR typo into TSAR (git-fixes).\n- net/mlx5: Fix RDMA TX steering prio (git-fixes).\n- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).\n- net/mlx5: SF, Fix add port error handling (git-fixes).\n- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).\n- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).\n- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).\n- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).\n- net: Fix undefined behavior in netdev name allocation (bsc#1233749).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: avoid UAF on deleted altname (bsc#1233749).\n- net: check for altname conflicts when changing netdev\u0027s netns (bsc#1233749).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).\n- net: do not send a MOVE event when netdev changes netns (bsc#1233749).\n- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).\n- net: fix ifname in netlink ntf during netns move (bsc#1233749).\n- net: fix removing a namespace with conflicting altnames (bsc#1233749).\n- net: free altname using an RCU callback (bsc#1233749).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: Cleanup \"mana\" debugfs dir after cleanup of all children (bsc#1236760).\n- net: mana: Enable debugfs files for MANA device (bsc#1236758).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: move altnames together with the netdevice (bsc#1233749).\n- net: netvsc: Update default VMBus channels (bsc#1236757).\n- net: reduce indentation of __dev_alloc_name() (bsc#1233749).\n- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).\n- net: remove else after return in dev_prep_valid_name() (bsc#1233749).\n- net: rose: lock the socket in rose_bind() (git-fixes).\n- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).\n- net: smc: fix spurious error message from __sock_release() (bsc#1237126).\n- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).\n- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).\n- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).\n- nfsd: clear acl_access/acl_default after releasing them (git-fixes).\n- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).\n- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).\n- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).\n- ntb: intel: Fix using link status DB\u0027s (git-fixes).\n- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).\n- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).\n- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).\n- ntb_perf: Fix printk format (git-fixes).\n- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).\n- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).\n- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).\n- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).\n- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).\n- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).\n- null_blk: fix validation of block size (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).\n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-fc: use ctrl state getter (git-fixes).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).\n- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme/ioctl: add missing space in err message (git-fixes).\n- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: make nvme_tls_attrs_group static (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- nvme: tcp: Fix compilation warning with W=1 (git-fixes).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet: Fix crash when a namespace is disabled (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).\n- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).\n- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- orangefs: fix a oob in orangefs_debug_write (git-fixes).\n- padata: Clean up in padata_do_multithreaded() (bsc#1237563).\n- padata: Honor the caller\u0027s alignment in case of chunk_size 0 (bsc#1237563).\n- padata: fix sysfs store callback check (git-fixes).\n- partitions: ldm: remove the initial kernel-doc notation (git-fixes).\n- partitions: mac: fix handling of bogus partition table (git-fixes).\n- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- perf tools: annotate asm_pure_loop.S (bsc#1239906).\n- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).\n- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).\n- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).\n- phy: tegra: xusb: reset VBUS \u0026 ID OVERRIDE (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).\n- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).\n- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).\n- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- platform/x86: ISST: Correct command storage data length (git-fixes).\n- platform/x86: ISST: Ignore minor version change (bsc#1237452).\n- platform/x86: acer-wmi: Ignore AC events (stable-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: int3472: Check for adev == NULL (stable-fixes).\n- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).\n- power: supply: da9150-fg: fix potential overflow (git-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).\n- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).\n- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).\n- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).\n- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).\n- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).\n- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).\n- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid\n mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932).\n- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).\n- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).\n- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).\n- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).\n- rapidio: fix an API misues when rio_add_net() fails (git-fixes).\n- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).\n- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).\n- rbd: do not move requests to the running list on errors (git-fixes).\n- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).\n- regmap-irq: Add missing kfree() (git-fixes).\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)\n- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).\n- s390/cio: Fix CHPID \"configure\" attribute caching (git-fixes bsc#1240979).\n- s390/cio: rename bitmap_size() -\u003e idset_bitmap_size() (git-fixes bsc#1236205).\n- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).\n- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).\n- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).\n- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).\n- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).\n- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).\n- s390/pci: Ignore RID for isolated VFs (bsc#1236752).\n- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).\n- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).\n- s390/pci: Use topology ID for multi-function devices (bsc#1236752).\n- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/topology: Improve topology detection (bsc#1236591).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).\n- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).\n- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)\n- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).\n- scsi: core: Clear driver private data when retrying request (git-fixes).\n- scsi: core: Do not retry I/Os during depopulation (git-fixes).\n- scsi: core: Handle depopulation and restoration in progress (git-fixes).\n- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).\n- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).\n- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).\n- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).\n- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).\n- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).\n- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).\n- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).\n- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).\n- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).\n- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).\n- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).\n- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).\n- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).\n- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).\n- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).\n- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).\n- scsi: myrb: Remove dead code (git-fixes).\n- scsi: qedi: Fix potential deadlock on \u0026qedi_percpu-\u003ep_work_lock (git-fixes).\n- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).\n- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).\n- scsi: sg: Enable runtime power management (git-fixes).\n- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).\n- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).\n- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).\n- scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).\n- selftest: hugetlb_dio: fix test naming (git-fixes).\n- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).\n- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).\n- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).\n- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).\n- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).\n- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).\n- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).\n- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).\n- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: connect: -f: no reconnect (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).\n- selinux: Implement mptcp_add_subflow hook (bsc#1240375).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- serial: 8250: Fix fifo underflow on flush (git-fixes).\n- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).\n- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).\n- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).\n- smb3: fix creating FIFOs when mounting with \"sfu\" mount option (git-fixes).\n- smb3: request handle caching when caching directories (bsc#1231432).\n- smb3: retrying on failed server close (bsc#1231432).\n- smb: cached directories can be more than root file handle (bsc#1231432).\n- smb: cilent: set reparse mount points as automounts (git-fixes).\n- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).\n- smb: client: Fix minor whitespace errors and warnings (git-fixes).\n- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).\n- smb: client: add support for WSL reparse points (git-fixes).\n- smb: client: allow creating special files via reparse points (git-fixes).\n- smb: client: allow creating symlinks via reparse points (git-fixes).\n- smb: client: cleanup smb2_query_reparse_point() (git-fixes).\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- smb: client: do not query reparse points twice on symlinks (git-fixes).\n- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).\n- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).\n- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).\n- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).\n- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).\n- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).\n- smb: client: fix hardlinking of reparse points (git-fixes).\n- smb: client: fix missing mode bits for SMB symlinks (git-fixes).\n- smb: client: fix open_cached_dir retries with \u0027hard\u0027 mount option (bsc#1240616).\n- smb: client: fix possible double free in smb2_set_ea() (git-fixes).\n- smb: client: fix potential broken compound request (git-fixes).\n- smb: client: fix renaming of reparse points (git-fixes).\n- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).\n- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).\n- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).\n- smb: client: handle path separator of created SMB symlinks (git-fixes).\n- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).\n- smb: client: ignore unhandled reparse tags (git-fixes).\n- smb: client: implement -\u003equery_reparse_point() for SMB1 (git-fixes).\n- smb: client: instantiate when creating SFU files (git-fixes).\n- smb: client: introduce -\u003eparse_reparse_point() (git-fixes).\n- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).\n- smb: client: introduce cifs_sfu_make_node() (git-fixes).\n- smb: client: introduce reparse mount option (git-fixes).\n- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).\n- smb: client: move most of reparse point handling code to common file (git-fixes).\n- smb: client: move some params to cifs_open_info_data (bsc#1231432).\n- smb: client: optimise reparse point querying (git-fixes).\n- smb: client: parse owner/group when creating reparse points (git-fixes).\n- smb: client: parse reparse point flag in create response (bsc#1231432).\n- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).\n- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).\n- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).\n- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).\n- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).\n- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).\n- smb: client: retry compound request without reusing lease (git-fixes).\n- smb: client: return reparse type in /proc/mounts (git-fixes).\n- smb: client: reuse file lease key in compound operations (git-fixes).\n- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).\n- smb: client: set correct file type from NFS reparse points (git-fixes).\n- smb: client: stop revalidating reparse points unnecessarily (git-fixes).\n- smb: use kernel_connect() and kernel_bind() (git-fixes).\n- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).\n- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).\n- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).\n- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- spi: sn-f-ospi: Fix division by zero (git-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).\n- sunrpc: suppress warnings for unused procfs functions (git-fixes).\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: Update window clamping condition (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).\n- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).\n- tools: fix annoying \"mkdir -p ...\" logs when building tools in parallel (git-fixes).\n- tools: move alignment-related macros to new \u0026lt;linux/align.h\u003e (git-fixes).\n- topology: Set capacity_freq_ref in all cases (bsc#1238052)\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- tpm: tis: Double the timeout B to 4s (bsc#1235870).\n- tpm_tis: Move CRC check to generic send routine (bsc#1235870).\n- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).\n- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).\n- tty: serial: 8250: Add some more device IDs (stable-fixes).\n- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).\n- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).\n- tty: xilinx_uartps: split sysrq handling (git-fixes).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- ublk: fix error code for unsupported command (git-fixes).\n- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).\n- ublk: move ublk_cancel_dev() out of ub-\u003emutex (git-fixes).\n- ublk: move zone report data out of request pdu (git-fixes).\n- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).\n- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).\n- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).\n- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).\n- usb: chipidea: ci_hdrc_imx: decrement device\u0027s refcount in .remove() and in the error path of .probe() (git-fixes).\n- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).\n- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).\n- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).\n- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).\n- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).\n- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).\n- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).\n- usb: gadget: Fix setting self-powered state on suspend (git-fixes).\n- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).\n- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).\n- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).\n- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).\n- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).\n- usb: hub: lack of clearing xHC resources (git-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).\n- usb: renesas_usbhs: Call clk_put() (git-fixes).\n- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).\n- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).\n- usb: roles: set switch registered flag early on (git-fixes).\n- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).\n- usb: typec: ucsi: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).\n- usb: xhci: correct debug message page size calculation (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).\n- usbnet: ipheth: document scope of NCM implementation (stable-fixes).\n- usbnet:fix NPE during rx_complete (git-fixes).\n- util_macros.h: fix/rework find_closest() macros (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- vfio/pci: Lock external INTx masking ops (bsc#1222803).\n- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).\n- virtio-mem: check if the config changed before fake offlining memory (git-fixes).\n- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).\n- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).\n- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).\n- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- virtio: hookup irq_get_affinity callback (bsc#1236896).\n- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).\n- vsock/virtio: cancel close work in the destructor (git-fixes)\n- vsock: Keep the binding until socket destruction (git-fixes)\n- vsock: reset socket state when de-assigning the transport (git-fixes)\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).\n- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).\n- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).\n- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).\n- wifi: iwlwifi: avoid memory leak (stable-fixes).\n- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).\n- wifi: iwlwifi: limit printed string from FW file (git-fixes).\n- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).\n- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).\n- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).\n- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/asm: Make serialize() always_inline (git-fixes).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).\n- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \"nosmt\" correctly (git-fixes).\n- x86/microcode: Handle \"offline\" CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).\n- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).\n- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).\n- xen/swiotlb: relax alignment requirements (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).\n- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).\n- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n- zram: clear IDLE flag after recompression (git-fixes).\n- zram: clear IDLE flag in mark_idle() (git-fixes).\n- zram: do not mark idle slots that cannot be idle (git-fixes).\n- zram: fix potential UAF of zram table (git-fixes).\n- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).\n- zram: refuse to use zero sized block device as backing device (git-fixes).\n- zram: split memory-tracking and ac-time tracking (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-kernel-14",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20270-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20270-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520270-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20270-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021056.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215211",
"url": "https://bugzilla.suse.com/1215211"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1219367",
"url": "https://bugzilla.suse.com/1219367"
},
{
"category": "self",
"summary": "SUSE Bug 1221651",
"url": "https://bugzilla.suse.com/1221651"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1222672",
"url": "https://bugzilla.suse.com/1222672"
},
{
"category": "self",
"summary": "SUSE Bug 1222803",
"url": "https://bugzilla.suse.com/1222803"
},
{
"category": "self",
"summary": "SUSE Bug 1223047",
"url": "https://bugzilla.suse.com/1223047"
},
{
"category": "self",
"summary": "SUSE Bug 1224013",
"url": "https://bugzilla.suse.com/1224013"
},
{
"category": "self",
"summary": "SUSE Bug 1224049",
"url": "https://bugzilla.suse.com/1224049"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224610",
"url": "https://bugzilla.suse.com/1224610"
},
{
"category": "self",
"summary": "SUSE Bug 1224757",
"url": "https://bugzilla.suse.com/1224757"
},
{
"category": "self",
"summary": "SUSE Bug 1225533",
"url": "https://bugzilla.suse.com/1225533"
},
{
"category": "self",
"summary": "SUSE Bug 1225606",
"url": "https://bugzilla.suse.com/1225606"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1225981",
"url": "https://bugzilla.suse.com/1225981"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1227937",
"url": "https://bugzilla.suse.com/1227937"
},
{
"category": "self",
"summary": "SUSE Bug 1228521",
"url": "https://bugzilla.suse.com/1228521"
},
{
"category": "self",
"summary": "SUSE Bug 1228653",
"url": "https://bugzilla.suse.com/1228653"
},
{
"category": "self",
"summary": "SUSE Bug 1228659",
"url": "https://bugzilla.suse.com/1228659"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1229361",
"url": "https://bugzilla.suse.com/1229361"
},
{
"category": "self",
"summary": "SUSE Bug 1230235",
"url": "https://bugzilla.suse.com/1230235"
},
{
"category": "self",
"summary": "SUSE Bug 1230438",
"url": "https://bugzilla.suse.com/1230438"
},
{
"category": "self",
"summary": "SUSE Bug 1230439",
"url": "https://bugzilla.suse.com/1230439"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230728",
"url": "https://bugzilla.suse.com/1230728"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1230832",
"url": "https://bugzilla.suse.com/1230832"
},
{
"category": "self",
"summary": "SUSE Bug 1231088",
"url": "https://bugzilla.suse.com/1231088"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231432",
"url": "https://bugzilla.suse.com/1231432"
},
{
"category": "self",
"summary": "SUSE Bug 1231910",
"url": "https://bugzilla.suse.com/1231910"
},
{
"category": "self",
"summary": "SUSE Bug 1231912",
"url": "https://bugzilla.suse.com/1231912"
},
{
"category": "self",
"summary": "SUSE Bug 1231920",
"url": "https://bugzilla.suse.com/1231920"
},
{
"category": "self",
"summary": "SUSE Bug 1231949",
"url": "https://bugzilla.suse.com/1231949"
},
{
"category": "self",
"summary": "SUSE Bug 1232159",
"url": "https://bugzilla.suse.com/1232159"
},
{
"category": "self",
"summary": "SUSE Bug 1232198",
"url": "https://bugzilla.suse.com/1232198"
},
{
"category": "self",
"summary": "SUSE Bug 1232201",
"url": "https://bugzilla.suse.com/1232201"
},
{
"category": "self",
"summary": "SUSE Bug 1232299",
"url": "https://bugzilla.suse.com/1232299"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232421",
"url": "https://bugzilla.suse.com/1232421"
},
{
"category": "self",
"summary": "SUSE Bug 1232508",
"url": "https://bugzilla.suse.com/1232508"
},
{
"category": "self",
"summary": "SUSE Bug 1232520",
"url": "https://bugzilla.suse.com/1232520"
},
{
"category": "self",
"summary": "SUSE Bug 1232743",
"url": "https://bugzilla.suse.com/1232743"
},
{
"category": "self",
"summary": "SUSE Bug 1232812",
"url": "https://bugzilla.suse.com/1232812"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1233028",
"url": "https://bugzilla.suse.com/1233028"
},
{
"category": "self",
"summary": "SUSE Bug 1233033",
"url": "https://bugzilla.suse.com/1233033"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233109",
"url": "https://bugzilla.suse.com/1233109"
},
{
"category": "self",
"summary": "SUSE Bug 1233221",
"url": "https://bugzilla.suse.com/1233221"
},
{
"category": "self",
"summary": "SUSE Bug 1233248",
"url": "https://bugzilla.suse.com/1233248"
},
{
"category": "self",
"summary": "SUSE Bug 1233259",
"url": "https://bugzilla.suse.com/1233259"
},
{
"category": "self",
"summary": "SUSE Bug 1233260",
"url": "https://bugzilla.suse.com/1233260"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233483",
"url": "https://bugzilla.suse.com/1233483"
},
{
"category": "self",
"summary": "SUSE Bug 1233522",
"url": "https://bugzilla.suse.com/1233522"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233749",
"url": "https://bugzilla.suse.com/1233749"
},
{
"category": "self",
"summary": "SUSE Bug 1234070",
"url": "https://bugzilla.suse.com/1234070"
},
{
"category": "self",
"summary": "SUSE Bug 1234074",
"url": "https://bugzilla.suse.com/1234074"
},
{
"category": "self",
"summary": "SUSE Bug 1234157",
"url": "https://bugzilla.suse.com/1234157"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234698",
"url": "https://bugzilla.suse.com/1234698"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234853",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "self",
"summary": "SUSE Bug 1234857",
"url": "https://bugzilla.suse.com/1234857"
},
{
"category": "self",
"summary": "SUSE Bug 1234891",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "self",
"summary": "SUSE Bug 1234894",
"url": "https://bugzilla.suse.com/1234894"
},
{
"category": "self",
"summary": "SUSE Bug 1234895",
"url": "https://bugzilla.suse.com/1234895"
},
{
"category": "self",
"summary": "SUSE Bug 1234896",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1234963",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "self",
"summary": "SUSE Bug 1235054",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "self",
"summary": "SUSE Bug 1235061",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "self",
"summary": "SUSE Bug 1235073",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "self",
"summary": "SUSE Bug 1235244",
"url": "https://bugzilla.suse.com/1235244"
},
{
"category": "self",
"summary": "SUSE Bug 1235435",
"url": "https://bugzilla.suse.com/1235435"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235441",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235485",
"url": "https://bugzilla.suse.com/1235485"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235550",
"url": "https://bugzilla.suse.com/1235550"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235592",
"url": "https://bugzilla.suse.com/1235592"
},
{
"category": "self",
"summary": "SUSE Bug 1235599",
"url": "https://bugzilla.suse.com/1235599"
},
{
"category": "self",
"summary": "SUSE Bug 1235609",
"url": "https://bugzilla.suse.com/1235609"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235698",
"url": "https://bugzilla.suse.com/1235698"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235761",
"url": "https://bugzilla.suse.com/1235761"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235874",
"url": "https://bugzilla.suse.com/1235874"
},
{
"category": "self",
"summary": "SUSE Bug 1235914",
"url": "https://bugzilla.suse.com/1235914"
},
{
"category": "self",
"summary": "SUSE Bug 1235932",
"url": "https://bugzilla.suse.com/1235932"
},
{
"category": "self",
"summary": "SUSE Bug 1235933",
"url": "https://bugzilla.suse.com/1235933"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236099",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236113",
"url": "https://bugzilla.suse.com/1236113"
},
{
"category": "self",
"summary": "SUSE Bug 1236114",
"url": "https://bugzilla.suse.com/1236114"
},
{
"category": "self",
"summary": "SUSE Bug 1236115",
"url": "https://bugzilla.suse.com/1236115"
},
{
"category": "self",
"summary": "SUSE Bug 1236122",
"url": "https://bugzilla.suse.com/1236122"
},
{
"category": "self",
"summary": "SUSE Bug 1236123",
"url": "https://bugzilla.suse.com/1236123"
},
{
"category": "self",
"summary": "SUSE Bug 1236133",
"url": "https://bugzilla.suse.com/1236133"
},
{
"category": "self",
"summary": "SUSE Bug 1236138",
"url": "https://bugzilla.suse.com/1236138"
},
{
"category": "self",
"summary": "SUSE Bug 1236199",
"url": "https://bugzilla.suse.com/1236199"
},
{
"category": "self",
"summary": "SUSE Bug 1236200",
"url": "https://bugzilla.suse.com/1236200"
},
{
"category": "self",
"summary": "SUSE Bug 1236203",
"url": "https://bugzilla.suse.com/1236203"
},
{
"category": "self",
"summary": "SUSE Bug 1236205",
"url": "https://bugzilla.suse.com/1236205"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236573",
"url": "https://bugzilla.suse.com/1236573"
},
{
"category": "self",
"summary": "SUSE Bug 1236575",
"url": "https://bugzilla.suse.com/1236575"
},
{
"category": "self",
"summary": "SUSE Bug 1236576",
"url": "https://bugzilla.suse.com/1236576"
},
{
"category": "self",
"summary": "SUSE Bug 1236591",
"url": "https://bugzilla.suse.com/1236591"
},
{
"category": "self",
"summary": "SUSE Bug 1236661",
"url": "https://bugzilla.suse.com/1236661"
},
{
"category": "self",
"summary": "SUSE Bug 1236677",
"url": "https://bugzilla.suse.com/1236677"
},
{
"category": "self",
"summary": "SUSE Bug 1236680",
"url": "https://bugzilla.suse.com/1236680"
},
{
"category": "self",
"summary": "SUSE Bug 1236681",
"url": "https://bugzilla.suse.com/1236681"
},
{
"category": "self",
"summary": "SUSE Bug 1236682",
"url": "https://bugzilla.suse.com/1236682"
},
{
"category": "self",
"summary": "SUSE Bug 1236683",
"url": "https://bugzilla.suse.com/1236683"
},
{
"category": "self",
"summary": "SUSE Bug 1236684",
"url": "https://bugzilla.suse.com/1236684"
},
{
"category": "self",
"summary": "SUSE Bug 1236685",
"url": "https://bugzilla.suse.com/1236685"
},
{
"category": "self",
"summary": "SUSE Bug 1236689",
"url": "https://bugzilla.suse.com/1236689"
},
{
"category": "self",
"summary": "SUSE Bug 1236692",
"url": "https://bugzilla.suse.com/1236692"
},
{
"category": "self",
"summary": "SUSE Bug 1236694",
"url": "https://bugzilla.suse.com/1236694"
},
{
"category": "self",
"summary": "SUSE Bug 1236698",
"url": "https://bugzilla.suse.com/1236698"
},
{
"category": "self",
"summary": "SUSE Bug 1236700",
"url": "https://bugzilla.suse.com/1236700"
},
{
"category": "self",
"summary": "SUSE Bug 1236702",
"url": "https://bugzilla.suse.com/1236702"
},
{
"category": "self",
"summary": "SUSE Bug 1236752",
"url": "https://bugzilla.suse.com/1236752"
},
{
"category": "self",
"summary": "SUSE Bug 1236757",
"url": "https://bugzilla.suse.com/1236757"
},
{
"category": "self",
"summary": "SUSE Bug 1236758",
"url": "https://bugzilla.suse.com/1236758"
},
{
"category": "self",
"summary": "SUSE Bug 1236759",
"url": "https://bugzilla.suse.com/1236759"
},
{
"category": "self",
"summary": "SUSE Bug 1236760",
"url": "https://bugzilla.suse.com/1236760"
},
{
"category": "self",
"summary": "SUSE Bug 1236761",
"url": "https://bugzilla.suse.com/1236761"
},
{
"category": "self",
"summary": "SUSE Bug 1236821",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "self",
"summary": "SUSE Bug 1236822",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "self",
"summary": "SUSE Bug 1236896",
"url": "https://bugzilla.suse.com/1236896"
},
{
"category": "self",
"summary": "SUSE Bug 1236897",
"url": "https://bugzilla.suse.com/1236897"
},
{
"category": "self",
"summary": "SUSE Bug 1236952",
"url": "https://bugzilla.suse.com/1236952"
},
{
"category": "self",
"summary": "SUSE Bug 1236967",
"url": "https://bugzilla.suse.com/1236967"
},
{
"category": "self",
"summary": "SUSE Bug 1236994",
"url": "https://bugzilla.suse.com/1236994"
},
{
"category": "self",
"summary": "SUSE Bug 1237007",
"url": "https://bugzilla.suse.com/1237007"
},
{
"category": "self",
"summary": "SUSE Bug 1237017",
"url": "https://bugzilla.suse.com/1237017"
},
{
"category": "self",
"summary": "SUSE Bug 1237025",
"url": "https://bugzilla.suse.com/1237025"
},
{
"category": "self",
"summary": "SUSE Bug 1237028",
"url": "https://bugzilla.suse.com/1237028"
},
{
"category": "self",
"summary": "SUSE Bug 1237029",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "self",
"summary": "SUSE Bug 1237045",
"url": "https://bugzilla.suse.com/1237045"
},
{
"category": "self",
"summary": "SUSE Bug 1237126",
"url": "https://bugzilla.suse.com/1237126"
},
{
"category": "self",
"summary": "SUSE Bug 1237132",
"url": "https://bugzilla.suse.com/1237132"
},
{
"category": "self",
"summary": "SUSE Bug 1237139",
"url": "https://bugzilla.suse.com/1237139"
},
{
"category": "self",
"summary": "SUSE Bug 1237155",
"url": "https://bugzilla.suse.com/1237155"
},
{
"category": "self",
"summary": "SUSE Bug 1237158",
"url": "https://bugzilla.suse.com/1237158"
},
{
"category": "self",
"summary": "SUSE Bug 1237159",
"url": "https://bugzilla.suse.com/1237159"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237232",
"url": "https://bugzilla.suse.com/1237232"
},
{
"category": "self",
"summary": "SUSE Bug 1237234",
"url": "https://bugzilla.suse.com/1237234"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237325",
"url": "https://bugzilla.suse.com/1237325"
},
{
"category": "self",
"summary": "SUSE Bug 1237356",
"url": "https://bugzilla.suse.com/1237356"
},
{
"category": "self",
"summary": "SUSE Bug 1237415",
"url": "https://bugzilla.suse.com/1237415"
},
{
"category": "self",
"summary": "SUSE Bug 1237452",
"url": "https://bugzilla.suse.com/1237452"
},
{
"category": "self",
"summary": "SUSE Bug 1237504",
"url": "https://bugzilla.suse.com/1237504"
},
{
"category": "self",
"summary": "SUSE Bug 1237521",
"url": "https://bugzilla.suse.com/1237521"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237558",
"url": "https://bugzilla.suse.com/1237558"
},
{
"category": "self",
"summary": "SUSE Bug 1237562",
"url": "https://bugzilla.suse.com/1237562"
},
{
"category": "self",
"summary": "SUSE Bug 1237563",
"url": "https://bugzilla.suse.com/1237563"
},
{
"category": "self",
"summary": "SUSE Bug 1237565",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "self",
"summary": "SUSE Bug 1237571",
"url": "https://bugzilla.suse.com/1237571"
},
{
"category": "self",
"summary": "SUSE Bug 1237848",
"url": "https://bugzilla.suse.com/1237848"
},
{
"category": "self",
"summary": "SUSE Bug 1237849",
"url": "https://bugzilla.suse.com/1237849"
},
{
"category": "self",
"summary": "SUSE Bug 1237853",
"url": "https://bugzilla.suse.com/1237853"
},
{
"category": "self",
"summary": "SUSE Bug 1237856",
"url": "https://bugzilla.suse.com/1237856"
},
{
"category": "self",
"summary": "SUSE Bug 1237873",
"url": "https://bugzilla.suse.com/1237873"
},
{
"category": "self",
"summary": "SUSE Bug 1237874",
"url": "https://bugzilla.suse.com/1237874"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237876",
"url": "https://bugzilla.suse.com/1237876"
},
{
"category": "self",
"summary": "SUSE Bug 1237877",
"url": "https://bugzilla.suse.com/1237877"
},
{
"category": "self",
"summary": "SUSE Bug 1237879",
"url": "https://bugzilla.suse.com/1237879"
},
{
"category": "self",
"summary": "SUSE Bug 1237881",
"url": "https://bugzilla.suse.com/1237881"
},
{
"category": "self",
"summary": "SUSE Bug 1237882",
"url": "https://bugzilla.suse.com/1237882"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237889",
"url": "https://bugzilla.suse.com/1237889"
},
{
"category": "self",
"summary": "SUSE Bug 1237890",
"url": "https://bugzilla.suse.com/1237890"
},
{
"category": "self",
"summary": "SUSE Bug 1237891",
"url": "https://bugzilla.suse.com/1237891"
},
{
"category": "self",
"summary": "SUSE Bug 1237894",
"url": "https://bugzilla.suse.com/1237894"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237900",
"url": "https://bugzilla.suse.com/1237900"
},
{
"category": "self",
"summary": "SUSE Bug 1237901",
"url": "https://bugzilla.suse.com/1237901"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1237907",
"url": "https://bugzilla.suse.com/1237907"
},
{
"category": "self",
"summary": "SUSE Bug 1237911",
"url": "https://bugzilla.suse.com/1237911"
},
{
"category": "self",
"summary": "SUSE Bug 1237912",
"url": "https://bugzilla.suse.com/1237912"
},
{
"category": "self",
"summary": "SUSE Bug 1237950",
"url": "https://bugzilla.suse.com/1237950"
},
{
"category": "self",
"summary": "SUSE Bug 1238052",
"url": "https://bugzilla.suse.com/1238052"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238214",
"url": "https://bugzilla.suse.com/1238214"
},
{
"category": "self",
"summary": "SUSE Bug 1238303",
"url": "https://bugzilla.suse.com/1238303"
},
{
"category": "self",
"summary": "SUSE Bug 1238347",
"url": "https://bugzilla.suse.com/1238347"
},
{
"category": "self",
"summary": "SUSE Bug 1238368",
"url": "https://bugzilla.suse.com/1238368"
},
{
"category": "self",
"summary": "SUSE Bug 1238474",
"url": "https://bugzilla.suse.com/1238474"
},
{
"category": "self",
"summary": "SUSE Bug 1238475",
"url": "https://bugzilla.suse.com/1238475"
},
{
"category": "self",
"summary": "SUSE Bug 1238479",
"url": "https://bugzilla.suse.com/1238479"
},
{
"category": "self",
"summary": "SUSE Bug 1238494",
"url": "https://bugzilla.suse.com/1238494"
},
{
"category": "self",
"summary": "SUSE Bug 1238496",
"url": "https://bugzilla.suse.com/1238496"
},
{
"category": "self",
"summary": "SUSE Bug 1238497",
"url": "https://bugzilla.suse.com/1238497"
},
{
"category": "self",
"summary": "SUSE Bug 1238500",
"url": "https://bugzilla.suse.com/1238500"
},
{
"category": "self",
"summary": "SUSE Bug 1238501",
"url": "https://bugzilla.suse.com/1238501"
},
{
"category": "self",
"summary": "SUSE Bug 1238502",
"url": "https://bugzilla.suse.com/1238502"
},
{
"category": "self",
"summary": "SUSE Bug 1238503",
"url": "https://bugzilla.suse.com/1238503"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238507",
"url": "https://bugzilla.suse.com/1238507"
},
{
"category": "self",
"summary": "SUSE Bug 1238509",
"url": "https://bugzilla.suse.com/1238509"
},
{
"category": "self",
"summary": "SUSE Bug 1238510",
"url": "https://bugzilla.suse.com/1238510"
},
{
"category": "self",
"summary": "SUSE Bug 1238511",
"url": "https://bugzilla.suse.com/1238511"
},
{
"category": "self",
"summary": "SUSE Bug 1238512",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "self",
"summary": "SUSE Bug 1238521",
"url": "https://bugzilla.suse.com/1238521"
},
{
"category": "self",
"summary": "SUSE Bug 1238523",
"url": "https://bugzilla.suse.com/1238523"
},
{
"category": "self",
"summary": "SUSE Bug 1238525",
"url": "https://bugzilla.suse.com/1238525"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238529",
"url": "https://bugzilla.suse.com/1238529"
},
{
"category": "self",
"summary": "SUSE Bug 1238531",
"url": "https://bugzilla.suse.com/1238531"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238565",
"url": "https://bugzilla.suse.com/1238565"
},
{
"category": "self",
"summary": "SUSE Bug 1238570",
"url": "https://bugzilla.suse.com/1238570"
},
{
"category": "self",
"summary": "SUSE Bug 1238715",
"url": "https://bugzilla.suse.com/1238715"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238734",
"url": "https://bugzilla.suse.com/1238734"
},
{
"category": "self",
"summary": "SUSE Bug 1238735",
"url": "https://bugzilla.suse.com/1238735"
},
{
"category": "self",
"summary": "SUSE Bug 1238736",
"url": "https://bugzilla.suse.com/1238736"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238739",
"url": "https://bugzilla.suse.com/1238739"
},
{
"category": "self",
"summary": "SUSE Bug 1238746",
"url": "https://bugzilla.suse.com/1238746"
},
{
"category": "self",
"summary": "SUSE Bug 1238747",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "self",
"summary": "SUSE Bug 1238751",
"url": "https://bugzilla.suse.com/1238751"
},
{
"category": "self",
"summary": "SUSE Bug 1238753",
"url": "https://bugzilla.suse.com/1238753"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238757",
"url": "https://bugzilla.suse.com/1238757"
},
{
"category": "self",
"summary": "SUSE Bug 1238759",
"url": "https://bugzilla.suse.com/1238759"
},
{
"category": "self",
"summary": "SUSE Bug 1238760",
"url": "https://bugzilla.suse.com/1238760"
},
{
"category": "self",
"summary": "SUSE Bug 1238762",
"url": "https://bugzilla.suse.com/1238762"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238767",
"url": "https://bugzilla.suse.com/1238767"
},
{
"category": "self",
"summary": "SUSE Bug 1238768",
"url": "https://bugzilla.suse.com/1238768"
},
{
"category": "self",
"summary": "SUSE Bug 1238771",
"url": "https://bugzilla.suse.com/1238771"
},
{
"category": "self",
"summary": "SUSE Bug 1238772",
"url": "https://bugzilla.suse.com/1238772"
},
{
"category": "self",
"summary": "SUSE Bug 1238773",
"url": "https://bugzilla.suse.com/1238773"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238781",
"url": "https://bugzilla.suse.com/1238781"
},
{
"category": "self",
"summary": "SUSE Bug 1238785",
"url": "https://bugzilla.suse.com/1238785"
},
{
"category": "self",
"summary": "SUSE Bug 1238860",
"url": "https://bugzilla.suse.com/1238860"
},
{
"category": "self",
"summary": "SUSE Bug 1238863",
"url": "https://bugzilla.suse.com/1238863"
},
{
"category": "self",
"summary": "SUSE Bug 1238864",
"url": "https://bugzilla.suse.com/1238864"
},
{
"category": "self",
"summary": "SUSE Bug 1238865",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1238877",
"url": "https://bugzilla.suse.com/1238877"
},
{
"category": "self",
"summary": "SUSE Bug 1238903",
"url": "https://bugzilla.suse.com/1238903"
},
{
"category": "self",
"summary": "SUSE Bug 1238904",
"url": "https://bugzilla.suse.com/1238904"
},
{
"category": "self",
"summary": "SUSE Bug 1238905",
"url": "https://bugzilla.suse.com/1238905"
},
{
"category": "self",
"summary": "SUSE Bug 1238909",
"url": "https://bugzilla.suse.com/1238909"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238917",
"url": "https://bugzilla.suse.com/1238917"
},
{
"category": "self",
"summary": "SUSE Bug 1238958",
"url": "https://bugzilla.suse.com/1238958"
},
{
"category": "self",
"summary": "SUSE Bug 1238959",
"url": "https://bugzilla.suse.com/1238959"
},
{
"category": "self",
"summary": "SUSE Bug 1238963",
"url": "https://bugzilla.suse.com/1238963"
},
{
"category": "self",
"summary": "SUSE Bug 1238964",
"url": "https://bugzilla.suse.com/1238964"
},
{
"category": "self",
"summary": "SUSE Bug 1238969",
"url": "https://bugzilla.suse.com/1238969"
},
{
"category": "self",
"summary": "SUSE Bug 1238970",
"url": "https://bugzilla.suse.com/1238970"
},
{
"category": "self",
"summary": "SUSE Bug 1238971",
"url": "https://bugzilla.suse.com/1238971"
},
{
"category": "self",
"summary": "SUSE Bug 1238973",
"url": "https://bugzilla.suse.com/1238973"
},
{
"category": "self",
"summary": "SUSE Bug 1238975",
"url": "https://bugzilla.suse.com/1238975"
},
{
"category": "self",
"summary": "SUSE Bug 1238978",
"url": "https://bugzilla.suse.com/1238978"
},
{
"category": "self",
"summary": "SUSE Bug 1238979",
"url": "https://bugzilla.suse.com/1238979"
},
{
"category": "self",
"summary": "SUSE Bug 1238981",
"url": "https://bugzilla.suse.com/1238981"
},
{
"category": "self",
"summary": "SUSE Bug 1238984",
"url": "https://bugzilla.suse.com/1238984"
},
{
"category": "self",
"summary": "SUSE Bug 1238986",
"url": "https://bugzilla.suse.com/1238986"
},
{
"category": "self",
"summary": "SUSE Bug 1238990",
"url": "https://bugzilla.suse.com/1238990"
},
{
"category": "self",
"summary": "SUSE Bug 1238993",
"url": "https://bugzilla.suse.com/1238993"
},
{
"category": "self",
"summary": "SUSE Bug 1238994",
"url": "https://bugzilla.suse.com/1238994"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239027",
"url": "https://bugzilla.suse.com/1239027"
},
{
"category": "self",
"summary": "SUSE Bug 1239029",
"url": "https://bugzilla.suse.com/1239029"
},
{
"category": "self",
"summary": "SUSE Bug 1239030",
"url": "https://bugzilla.suse.com/1239030"
},
{
"category": "self",
"summary": "SUSE Bug 1239033",
"url": "https://bugzilla.suse.com/1239033"
},
{
"category": "self",
"summary": "SUSE Bug 1239034",
"url": "https://bugzilla.suse.com/1239034"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239037",
"url": "https://bugzilla.suse.com/1239037"
},
{
"category": "self",
"summary": "SUSE Bug 1239038",
"url": "https://bugzilla.suse.com/1239038"
},
{
"category": "self",
"summary": "SUSE Bug 1239039",
"url": "https://bugzilla.suse.com/1239039"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239065",
"url": "https://bugzilla.suse.com/1239065"
},
{
"category": "self",
"summary": "SUSE Bug 1239066",
"url": "https://bugzilla.suse.com/1239066"
},
{
"category": "self",
"summary": "SUSE Bug 1239068",
"url": "https://bugzilla.suse.com/1239068"
},
{
"category": "self",
"summary": "SUSE Bug 1239073",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "self",
"summary": "SUSE Bug 1239076",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "self",
"summary": "SUSE Bug 1239080",
"url": "https://bugzilla.suse.com/1239080"
},
{
"category": "self",
"summary": "SUSE Bug 1239085",
"url": "https://bugzilla.suse.com/1239085"
},
{
"category": "self",
"summary": "SUSE Bug 1239087",
"url": "https://bugzilla.suse.com/1239087"
},
{
"category": "self",
"summary": "SUSE Bug 1239095",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "self",
"summary": "SUSE Bug 1239104",
"url": "https://bugzilla.suse.com/1239104"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239109",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "self",
"summary": "SUSE Bug 1239112",
"url": "https://bugzilla.suse.com/1239112"
},
{
"category": "self",
"summary": "SUSE Bug 1239114",
"url": "https://bugzilla.suse.com/1239114"
},
{
"category": "self",
"summary": "SUSE Bug 1239115",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239167",
"url": "https://bugzilla.suse.com/1239167"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239435",
"url": "https://bugzilla.suse.com/1239435"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239475",
"url": "https://bugzilla.suse.com/1239475"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239615",
"url": "https://bugzilla.suse.com/1239615"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239684",
"url": "https://bugzilla.suse.com/1239684"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239906",
"url": "https://bugzilla.suse.com/1239906"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1240167",
"url": "https://bugzilla.suse.com/1240167"
},
{
"category": "self",
"summary": "SUSE Bug 1240168",
"url": "https://bugzilla.suse.com/1240168"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240171",
"url": "https://bugzilla.suse.com/1240171"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240176",
"url": "https://bugzilla.suse.com/1240176"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240184",
"url": "https://bugzilla.suse.com/1240184"
},
{
"category": "self",
"summary": "SUSE Bug 1240185",
"url": "https://bugzilla.suse.com/1240185"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE Bug 1240375",
"url": "https://bugzilla.suse.com/1240375"
},
{
"category": "self",
"summary": "SUSE Bug 1240575",
"url": "https://bugzilla.suse.com/1240575"
},
{
"category": "self",
"summary": "SUSE Bug 1240581",
"url": "https://bugzilla.suse.com/1240581"
},
{
"category": "self",
"summary": "SUSE Bug 1240582",
"url": "https://bugzilla.suse.com/1240582"
},
{
"category": "self",
"summary": "SUSE Bug 1240583",
"url": "https://bugzilla.suse.com/1240583"
},
{
"category": "self",
"summary": "SUSE Bug 1240584",
"url": "https://bugzilla.suse.com/1240584"
},
{
"category": "self",
"summary": "SUSE Bug 1240585",
"url": "https://bugzilla.suse.com/1240585"
},
{
"category": "self",
"summary": "SUSE Bug 1240587",
"url": "https://bugzilla.suse.com/1240587"
},
{
"category": "self",
"summary": "SUSE Bug 1240590",
"url": "https://bugzilla.suse.com/1240590"
},
{
"category": "self",
"summary": "SUSE Bug 1240591",
"url": "https://bugzilla.suse.com/1240591"
},
{
"category": "self",
"summary": "SUSE Bug 1240592",
"url": "https://bugzilla.suse.com/1240592"
},
{
"category": "self",
"summary": "SUSE Bug 1240594",
"url": "https://bugzilla.suse.com/1240594"
},
{
"category": "self",
"summary": "SUSE Bug 1240595",
"url": "https://bugzilla.suse.com/1240595"
},
{
"category": "self",
"summary": "SUSE Bug 1240596",
"url": "https://bugzilla.suse.com/1240596"
},
{
"category": "self",
"summary": "SUSE Bug 1240600",
"url": "https://bugzilla.suse.com/1240600"
},
{
"category": "self",
"summary": "SUSE Bug 1240612",
"url": "https://bugzilla.suse.com/1240612"
},
{
"category": "self",
"summary": "SUSE Bug 1240616",
"url": "https://bugzilla.suse.com/1240616"
},
{
"category": "self",
"summary": "SUSE Bug 1240639",
"url": "https://bugzilla.suse.com/1240639"
},
{
"category": "self",
"summary": "SUSE Bug 1240643",
"url": "https://bugzilla.suse.com/1240643"
},
{
"category": "self",
"summary": "SUSE Bug 1240647",
"url": "https://bugzilla.suse.com/1240647"
},
{
"category": "self",
"summary": "SUSE Bug 1240691",
"url": "https://bugzilla.suse.com/1240691"
},
{
"category": "self",
"summary": "SUSE Bug 1240700",
"url": "https://bugzilla.suse.com/1240700"
},
{
"category": "self",
"summary": "SUSE Bug 1240701",
"url": "https://bugzilla.suse.com/1240701"
},
{
"category": "self",
"summary": "SUSE Bug 1240703",
"url": "https://bugzilla.suse.com/1240703"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240714",
"url": "https://bugzilla.suse.com/1240714"
},
{
"category": "self",
"summary": "SUSE Bug 1240715",
"url": "https://bugzilla.suse.com/1240715"
},
{
"category": "self",
"summary": "SUSE Bug 1240716",
"url": "https://bugzilla.suse.com/1240716"
},
{
"category": "self",
"summary": "SUSE Bug 1240718",
"url": "https://bugzilla.suse.com/1240718"
},
{
"category": "self",
"summary": "SUSE Bug 1240719",
"url": "https://bugzilla.suse.com/1240719"
},
{
"category": "self",
"summary": "SUSE Bug 1240720",
"url": "https://bugzilla.suse.com/1240720"
},
{
"category": "self",
"summary": "SUSE Bug 1240722",
"url": "https://bugzilla.suse.com/1240722"
},
{
"category": "self",
"summary": "SUSE Bug 1240727",
"url": "https://bugzilla.suse.com/1240727"
},
{
"category": "self",
"summary": "SUSE Bug 1240739",
"url": "https://bugzilla.suse.com/1240739"
},
{
"category": "self",
"summary": "SUSE Bug 1240742",
"url": "https://bugzilla.suse.com/1240742"
},
{
"category": "self",
"summary": "SUSE Bug 1240779",
"url": "https://bugzilla.suse.com/1240779"
},
{
"category": "self",
"summary": "SUSE Bug 1240783",
"url": "https://bugzilla.suse.com/1240783"
},
{
"category": "self",
"summary": "SUSE Bug 1240784",
"url": "https://bugzilla.suse.com/1240784"
},
{
"category": "self",
"summary": "SUSE Bug 1240795",
"url": "https://bugzilla.suse.com/1240795"
},
{
"category": "self",
"summary": "SUSE Bug 1240796",
"url": "https://bugzilla.suse.com/1240796"
},
{
"category": "self",
"summary": "SUSE Bug 1240797",
"url": "https://bugzilla.suse.com/1240797"
},
{
"category": "self",
"summary": "SUSE Bug 1240799",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "self",
"summary": "SUSE Bug 1240801",
"url": "https://bugzilla.suse.com/1240801"
},
{
"category": "self",
"summary": "SUSE Bug 1240806",
"url": "https://bugzilla.suse.com/1240806"
},
{
"category": "self",
"summary": "SUSE Bug 1240808",
"url": "https://bugzilla.suse.com/1240808"
},
{
"category": "self",
"summary": "SUSE Bug 1240812",
"url": "https://bugzilla.suse.com/1240812"
},
{
"category": "self",
"summary": "SUSE Bug 1240813",
"url": "https://bugzilla.suse.com/1240813"
},
{
"category": "self",
"summary": "SUSE Bug 1240815",
"url": "https://bugzilla.suse.com/1240815"
},
{
"category": "self",
"summary": "SUSE Bug 1240816",
"url": "https://bugzilla.suse.com/1240816"
},
{
"category": "self",
"summary": "SUSE Bug 1240819",
"url": "https://bugzilla.suse.com/1240819"
},
{
"category": "self",
"summary": "SUSE Bug 1240821",
"url": "https://bugzilla.suse.com/1240821"
},
{
"category": "self",
"summary": "SUSE Bug 1240825",
"url": "https://bugzilla.suse.com/1240825"
},
{
"category": "self",
"summary": "SUSE Bug 1240829",
"url": "https://bugzilla.suse.com/1240829"
},
{
"category": "self",
"summary": "SUSE Bug 1240873",
"url": "https://bugzilla.suse.com/1240873"
},
{
"category": "self",
"summary": "SUSE Bug 1240937",
"url": "https://bugzilla.suse.com/1240937"
},
{
"category": "self",
"summary": "SUSE Bug 1240938",
"url": "https://bugzilla.suse.com/1240938"
},
{
"category": "self",
"summary": "SUSE Bug 1240940",
"url": "https://bugzilla.suse.com/1240940"
},
{
"category": "self",
"summary": "SUSE Bug 1240942",
"url": "https://bugzilla.suse.com/1240942"
},
{
"category": "self",
"summary": "SUSE Bug 1240943",
"url": "https://bugzilla.suse.com/1240943"
},
{
"category": "self",
"summary": "SUSE Bug 1240978",
"url": "https://bugzilla.suse.com/1240978"
},
{
"category": "self",
"summary": "SUSE Bug 1240979",
"url": "https://bugzilla.suse.com/1240979"
},
{
"category": "self",
"summary": "SUSE Bug 1241038",
"url": "https://bugzilla.suse.com/1241038"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52831 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52924 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52925 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52926 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26708 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26810 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26873 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27415 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45010 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46736 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47701 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50036 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50142 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50185 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50251 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50258 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50294 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50304 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53123 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53124 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53139 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53147 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53173 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53176 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53177 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53178 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53226 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56539 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56548 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56579 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56592 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56647 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56658 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56720 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58071 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58079 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21631 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21636 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21638 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21639 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21640 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21647 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21666 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21666/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21667 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21668 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21669 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21675 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21680 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21681 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21684 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21687 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21688 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21689 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21690 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21692 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21697 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21699 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21700 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21704 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21708 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21715 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21716 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21719 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21724 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21731 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21733 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21736 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21745 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21784 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21802 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21806 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21828 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21863 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21894 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21895 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21908 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21910 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21922 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21924 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21935 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21941 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21950 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21956 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21966 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21971 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21975 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21991 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21993 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22008 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2312/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-04-17T14:30:40Z",
"generator": {
"date": "2025-04-17T14:30:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20270-1",
"initial_release_date": "2025-04-17T14:30:40Z",
"revision_history": [
{
"date": "2025-04-17T14:30:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-28.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-28.1.aarch64",
"product_id": "kernel-default-6.4.0-28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-28.1.21.6.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-28.1.21.6.aarch64",
"product_id": "kernel-default-base-6.4.0-28.1.21.6.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-28.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-28.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-28.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-28.1.noarch",
"product_id": "kernel-devel-6.4.0-28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-28.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-28.1.noarch",
"product_id": "kernel-macros-6.4.0-28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-28.1.noarch",
"product": {
"name": "kernel-source-6.4.0-28.1.noarch",
"product_id": "kernel-source-6.4.0-28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-28.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-28.1.ppc64le",
"product_id": "kernel-default-6.4.0-28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"product_id": "kernel-default-base-6.4.0-28.1.21.6.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-28.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-28.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-28.1.s390x",
"product": {
"name": "kernel-default-6.4.0-28.1.s390x",
"product_id": "kernel-default-6.4.0-28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-28.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-28.1.s390x",
"product_id": "kernel-default-devel-6.4.0-28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-28.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-28.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"product_id": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-28.1.x86_64",
"product_id": "kernel-default-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-28.1.21.6.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-28.1.21.6.x86_64",
"product_id": "kernel-default-base-6.4.0-28.1.21.6.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-28.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-28.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-28.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-28.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-28.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-28.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x"
},
"product_reference": "kernel-default-6.4.0-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-28.1.21.6.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-28.1.21.6.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-28.1.21.6.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-28.1.21.6.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-28.1.21.6.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-28.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-28.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-28.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-28.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
},
"product_reference": "kernel-source-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52831",
"url": "https://www.suse.com/security/cve/CVE-2023-52831"
},
{
"category": "external",
"summary": "SUSE Bug 1225533 for CVE-2023-52831",
"url": "https://bugzilla.suse.com/1225533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t skip expired elements during walk\n\nThere is an asymmetry between commit/abort and preparation phase if the\nfollowing conditions are met:\n\n1. set is a verdict map (\"1.2.3.4 : jump foo\")\n2. timeouts are enabled\n\nIn this case, following sequence is problematic:\n\n1. element E in set S refers to chain C\n2. userspace requests removal of set S\n3. kernel does a set walk to decrement chain-\u003euse count for all elements\n from preparation phase\n4. kernel does another set walk to remove elements from the commit phase\n (or another walk to do a chain-\u003euse increment for all elements from\n abort phase)\n\nIf E has already expired in 1), it will be ignored during list walk, so its use count\nwon\u0027t have been changed.\n\nThen, when set is culled, -\u003edestroy callback will zap the element via\nnf_tables_set_elem_destroy(), but this function is only safe for\nelements that have been deactivated earlier from the preparation phase:\nlack of earlier deactivate removes the element but leaks the chain use\ncount, which results in a WARN splat when the chain gets removed later,\nplus a leak of the nft_chain structure.\n\nUpdate pipapo_get() not to skip expired elements, otherwise flush\ncommand reports bogus ENOENT errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52924",
"url": "https://www.suse.com/security/cve/CVE-2023-52924"
},
{
"category": "external",
"summary": "SUSE Bug 1236821 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "external",
"summary": "SUSE Bug 1244630 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1244630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2023-52924"
},
{
"cve": "CVE-2023-52925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t fail inserts if duplicate has expired\n\nnftables selftests fail:\nrun-tests.sh testcases/sets/0044interval_overlap_0\nExpected: 0-2 . 0-3, got:\nW: [FAILED] ./testcases/sets/0044interval_overlap_0: got 1\n\nInsertion must ignore duplicate but expired entries.\n\nMoreover, there is a strange asymmetry in nft_pipapo_activate:\n\nIt refetches the current element, whereas the other -\u003eactivate callbacks\n(bitmap, hash, rhash, rbtree) use elem-\u003epriv.\nSame for .remove: other set implementations take elem-\u003epriv,\nnft_pipapo_remove fetches elem-\u003epriv, then does a relookup,\nremove this.\n\nI suspect this was the reason for the change that prompted the\nremoval of the expired check in pipapo_get() in the first place,\nbut skipping exired elements there makes no sense to me, this helper\nis used for normal get requests, insertions (duplicate check)\nand deactivate callback.\n\nIn first two cases expired elements must be skipped.\n\nFor -\u003edeactivate(), this gets called for DELSETELEM, so it\nseems to me that expired elements should be skipped as well, i.e.\ndelete request should fail with -ENOENT error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52925",
"url": "https://www.suse.com/security/cve/CVE-2023-52925"
},
{
"category": "external",
"summary": "SUSE Bug 1236822 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "external",
"summary": "SUSE Bug 1246009 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1246009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2023-52925"
},
{
"cve": "CVE-2023-52926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIORING_OP_READ did not correctly consume the provided buffer list when\nread i/o returned \u003c 0 (except for -EAGAIN and -EIOCBQUEUED return).\nThis can lead to a potential use-after-free when the completion via\nio_rw_done runs at separate context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52926",
"url": "https://www.suse.com/security/cve/CVE-2023-52926"
},
{
"category": "external",
"summary": "SUSE Bug 1237565 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "external",
"summary": "SUSE Bug 1237567 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-26634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26634",
"url": "https://www.suse.com/security/cve/CVE-2024-26634"
},
{
"category": "external",
"summary": "SUSE Bug 1221651 for CVE-2024-26634",
"url": "https://bugzilla.suse.com/1221651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: really cope with fastopen race\n\nFastopen and PM-trigger subflow shutdown can race, as reported by\nsyzkaller.\n\nIn my first attempt to close such race, I missed the fact that\nthe subflow status can change again before the subflow_state_change\ncallback is invoked.\n\nAddress the issue additionally copying with all the states directly\nreachable from TCP_FIN_WAIT1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26708",
"url": "https://www.suse.com/security/cve/CVE-2024-26708"
},
{
"category": "external",
"summary": "SUSE Bug 1222672 for CVE-2024-26708",
"url": "https://bugzilla.suse.com/1222672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-26708"
},
{
"cve": "CVE-2024-26810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Lock external INTx masking ops\n\nMask operations through config space changes to DisINTx may race INTx\nconfiguration changes via ioctl. Create wrappers that add locking for\npaths outside of the core interrupt code.\n\nIn particular, irq_type is updated holding igate, therefore testing\nis_intx() requires holding igate. For example clearing DisINTx from\nconfig space can otherwise race changes of the interrupt configuration.\n\nThis aligns interfaces which may trigger the INTx eventfd into two\ncamps, one side serialized by igate and the other only enabled while\nINTx is configured. A subsequent patch introduces synchronization for\nthe latter flows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26810",
"url": "https://www.suse.com/security/cve/CVE-2024-26810"
},
{
"category": "external",
"summary": "SUSE Bug 1222803 for CVE-2024-26810",
"url": "https://bugzilla.suse.com/1222803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-26810"
},
{
"cve": "CVE-2024-26873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix a deadlock issue related to automatic dump\n\nIf we issue a disabling PHY command, the device attached with it will go\noffline, if a 2 bit ECC error occurs at the same time, a hung task may be\nfound:\n\n[ 4613.652388] INFO: task kworker/u256:0:165233 blocked for more than 120 seconds.\n[ 4613.666297] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.674809] task:kworker/u256:0 state:D stack: 0 pid:165233 ppid: 2 flags:0x00000208\n[ 4613.683959] Workqueue: 0000:74:02.0_disco_q sas_revalidate_domain [libsas]\n[ 4613.691518] Call trace:\n[ 4613.694678] __switch_to+0xf8/0x17c\n[ 4613.698872] __schedule+0x660/0xee0\n[ 4613.703063] schedule+0xac/0x240\n[ 4613.706994] schedule_timeout+0x500/0x610\n[ 4613.711705] __down+0x128/0x36c\n[ 4613.715548] down+0x240/0x2d0\n[ 4613.719221] hisi_sas_internal_abort_timeout+0x1bc/0x260 [hisi_sas_main]\n[ 4613.726618] sas_execute_internal_abort+0x144/0x310 [libsas]\n[ 4613.732976] sas_execute_internal_abort_dev+0x44/0x60 [libsas]\n[ 4613.739504] hisi_sas_internal_task_abort_dev.isra.0+0xbc/0x1b0 [hisi_sas_main]\n[ 4613.747499] hisi_sas_dev_gone+0x174/0x250 [hisi_sas_main]\n[ 4613.753682] sas_notify_lldd_dev_gone+0xec/0x2e0 [libsas]\n[ 4613.759781] sas_unregister_common_dev+0x4c/0x7a0 [libsas]\n[ 4613.765962] sas_destruct_devices+0xb8/0x120 [libsas]\n[ 4613.771709] sas_do_revalidate_domain.constprop.0+0x1b8/0x31c [libsas]\n[ 4613.778930] sas_revalidate_domain+0x60/0xa4 [libsas]\n[ 4613.784716] process_one_work+0x248/0x950\n[ 4613.789424] worker_thread+0x318/0x934\n[ 4613.793878] kthread+0x190/0x200\n[ 4613.797810] ret_from_fork+0x10/0x18\n[ 4613.802121] INFO: task kworker/u256:4:316722 blocked for more than 120 seconds.\n[ 4613.816026] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.824538] task:kworker/u256:4 state:D stack: 0 pid:316722 ppid: 2 flags:0x00000208\n[ 4613.833670] Workqueue: 0000:74:02.0 hisi_sas_rst_work_handler [hisi_sas_main]\n[ 4613.841491] Call trace:\n[ 4613.844647] __switch_to+0xf8/0x17c\n[ 4613.848852] __schedule+0x660/0xee0\n[ 4613.853052] schedule+0xac/0x240\n[ 4613.856984] schedule_timeout+0x500/0x610\n[ 4613.861695] __down+0x128/0x36c\n[ 4613.865542] down+0x240/0x2d0\n[ 4613.869216] hisi_sas_controller_prereset+0x58/0x1fc [hisi_sas_main]\n[ 4613.876324] hisi_sas_rst_work_handler+0x40/0x8c [hisi_sas_main]\n[ 4613.883019] process_one_work+0x248/0x950\n[ 4613.887732] worker_thread+0x318/0x934\n[ 4613.892204] kthread+0x190/0x200\n[ 4613.896118] ret_from_fork+0x10/0x18\n[ 4613.900423] INFO: task kworker/u256:1:348985 blocked for more than 121 seconds.\n[ 4613.914341] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.922852] task:kworker/u256:1 state:D stack: 0 pid:348985 ppid: 2 flags:0x00000208\n[ 4613.931984] Workqueue: 0000:74:02.0_event_q sas_port_event_worker [libsas]\n[ 4613.939549] Call trace:\n[ 4613.942702] __switch_to+0xf8/0x17c\n[ 4613.946892] __schedule+0x660/0xee0\n[ 4613.951083] schedule+0xac/0x240\n[ 4613.955015] schedule_timeout+0x500/0x610\n[ 4613.959725] wait_for_common+0x200/0x610\n[ 4613.964349] wait_for_completion+0x3c/0x5c\n[ 4613.969146] flush_workqueue+0x198/0x790\n[ 4613.973776] sas_porte_broadcast_rcvd+0x1e8/0x320 [libsas]\n[ 4613.979960] sas_port_event_worker+0x54/0xa0 [libsas]\n[ 4613.985708] process_one_work+0x248/0x950\n[ 4613.990420] worker_thread+0x318/0x934\n[ 4613.994868] kthread+0x190/0x200\n[ 4613.998800] ret_from_fork+0x10/0x18\n\nThis is because when the device goes offline, we obtain the hisi_hba\nsemaphore and send the ABORT_DEV command to the device. However, the\ninternal abort timed out due to the 2 bit ECC error and triggers automatic\ndump. In addition, since the hisi_hba semaphore has been obtained, the dump\ncannot be executed and the controller cannot be reset.\n\nTherefore, the deadlocks occur on the following circular dependencies\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26873",
"url": "https://www.suse.com/security/cve/CVE-2024-26873"
},
{
"category": "external",
"summary": "SUSE Bug 1223047 for CVE-2024-26873",
"url": "https://bugzilla.suse.com/1223047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-27415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: confirm multicast packets before passing them up the stack\n\nconntrack nf_confirm logic cannot handle cloned skbs referencing\nthe same nf_conn entry, which will happen for multicast (broadcast)\nframes on bridges.\n\n Example:\n macvlan0\n |\n br0\n / \\\n ethX ethY\n\n ethX (or Y) receives a L2 multicast or broadcast packet containing\n an IP packet, flow is not yet in conntrack table.\n\n 1. skb passes through bridge and fake-ip (br_netfilter)Prerouting.\n -\u003e skb-\u003e_nfct now references a unconfirmed entry\n 2. skb is broad/mcast packet. bridge now passes clones out on each bridge\n interface.\n 3. skb gets passed up the stack.\n 4. In macvlan case, macvlan driver retains clone(s) of the mcast skb\n and schedules a work queue to send them out on the lower devices.\n\n The clone skb-\u003e_nfct is not a copy, it is the same entry as the\n original skb. The macvlan rx handler then returns RX_HANDLER_PASS.\n 5. Normal conntrack hooks (in NF_INET_LOCAL_IN) confirm the orig skb.\n\nThe Macvlan broadcast worker and normal confirm path will race.\n\nThis race will not happen if step 2 already confirmed a clone. In that\ncase later steps perform skb_clone() with skb-\u003e_nfct already confirmed (in\nhash table). This works fine.\n\nBut such confirmation won\u0027t happen when eb/ip/nftables rules dropped the\npackets before they reached the nf_confirm step in postrouting.\n\nPablo points out that nf_conntrack_bridge doesn\u0027t allow use of stateful\nnat, so we can safely discard the nf_conn entry and let inet call\nconntrack again.\n\nThis doesn\u0027t work for bridge netfilter: skb could have a nat\ntransformation. Also bridge nf prevents re-invocation of inet prerouting\nvia \u0027sabotage_in\u0027 hook.\n\nWork around this problem by explicit confirmation of the entry at LOCAL_IN\ntime, before upper layer has a chance to clone the unconfirmed entry.\n\nThe downside is that this disables NAT and conntrack helpers.\n\nAlternative fix would be to add locking to all code parts that deal with\nunconfirmed packets, but even if that could be done in a sane way this\nopens up other problems, for example:\n\n-m physdev --physdev-out eth0 -j SNAT --snat-to 1.2.3.4\n-m physdev --physdev-out eth1 -j SNAT --snat-to 1.2.3.5\n\nFor multicast case, only one of such conflicting mappings will be\ncreated, conntrack only handles 1:1 NAT mappings.\n\nUsers should set create a setup that explicitly marks such traffic\nNOTRACK (conntrack bypass) to avoid this, but we cannot auto-bypass\nthem, ruleset might have accept rules for untracked traffic already,\nso user-visible behaviour would change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27415",
"url": "https://www.suse.com/security/cve/CVE-2024-27415"
},
{
"category": "external",
"summary": "SUSE Bug 1224757 for CVE-2024-27415",
"url": "https://bugzilla.suse.com/1224757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-27415"
},
{
"cve": "CVE-2024-35826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix page refcounts for unaligned buffers in __bio_release_pages()\n\nFix an incorrect number of pages being released for buffers that do not\nstart at the beginning of a page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35826",
"url": "https://www.suse.com/security/cve/CVE-2024-35826"
},
{
"category": "external",
"summary": "SUSE Bug 1224610 for CVE-2024-35826",
"url": "https://bugzilla.suse.com/1224610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-40980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: replace spin_lock by raw_spin_lock\n\ntrace_drop_common() is called with preemption disabled, and it acquires\na spin_lock. This is problematic for RT kernels because spin_locks are\nsleeping locks in this configuration, which causes the following splat:\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 449, name: rcuc/47\npreempt_count: 1, expected: 0\nRCU nest depth: 2, expected: 2\n5 locks held by rcuc/47/449:\n #0: ff1100086ec30a60 ((softirq_ctrl.lock)){+.+.}-{2:2}, at: __local_bh_disable_ip+0x105/0x210\n #1: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: rt_spin_lock+0xbf/0x130\n #2: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: __local_bh_disable_ip+0x11c/0x210\n #3: ffffffffb394a160 (rcu_callback){....}-{0:0}, at: rcu_do_batch+0x360/0xc70\n #4: ff1100086ee07520 (\u0026data-\u003elock){+.+.}-{2:2}, at: trace_drop_common.constprop.0+0xb5/0x290\nirq event stamp: 139909\nhardirqs last enabled at (139908): [\u003cffffffffb1df2b33\u003e] _raw_spin_unlock_irqrestore+0x63/0x80\nhardirqs last disabled at (139909): [\u003cffffffffb19bd03d\u003e] trace_drop_common.constprop.0+0x26d/0x290\nsoftirqs last enabled at (139892): [\u003cffffffffb07a1083\u003e] __local_bh_enable_ip+0x103/0x170\nsoftirqs last disabled at (139898): [\u003cffffffffb0909b33\u003e] rcu_cpu_kthread+0x93/0x1f0\nPreemption disabled at:\n[\u003cffffffffb1de786b\u003e] rt_mutex_slowunlock+0xab/0x2e0\nCPU: 47 PID: 449 Comm: rcuc/47 Not tainted 6.9.0-rc2-rt1+ #7\nHardware name: Dell Inc. PowerEdge R650/0Y2G81, BIOS 1.6.5 04/15/2022\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x8c/0xd0\n dump_stack+0x14/0x20\n __might_resched+0x21e/0x2f0\n rt_spin_lock+0x5e/0x130\n ? trace_drop_common.constprop.0+0xb5/0x290\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_drop_common.constprop.0+0xb5/0x290\n ? preempt_count_sub+0x1c/0xd0\n ? _raw_spin_unlock_irqrestore+0x4a/0x80\n ? __pfx_trace_drop_common.constprop.0+0x10/0x10\n ? rt_mutex_slowunlock+0x26a/0x2e0\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_rt_mutex_slowunlock+0x10/0x10\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_kfree_skb_hit+0x15/0x20\n trace_kfree_skb+0xe9/0x150\n kfree_skb_reason+0x7b/0x110\n skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_skb_queue_purge_reason.part.0+0x10/0x10\n ? mark_lock.part.0+0x8a/0x520\n...\n\ntrace_drop_common() also disables interrupts, but this is a minor issue\nbecause we could easily replace it with a local_lock.\n\nReplace the spin_lock with raw_spin_lock to avoid sleeping in atomic\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40980",
"url": "https://www.suse.com/security/cve/CVE-2024-40980"
},
{
"category": "external",
"summary": "SUSE Bug 1227937 for CVE-2024-40980",
"url": "https://bugzilla.suse.com/1227937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-40980"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section-\u003eusage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms-\u003eusage\" to fix a race with section_deactivate() where\nms-\u003eusage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41055",
"url": "https://www.suse.com/security/cve/CVE-2024-41055"
},
{
"category": "external",
"summary": "SUSE Bug 1228521 for CVE-2024-41055",
"url": "https://bugzilla.suse.com/1228521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-41055"
},
{
"cve": "CVE-2024-41077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix validation of block size\n\nBlock size should be between 512 and PAGE_SIZE and be a power of 2. The current\ncheck does not validate this, so update the check.\n\nWithout this patch, null_blk would Oops due to a null pointer deref when\nloaded with bs=1536 [1].\n\n\n[axboe: remove unnecessary braces and != 0 check]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41077",
"url": "https://www.suse.com/security/cve/CVE-2024-41077"
},
{
"category": "external",
"summary": "SUSE Bug 1228653 for CVE-2024-41077",
"url": "https://bugzilla.suse.com/1228653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41149",
"url": "https://www.suse.com/security/cve/CVE-2024-41149"
},
{
"category": "external",
"summary": "SUSE Bug 1235698 for CVE-2024-41149",
"url": "https://bugzilla.suse.com/1235698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n fs/smb/client/cifsfs.c:1981 init_cifs()\n error: we previously assumed \u0027serverclose_wq\u0027 could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42307",
"url": "https://www.suse.com/security/cve/CVE-2024-42307"
},
{
"category": "external",
"summary": "SUSE Bug 1229361 for CVE-2024-42307",
"url": "https://bugzilla.suse.com/1229361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-44974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: avoid possible UaF when selecting endp\n\nselect_local_address() and select_signal_address() both select an\nendpoint entry from the list inside an RCU protected section, but return\na reference to it, to be read later on. If the entry is dereferenced\nafter the RCU unlock, reading info could cause a Use-after-Free.\n\nA simple solution is to copy the required info while inside the RCU\nprotected section to avoid any risk of UaF later. The address ID might\nneed to be modified later to handle the ID0 case later, so a copy seems\nOK to deal with.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44974",
"url": "https://www.suse.com/security/cve/CVE-2024-44974"
},
{
"category": "external",
"summary": "SUSE Bug 1230235 for CVE-2024-44974",
"url": "https://bugzilla.suse.com/1230235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-44974"
},
{
"cve": "CVE-2024-45009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only decrement add_addr_accepted for MPJ req\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk-\u003epm.add_addr_accepted == 0)\n\n... before decrementing the add_addr_accepted counter helped to find a\nbug when running the \"remove single subflow\" subtest from the\nmptcp_join.sh selftest.\n\nRemoving a \u0027subflow\u0027 endpoint will first trigger a RM_ADDR, then the\nsubflow closure. Before this patch, and upon the reception of the\nRM_ADDR, the other peer will then try to decrement this\nadd_addr_accepted. That\u0027s not correct because the attached subflows have\nnot been created upon the reception of an ADD_ADDR.\n\nA way to solve that is to decrement the counter only if the attached\nsubflow was an MP_JOIN to a remote id that was not 0, and initiated by\nthe host receiving the RM_ADDR.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45009",
"url": "https://www.suse.com/security/cve/CVE-2024-45009"
},
{
"category": "external",
"summary": "SUSE Bug 1230438 for CVE-2024-45009",
"url": "https://bugzilla.suse.com/1230438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-45009"
},
{
"cve": "CVE-2024-45010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only mark \u0027subflow\u0027 endp as available\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk-\u003epm.local_addr_used == 0)\n\n... before decrementing the local_addr_used counter helped to find a bug\nwhen running the \"remove single address\" subtest from the mptcp_join.sh\nselftests.\n\nRemoving a \u0027signal\u0027 endpoint will trigger the removal of all subflows\nlinked to this endpoint via mptcp_pm_nl_rm_addr_or_subflow() with\nrm_type == MPTCP_MIB_RMSUBFLOW. This will decrement the local_addr_used\ncounter, which is wrong in this case because this counter is linked to\n\u0027subflow\u0027 endpoints, and here it is a \u0027signal\u0027 endpoint that is being\nremoved.\n\nNow, the counter is decremented, only if the ID is being used outside\nof mptcp_pm_nl_rm_addr_or_subflow(), only for \u0027subflow\u0027 endpoints, and\nif the ID is not 0 -- local_addr_used is not taking into account these\nones. This marking of the ID as being available, and the decrement is\ndone no matter if a subflow using this ID is currently available,\nbecause the subflow could have been closed before.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45010",
"url": "https://www.suse.com/security/cve/CVE-2024-45010"
},
{
"category": "external",
"summary": "SUSE Bug 1230439 for CVE-2024-45010",
"url": "https://bugzilla.suse.com/1230439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-45010"
},
{
"cve": "CVE-2024-46736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46736",
"url": "https://www.suse.com/security/cve/CVE-2024-46736"
},
{
"category": "external",
"summary": "SUSE Bug 1230728 for CVE-2024-46736",
"url": "https://bugzilla.suse.com/1230728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n CIFS: Attempting to mount //w22-fs0/scratch\n run fstests generic/013 at 2024-09-02 19:48:59\n ==================================================================\n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n 04/01/2014\n Workqueue: cifsoplockd cifs_oplock_break [cifs]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? detach_if_pending+0xab/0x200\n print_report+0x156/0x4d9\n ? detach_if_pending+0xab/0x200\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? detach_if_pending+0xab/0x200\n kasan_report+0xda/0x110\n ? detach_if_pending+0xab/0x200\n detach_if_pending+0xab/0x200\n timer_delete+0x96/0xe0\n ? __pfx_timer_delete+0x10/0x10\n ? rcu_is_watching+0x20/0x50\n try_to_grab_pending+0x46/0x3b0\n __cancel_work+0x89/0x1b0\n ? __pfx___cancel_work+0x10/0x10\n ? kasan_save_track+0x14/0x30\n cifs_close_deferred_file+0x110/0x2c0 [cifs]\n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n ? __pfx_down_read+0x10/0x10\n cifs_oplock_break+0x4c1/0xa50 [cifs]\n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n ? lock_is_held_type+0x85/0xf0\n ? mark_held_locks+0x1a/0x90\n process_one_work+0x4c6/0x9f0\n ? find_held_lock+0x8a/0xa0\n ? __pfx_process_one_work+0x10/0x10\n ? lock_acquired+0x220/0x550\n ? __list_add_valid_or_report+0x37/0x100\n worker_thread+0x2e4/0x570\n ? __kthread_parkme+0xd1/0xf0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x17f/0x1c0\n ? kthread+0xda/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 1118:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n cifs_atomic_open+0x467/0x770 [cifs]\n lookup_open.isra.0+0x665/0x8b0\n path_openat+0x4c3/0x1380\n do_filp_open+0x167/0x270\n do_sys_openat2+0x129/0x160\n __x64_sys_creat+0xad/0xe0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 83:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n poison_slab_object+0xe9/0x160\n __kasan_slab_free+0x32/0x50\n kfree+0xf2/0x300\n process_one_work+0x4c6/0x9f0\n worker_thread+0x2e4/0x570\n kthread+0x17f/0x1c0\n ret_from_fork+0x31/0x60\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x30/0x50\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x29/0xe0\n __queue_work+0x5ea/0x760\n queue_work_on+0x6d/0x90\n _cifsFileInfo_put+0x3f6/0x770 [cifs]\n smb2_compound_op+0x911/0x3940 [cifs]\n smb2_set_path_size+0x228/0x270 [cifs]\n cifs_set_file_size+0x197/0x460 [cifs]\n cifs_setattr+0xd9c/0x14b0 [cifs]\n notify_change+0x4e3/0x740\n do_truncate+0xfa/0x180\n vfs_truncate+0x195/0x200\n __x64_sys_truncate+0x109/0x150\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46796",
"url": "https://www.suse.com/security/cve/CVE-2024-46796"
},
{
"category": "external",
"summary": "SUSE Bug 1230832 for CVE-2024-46796",
"url": "https://bugzilla.suse.com/1230832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-46858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: Fix uaf in __timer_delete_sync\n\nThere are two paths to access mptcp_pm_del_add_timer, result in a race\ncondition:\n\n CPU1\t\t\t\tCPU2\n ==== ====\n net_rx_action\n napi_poll netlink_sendmsg\n __napi_poll netlink_unicast\n process_backlog netlink_unicast_kernel\n __netif_receive_skb genl_rcv\n __netif_receive_skb_one_core netlink_rcv_skb\n NF_HOOK genl_rcv_msg\n ip_local_deliver_finish genl_family_rcv_msg\n ip_protocol_deliver_rcu genl_family_rcv_msg_doit\n tcp_v4_rcv mptcp_pm_nl_flush_addrs_doit\n tcp_v4_do_rcv mptcp_nl_remove_addrs_list\n tcp_rcv_established mptcp_pm_remove_addrs_and_subflows\n tcp_data_queue remove_anno_list_by_saddr\n mptcp_incoming_options mptcp_pm_del_add_timer\n mptcp_pm_del_add_timer kfree(entry)\n\nIn remove_anno_list_by_saddr(running on CPU2), after leaving the critical\nzone protected by \"pm.lock\", the entry will be released, which leads to the\noccurrence of uaf in the mptcp_pm_del_add_timer(running on CPU1).\n\nKeeping a reference to add_timer inside the lock, and calling\nsk_stop_timer_sync() with this reference, instead of \"entry-\u003eadd_timer\".\n\nMove list_del(\u0026entry-\u003elist) to mptcp_pm_del_add_timer and inside the pm lock,\ndo not directly access any members of the entry outside the pm lock, which\ncan avoid similar \"entry-\u003ex\" uaf.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46858",
"url": "https://www.suse.com/security/cve/CVE-2024-46858"
},
{
"category": "external",
"summary": "SUSE Bug 1231088 for CVE-2024-46858",
"url": "https://bugzilla.suse.com/1231088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-46858"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n \u003c/TASK\u003e\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47701",
"url": "https://www.suse.com/security/cve/CVE-2024-47701"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1231920 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1231920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path-\u003ep_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49884",
"url": "https://www.suse.com/security/cve/CVE-2024-49884"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232198 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1232198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-49884"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session-\u003etunnel is non-NULL. However, session-\u003etunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession-\u003etunnel is non-NULL when the tunnel refcount hasn\u0027t been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession-\u003etunnel to get the tunnel\u0027s encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session-\u003etunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn\u0027t yet have session-\u003etunnel set. Add a check for\nthis case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49940",
"url": "https://www.suse.com/security/cve/CVE-2024-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1232812 for CVE-2024-49940",
"url": "https://bugzilla.suse.com/1232812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49950",
"url": "https://www.suse.com/security/cve/CVE-2024-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232159 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1232159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-49950"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync\n\nThis checks if the ACL connection remains valid as it could be destroyed\nwhile hci_enhanced_setup_sync is pending on cmd_sync leading to the\nfollowing trace:\n\nBUG: KASAN: slab-use-after-free in hci_enhanced_setup_sync+0x91b/0xa60\nRead of size 1 at addr ffff888002328ffd by task kworker/u5:2/37\n\nCPU: 0 UID: 0 PID: 37 Comm: kworker/u5:2 Not tainted 6.11.0-rc6-01300-g810be445d8d6 #7099\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? hci_enhanced_setup_sync+0x91b/0xa60\n print_report+0x152/0x4c0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n ? __virt_addr_valid+0x1fa/0x420\n ? hci_enhanced_setup_sync+0x91b/0xa60\n kasan_report+0xda/0x1b0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n hci_enhanced_setup_sync+0x91b/0xa60\n ? __pfx_hci_enhanced_setup_sync+0x10/0x10\n ? __pfx___mutex_lock+0x10/0x10\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n ? __pfx_lock_acquire+0x10/0x10\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x167/0x240\n worker_thread+0x5b7/0xf60\n ? __kthread_parkme+0xac/0x1c0\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x293/0x360\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 34:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __hci_conn_add+0x187/0x17d0\n hci_connect_sco+0x2e1/0xb90\n sco_sock_connect+0x2a2/0xb80\n __sys_connect+0x227/0x2a0\n __x64_sys_connect+0x6d/0xb0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 37:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x101/0x160\n kfree+0xd0/0x250\n device_release+0x9a/0x210\n kobject_put+0x151/0x280\n hci_conn_del+0x448/0xbf0\n hci_abort_conn_sync+0x46f/0x980\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n worker_thread+0x5b7/0xf60\n kthread+0x293/0x360\n ret_from_fork+0x2f/0x70\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50029",
"url": "https://www.suse.com/security/cve/CVE-2024-50029"
},
{
"category": "external",
"summary": "SUSE Bug 1231949 for CVE-2024-50029",
"url": "https://bugzilla.suse.com/1231949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50029"
},
{
"cve": "CVE-2024-50036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not delay dst_entries_add() in dst_release()\n\ndst_entries_add() uses per-cpu data that might be freed at netns\ndismantle from ip6_route_net_exit() calling dst_entries_destroy()\n\nBefore ip6_route_net_exit() can be called, we release all\nthe dsts associated with this netns, via calls to dst_release(),\nwhich waits an rcu grace period before calling dst_destroy()\n\ndst_entries_add() use in dst_destroy() is racy, because\ndst_entries_destroy() could have been called already.\n\nDecrementing the number of dsts must happen sooner.\n\nNotes:\n\n1) in CONFIG_XFRM case, dst_destroy() can call\n dst_release_immediate(child), this might also cause UAF\n if the child does not have DST_NOCOUNT set.\n IPSEC maintainers might take a look and see how to address this.\n\n2) There is also discussion about removing this count of dst,\n which might happen in future kernels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50036",
"url": "https://www.suse.com/security/cve/CVE-2024-50036"
},
{
"category": "external",
"summary": "SUSE Bug 1231912 for CVE-2024-50036",
"url": "https://bugzilla.suse.com/1231912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50036"
},
{
"cve": "CVE-2024-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: avoid NFPROTO_UNSPEC where needed\n\nsyzbot managed to call xt_cluster match via ebtables:\n\n WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780\n [..]\n ebt_do_table+0x174b/0x2a40\n\nModule registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet\nprocessing. As this is only useful to restrict locally terminating\nTCP/UDP traffic, register this for ipv4 and ipv6 family only.\n\nPablo points out that this is a general issue, direct users of the\nset/getsockopt interface can call into targets/matches that were only\nintended for use with ip(6)tables.\n\nCheck all UNSPEC matches and targets for similar issues:\n\n- matches and targets are fine except if they assume skb_network_header()\n is valid -- this is only true when called from inet layer: ip(6) stack\n pulls the ip/ipv6 header into linear data area.\n- targets that return XT_CONTINUE or other xtables verdicts must be\n restricted too, they are incompatbile with the ebtables traverser, e.g.\n EBT_CONTINUE is a completely different value than XT_CONTINUE.\n\nMost matches/targets are changed to register for NFPROTO_IPV4/IPV6, as\nthey are provided for use by ip(6)tables.\n\nThe MARK target is also used by arptables, so register for NFPROTO_ARP too.\n\nWhile at it, bail out if connbytes fails to enable the corresponding\nconntrack family.\n\nThis change passes the selftests in iptables.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50038",
"url": "https://www.suse.com/security/cve/CVE-2024-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1231910 for CVE-2024-50038",
"url": "https://bugzilla.suse.com/1231910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50038"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \u003cTASK\u003e\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50073",
"url": "https://www.suse.com/security/cve/CVE-2024-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232520 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1232520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-50073"
},
{
"cve": "CVE-2024-50085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow\n\nSyzkaller reported this splat:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n Read of size 4 at addr ffff8880569ac858 by task syz.1.2799/14662\n\n CPU: 0 UID: 0 PID: 14662 Comm: syz.1.2799 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:914 [inline]\n mptcp_nl_remove_id_zero_address+0x305/0x4a0 net/mptcp/pm_netlink.c:1572\n mptcp_pm_nl_del_addr_doit+0x5c9/0x770 net/mptcp/pm_netlink.c:1603\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg net/socket.c:744 [inline]\n ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661\n __sys_sendmsg+0x117/0x1f0 net/socket.c:2690\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0x73/0x120 arch/x86/entry/common.c:386\n do_fast_syscall_32+0x32/0x80 arch/x86/entry/common.c:411\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n RIP: 0023:0xf7fe4579\n Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 \u003c5d\u003e 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00\n RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172\n RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000140\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\n Allocated by task 5387:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kmalloc_noprof include/linux/slab.h:878 [inline]\n kzalloc_noprof include/linux/slab.h:1014 [inline]\n subflow_create_ctx+0x87/0x2a0 net/mptcp/subflow.c:1803\n subflow_ulp_init+0xc3/0x4d0 net/mptcp/subflow.c:1956\n __tcp_set_ulp net/ipv4/tcp_ulp.c:146 [inline]\n tcp_set_ulp+0x326/0x7f0 net/ipv4/tcp_ulp.c:167\n mptcp_subflow_create_socket+0x4ae/0x10a0 net/mptcp/subflow.c:1764\n __mptcp_subflow_connect+0x3cc/0x1490 net/mptcp/subflow.c:1592\n mptcp_pm_create_subflow_or_signal_addr+0xbda/0x23a0 net/mptcp/pm_netlink.c:642\n mptcp_pm_nl_fully_established net/mptcp/pm_netlink.c:650 [inline]\n mptcp_pm_nl_work+0x3a1/0x4f0 net/mptcp/pm_netlink.c:943\n mptcp_worker+0x15a/0x1240 net/mptcp/protocol.c:2777\n process_one_work+0x958/0x1b30 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/ke\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50085",
"url": "https://www.suse.com/security/cve/CVE-2024-50085"
},
{
"category": "external",
"summary": "SUSE Bug 1232508 for CVE-2024-50085",
"url": "https://bugzilla.suse.com/1232508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50085"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n usersa.sel.family = AF_UNSPEC\n usersa.sel.prefixlen_s = 128\n usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn\u0027t put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx-\u003esel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that\u0027s how\nprefixlen is going to be used later on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50142",
"url": "https://www.suse.com/security/cve/CVE-2024-50142"
},
{
"category": "external",
"summary": "SUSE Bug 1233028 for CVE-2024-50142",
"url": "https://bugzilla.suse.com/1233028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50142"
},
{
"cve": "CVE-2024-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n\u0027ea is initialized to NULL\u0027 -\u003e \u0027first successful memory allocation for\nea\u0027 -\u003e \u0027something failed, goto sea_exit\u0027 -\u003e \u0027first memory release for ea\u0027\n-\u003e \u0027goto replay_again\u0027 -\u003e \u0027second goto sea_exit before allocate memory\nfor ea\u0027 -\u003e \u0027second memory release for ea resulted in double free\u0027.\n\nRe-initialie \u0027ea\u0027 to NULL near to the replay_again label, it can fix this\ndouble free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50152",
"url": "https://www.suse.com/security/cve/CVE-2024-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1233033 for CVE-2024-50152",
"url": "https://bugzilla.suse.com/1233033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle consistently DSS corruption\n\nBugged peer implementation can send corrupted DSS options, consistently\nhitting a few warning in the data path. Use DEBUG_NET assertions, to\navoid the splat on some builds and handle consistently the error, dumping\nrelated MIBs and performing fallback and/or reset according to the\nsubflow type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50185",
"url": "https://www.suse.com/security/cve/CVE-2024-50185"
},
{
"category": "external",
"summary": "SUSE Bug 1233109 for CVE-2024-50185",
"url": "https://bugzilla.suse.com/1233109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50185"
},
{
"cve": "CVE-2024-50251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50251",
"url": "https://www.suse.com/security/cve/CVE-2024-50251"
},
{
"category": "external",
"summary": "SUSE Bug 1233248 for CVE-2024-50251",
"url": "https://bugzilla.suse.com/1233248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50251"
},
{
"cve": "CVE-2024-50258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix crash when config small gso_max_size/gso_ipv4_max_size\n\nConfig a small gso_max_size/gso_ipv4_max_size will lead to an underflow\nin sk_dst_gso_max_size(), which may trigger a BUG_ON crash,\nbecause sk-\u003esk_gso_max_size would be much bigger than device limits.\nCall Trace:\ntcp_write_xmit\n tso_segs = tcp_init_tso_segs(skb, mss_now);\n tcp_set_skb_tso_segs\n tcp_skb_pcount_set\n // skb-\u003elen = 524288, mss_now = 8\n // u16 tso_segs = 524288/8 = 65535 -\u003e 0\n tso_segs = DIV_ROUND_UP(skb-\u003elen, mss_now)\n BUG_ON(!tso_segs)\nAdd check for the minimum value of gso_max_size and gso_ipv4_max_size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50258",
"url": "https://www.suse.com/security/cve/CVE-2024-50258"
},
{
"category": "external",
"summary": "SUSE Bug 1233221 for CVE-2024-50258",
"url": "https://bugzilla.suse.com/1233221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50258"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50294"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix missing locking causing hanging calls\n\nIf a call gets aborted (e.g. because kafs saw a signal) between it being\nqueued for connection and the I/O thread picking up the call, the abort\nwill be prioritised over the connection and it will be removed from\nlocal-\u003enew_client_calls by rxrpc_disconnect_client_call() without a lock\nbeing held. This may cause other calls on the list to disappear if a race\noccurs.\n\nFix this by taking the client_call_lock when removing a call from whatever\nlist its -\u003ewait_link happens to be on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50294",
"url": "https://www.suse.com/security/cve/CVE-2024-50294"
},
{
"category": "external",
"summary": "SUSE Bug 1233483 for CVE-2024-50294",
"url": "https://bugzilla.suse.com/1233483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50294"
},
{
"cve": "CVE-2024-50304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()\n\nThe per-netns IP tunnel hash table is protected by the RTNL mutex and\nip_tunnel_find() is only called from the control path where the mutex is\ntaken.\n\nAdd a lockdep expression to hlist_for_each_entry_rcu() in\nip_tunnel_find() in order to validate that the mutex is held and to\nsilence the suspicious RCU usage warning [1].\n\n[1]\nWARNING: suspicious RCU usage\n6.12.0-rc3-custom-gd95d9a31aceb #139 Not tainted\n-----------------------------\nnet/ipv4/ip_tunnel.c:221 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n1 lock held by ip/362:\n #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60\n\nstack backtrace:\nCPU: 12 UID: 0 PID: 362 Comm: ip Not tainted 6.12.0-rc3-custom-gd95d9a31aceb #139\nHardware name: Bochs Bochs, BIOS Bochs 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xba/0x110\n lockdep_rcu_suspicious.cold+0x4f/0xd6\n ip_tunnel_find+0x435/0x4d0\n ip_tunnel_newlink+0x517/0x7a0\n ipgre_newlink+0x14c/0x170\n __rtnl_newlink+0x1173/0x19c0\n rtnl_newlink+0x6c/0xa0\n rtnetlink_rcv_msg+0x3cc/0xf60\n netlink_rcv_skb+0x171/0x450\n netlink_unicast+0x539/0x7f0\n netlink_sendmsg+0x8c1/0xd80\n ____sys_sendmsg+0x8f9/0xc20\n ___sys_sendmsg+0x197/0x1e0\n __sys_sendmsg+0x122/0x1f0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50304",
"url": "https://www.suse.com/security/cve/CVE-2024-50304"
},
{
"category": "external",
"summary": "SUSE Bug 1233522 for CVE-2024-50304",
"url": "https://bugzilla.suse.com/1233522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-50304"
},
{
"cve": "CVE-2024-52559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52559",
"url": "https://www.suse.com/security/cve/CVE-2024-52559"
},
{
"category": "external",
"summary": "SUSE Bug 1238507 for CVE-2024-52559",
"url": "https://bugzilla.suse.com/1238507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: error out earlier on disconnect\n\nEric reported a division by zero splat in the MPTCP protocol:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 6094 Comm: syz-executor317 Not tainted\n6.12.0-rc5-syzkaller-00291-g05b92660cdfe #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 09/13/2024\nRIP: 0010:__tcp_select_window+0x5b4/0x1310 net/ipv4/tcp_output.c:3163\nCode: f6 44 01 e3 89 df e8 9b 75 09 f8 44 39 f3 0f 8d 11 ff ff ff e8\n0d 74 09 f8 45 89 f4 e9 04 ff ff ff e8 00 74 09 f8 44 89 f0 99 \u003cf7\u003e 7c\n24 14 41 29 d6 45 89 f4 e9 ec fe ff ff e8 e8 73 09 f8 48 89\nRSP: 0018:ffffc900041f7930 EFLAGS: 00010293\nRAX: 0000000000017e67 RBX: 0000000000017e67 RCX: ffffffff8983314b\nRDX: 0000000000000000 RSI: ffffffff898331b0 RDI: 0000000000000004\nRBP: 00000000005d6000 R08: 0000000000000004 R09: 0000000000017e67\nR10: 0000000000003e80 R11: 0000000000000000 R12: 0000000000003e80\nR13: ffff888031d9b440 R14: 0000000000017e67 R15: 00000000002eb000\nFS: 00007feb5d7f16c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007feb5d8adbb8 CR3: 0000000074e4c000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n__tcp_cleanup_rbuf+0x3e7/0x4b0 net/ipv4/tcp.c:1493\nmptcp_rcv_space_adjust net/mptcp/protocol.c:2085 [inline]\nmptcp_recvmsg+0x2156/0x2600 net/mptcp/protocol.c:2289\ninet_recvmsg+0x469/0x6a0 net/ipv4/af_inet.c:885\nsock_recvmsg_nosec net/socket.c:1051 [inline]\nsock_recvmsg+0x1b2/0x250 net/socket.c:1073\n__sys_recvfrom+0x1a5/0x2e0 net/socket.c:2265\n__do_sys_recvfrom net/socket.c:2283 [inline]\n__se_sys_recvfrom net/socket.c:2279 [inline]\n__x64_sys_recvfrom+0xe0/0x1c0 net/socket.c:2279\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7feb5d857559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48\n89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d\n01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007feb5d7f1208 EFLAGS: 00000246 ORIG_RAX: 000000000000002d\nRAX: ffffffffffffffda RBX: 00007feb5d8e1318 RCX: 00007feb5d857559\nRDX: 000000800000000e RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007feb5d8e1310 R08: 0000000000000000 R09: ffffffff81000000\nR10: 0000000000000100 R11: 0000000000000246 R12: 00007feb5d8e131c\nR13: 00007feb5d8ae074 R14: 000000800000000e R15: 00000000fffffdef\n\nand provided a nice reproducer.\n\nThe root cause is the current bad handling of racing disconnect.\nAfter the blamed commit below, sk_wait_data() can return (with\nerror) with the underlying socket disconnected and a zero rcv_mss.\n\nCatch the error and return without performing any additional\noperations on the current socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53123",
"url": "https://www.suse.com/security/cve/CVE-2024-53123"
},
{
"category": "external",
"summary": "SUSE Bug 1234070 for CVE-2024-53123",
"url": "https://bugzilla.suse.com/1234070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53123"
},
{
"cve": "CVE-2024-53124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix data-races around sk-\u003esk_forward_alloc\n\nSyzkaller reported this warning:\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0\n Modules linked in:\n CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:inet_sock_destruct+0x1c5/0x1e0\n Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 \u003c0f\u003e 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00\n RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206\n RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007\n RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00\n RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007\n R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00\n R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78\n FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x88/0x130\n ? inet_sock_destruct+0x1c5/0x1e0\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? inet_sock_destruct+0x1c5/0x1e0\n __sk_destruct+0x2a/0x200\n rcu_do_batch+0x1aa/0x530\n ? rcu_do_batch+0x13b/0x530\n rcu_core+0x159/0x2f0\n handle_softirqs+0xd3/0x2b0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n run_ksoftirqd+0x25/0x30\n smpboot_thread_fn+0xdd/0x1d0\n kthread+0xd3/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nIts possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add()\nconcurrently when sk-\u003esk_state == TCP_LISTEN with sk-\u003esk_lock unlocked,\nwhich triggers a data-race around sk-\u003esk_forward_alloc:\ntcp_v6_rcv\n tcp_v6_do_rcv\n skb_clone_and_charge_r\n sk_rmem_schedule\n __sk_mem_schedule\n sk_forward_alloc_add()\n skb_set_owner_r\n sk_mem_charge\n sk_forward_alloc_add()\n __kfree_skb\n skb_release_all\n skb_release_head_state\n sock_rfree\n sk_mem_uncharge\n sk_forward_alloc_add()\n sk_mem_reclaim\n // set local var reclaimable\n __sk_mem_reclaim\n sk_forward_alloc_add()\n\nIn this syzkaller testcase, two threads call\ntcp_v6_do_rcv() with skb-\u003etruesize=768, the sk_forward_alloc changes like\nthis:\n (cpu 1) | (cpu 2) | sk_forward_alloc\n ... | ... | 0\n __sk_mem_schedule() | | +4096 = 4096\n | __sk_mem_schedule() | +4096 = 8192\n sk_mem_charge() | | -768 = 7424\n | sk_mem_charge() | -768 = 6656\n ... | ... |\n sk_mem_uncharge() | | +768 = 7424\n reclaimable=7424 | |\n | sk_mem_uncharge() | +768 = 8192\n | reclaimable=8192 |\n __sk_mem_reclaim() | | -4096 = 4096\n | __sk_mem_reclaim() | -8192 = -4096 != 0\n\nThe skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when\nsk-\u003esk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock().\nFix the same issue in dccp_v6_do_rcv().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53124",
"url": "https://www.suse.com/security/cve/CVE-2024-53124"
},
{
"category": "external",
"summary": "SUSE Bug 1234074 for CVE-2024-53124",
"url": "https://bugzilla.suse.com/1234074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53124"
},
{
"cve": "CVE-2024-53139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix possible UAF in sctp_v6_available()\n\nA lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints\nthat sctp_v6_available() is calling dev_get_by_index_rcu()\nand ipv6_chk_addr() without holding rcu.\n\n[1]\n =============================\n WARNING: suspicious RCU usage\n 6.12.0-rc5-virtme #1216 Tainted: G W\n -----------------------------\n net/core/dev.c:876 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by sctp_hello/31495:\n #0: ffff9f1ebbdb7418 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_bind (./arch/x86/include/asm/jump_label.h:27 net/sctp/socket.c:315) sctp\n\nstack backtrace:\n CPU: 7 UID: 0 PID: 31495 Comm: sctp_hello Tainted: G W 6.12.0-rc5-virtme #1216\n Tainted: [W]=WARN\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:123)\n lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)\n dev_get_by_index_rcu (net/core/dev.c:876 (discriminator 7))\n sctp_v6_available (net/sctp/ipv6.c:701) sctp\n sctp_do_bind (net/sctp/socket.c:400 (discriminator 1)) sctp\n sctp_bind (net/sctp/socket.c:320) sctp\n inet6_bind_sk (net/ipv6/af_inet6.c:465)\n ? security_socket_bind (security/security.c:4581 (discriminator 1))\n __sys_bind (net/socket.c:1848 net/socket.c:1869)\n ? do_user_addr_fault (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 ./include/linux/mm.h:729 arch/x86/mm/fault.c:1340)\n ? do_user_addr_fault (./arch/x86/include/asm/preempt.h:84 (discriminator 13) ./include/linux/rcupdate.h:98 (discriminator 13) ./include/linux/rcupdate.h:882 (discriminator 13) ./include/linux/mm.h:729 (discriminator 13) arch/x86/mm/fault.c:1340 (discriminator 13))\n __x64_sys_bind (net/socket.c:1877 (discriminator 1) net/socket.c:1875 (discriminator 1) net/socket.c:1875 (discriminator 1))\n do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n RIP: 0033:0x7f59b934a1e7\n Code: 44 00 00 48 8b 15 39 8c 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 31 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 09 8c 0c 00 f7 d8 64 89 01 48\nAll code\n========\n 0:\t44 00 00 \tadd %r8b,(%rax)\n 3:\t48 8b 15 39 8c 0c 00 \tmov 0xc8c39(%rip),%rdx # 0xc8c43\n a:\tf7 d8 \tneg %eax\n c:\t64 89 02 \tmov %eax,%fs:(%rdx)\n f:\tb8 ff ff ff ff \tmov $0xffffffff,%eax\n 14:\teb bd \tjmp 0xffffffffffffffd3\n 16:\t66 2e 0f 1f 84 00 00 \tcs nopw 0x0(%rax,%rax,1)\n 1d:\t00 00 00\n 20:\t0f 1f 00 \tnopl (%rax)\n 23:\tb8 31 00 00 00 \tmov $0x31,%eax\n 28:\t0f 05 \tsyscall\n 2a:*\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\t\t\u003c-- trapping instruction\n 30:\t73 01 \tjae 0x33\n 32:\tc3 \tret\n 33:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c43\n 3a:\tf7 d8 \tneg %eax\n 3c:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 3f:\t48 \trex.W\n\nCode starting with the faulting instruction\n===========================================\n 0:\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\n 6:\t73 01 \tjae 0x9\n 8:\tc3 \tret\n 9:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c19\n 10:\tf7 d8 \tneg %eax\n 12:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 15:\t48 \trex.W\n RSP: 002b:00007ffe2d0ad398 EFLAGS: 00000202 ORIG_RAX: 0000000000000031\n RAX: ffffffffffffffda RBX: 00007ffe2d0ad3d0 RCX: 00007f59b934a1e7\n RDX: 000000000000001c RSI: 00007ffe2d0ad3d0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 1999999999999999 R09: 0000000000000000\n R10: 00007f59b9253298 R11: 000000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53139",
"url": "https://www.suse.com/security/cve/CVE-2024-53139"
},
{
"category": "external",
"summary": "SUSE Bug 1234157 for CVE-2024-53139",
"url": "https://bugzilla.suse.com/1234157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53139"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix out-of-bounds access of directory entries\n\nIn the case of the directory size is greater than or equal to\nthe cluster size, if start_clu becomes an EOF cluster(an invalid\ncluster) due to file system corruption, then the directory entry\nwhere ei-\u003ehint_femp.eidx hint is outside the directory, resulting\nin an out-of-bounds access, which may cause further file system\ncorruption.\n\nThis commit adds a check for start_clu, if it is an invalid cluster,\nthe file or directory will be treated as empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53147",
"url": "https://www.suse.com/security/cve/CVE-2024-53147"
},
{
"category": "external",
"summary": "SUSE Bug 1234857 for CVE-2024-53147",
"url": "https://bugzilla.suse.com/1234857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53147"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53173",
"url": "https://www.suse.com/security/cve/CVE-2024-53173"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234891 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "external",
"summary": "SUSE Bug 1234892 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-53173"
},
{
"cve": "CVE-2024-53176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: During unmount, ensure all cached dir instances drop their dentry\n\nThe unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can\nrace with various cached directory operations, which ultimately results\nin dentries not being dropped and these kernel BUGs:\n\nBUG: Dentry ffff88814f37e358{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nVFS: Busy inodes after unmount of cifs (cifs)\n------------[ cut here ]------------\nkernel BUG at fs/super.c:661!\n\nThis happens when a cfid is in the process of being cleaned up when, and\nhas been removed from the cfids-\u003eentries list, including:\n\n- Receiving a lease break from the server\n- Server reconnection triggers invalidate_all_cached_dirs(), which\n removes all the cfids from the list\n- The laundromat thread decides to expire an old cfid.\n\nTo solve these problems, dropping the dentry is done in queued work done\nin a newly-added cfid_put_wq workqueue, and close_all_cached_dirs()\nflushes that workqueue after it drops all the dentries of which it\u0027s\naware. This is a global workqueue (rather than scoped to a mount), but\nthe queued work is minimal.\n\nThe final cleanup work for cleaning up a cfid is performed via work\nqueued in the serverclose_wq workqueue; this is done separate from\ndropping the dentries so that close_all_cached_dirs() doesn\u0027t block on\nany server operations.\n\nBoth of these queued works expect to invoked with a cfid reference and\na tcon reference to avoid those objects from being freed while the work\nis ongoing.\n\nWhile we\u0027re here, add proper locking to close_all_cached_dirs(), and\nlocking around the freeing of cfid-\u003edentry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53176",
"url": "https://www.suse.com/security/cve/CVE-2024-53176"
},
{
"category": "external",
"summary": "SUSE Bug 1234894 for CVE-2024-53176",
"url": "https://bugzilla.suse.com/1234894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53176"
},
{
"cve": "CVE-2024-53177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: prevent use-after-free due to open_cached_dir error paths\n\nIf open_cached_dir() encounters an error parsing the lease from the\nserver, the error handling may race with receiving a lease break,\nresulting in open_cached_dir() freeing the cfid while the queued work is\npending.\n\nUpdate open_cached_dir() to drop refs rather than directly freeing the\ncfid.\n\nHave cached_dir_lease_break(), cfids_laundromat_worker(), and\ninvalidate_all_cached_dirs() clear has_lease immediately while still\nholding cfids-\u003ecfid_list_lock, and then use this to also simplify the\nreference counting in cfids_laundromat_worker() and\ninvalidate_all_cached_dirs().\n\nFixes this KASAN splat (which manually injects an error and lease break\nin open_cached_dir()):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in smb2_cached_lease_break+0x27/0xb0\nRead of size 8 at addr ffff88811cc24c10 by task kworker/3:1/65\n\nCPU: 3 UID: 0 PID: 65 Comm: kworker/3:1 Not tainted 6.12.0-rc6-g255cf264e6e5-dirty #87\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nWorkqueue: cifsiod smb2_cached_lease_break\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x77/0xb0\n print_report+0xce/0x660\n kasan_report+0xd3/0x110\n smb2_cached_lease_break+0x27/0xb0\n process_one_work+0x50a/0xc50\n worker_thread+0x2ba/0x530\n kthread+0x17c/0x1c0\n ret_from_fork+0x34/0x60\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n open_cached_dir+0xa7d/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x51/0x70\n kfree+0x174/0x520\n open_cached_dir+0x97f/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x33/0x60\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x32/0x100\n __queue_work+0x5c9/0x870\n queue_work_on+0x82/0x90\n open_cached_dir+0x1369/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe buggy address belongs to the object at ffff88811cc24c00\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 16 bytes inside of\n freed 1024-byte region [ffff88811cc24c00, ffff88811cc25000)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53177",
"url": "https://www.suse.com/security/cve/CVE-2024-53177"
},
{
"category": "external",
"summary": "SUSE Bug 1234896 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "external",
"summary": "SUSE Bug 1235103 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1235103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-53177"
},
{
"cve": "CVE-2024-53178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Don\u0027t leak cfid when reconnect races with open_cached_dir\n\nopen_cached_dir() may either race with the tcon reconnection even before\ncompound_send_recv() or directly trigger a reconnection via\nSMB2_open_init() or SMB_query_info_init().\n\nThe reconnection process invokes invalidate_all_cached_dirs() via\ncifs_mark_open_files_invalid(), which removes all cfids from the\ncfids-\u003eentries list but doesn\u0027t drop a ref if has_lease isn\u0027t true. This\nresults in the currently-being-constructed cfid not being on the list,\nbut still having a refcount of 2. It leaks if returned from\nopen_cached_dir().\n\nFix this by setting cfid-\u003ehas_lease when the ref is actually taken; the\ncfid will not be used by other threads until it has a valid time.\n\nAddresses these kmemleaks:\n\nunreferenced object 0xffff8881090c4000 (size 1024):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 32 bytes):\n 00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de ........\".......\n 00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff ..E\"......O.....\n backtrace (crc 6f58c20f):\n [\u003cffffffff8b895a1e\u003e] __kmalloc_cache_noprof+0x2be/0x350\n [\u003cffffffff8bda06e3\u003e] open_cached_dir+0x993/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\nunreferenced object 0xffff8881044fdcf8 (size 8):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 8 bytes):\n 00 cc cc cc cc cc cc cc ........\n backtrace (crc 10c106a9):\n [\u003cffffffff8b89a3d3\u003e] __kmalloc_node_track_caller_noprof+0x363/0x480\n [\u003cffffffff8b7d7256\u003e] kstrdup+0x36/0x60\n [\u003cffffffff8bda0700\u003e] open_cached_dir+0x9b0/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAnd addresses these BUG splats when unmounting the SMB filesystem:\n\nBUG: Dentry ffff888140590ba0{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nWARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100\nModules linked in:\nCPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:umount_check+0xd0/0x100\nCode: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff \u003c0f\u003e 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41\nRSP: 0018:ffff88811cc27978 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40\nRBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3\nR10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08\nR13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0\nFS: 00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n d_walk+0x6a/0x530\n shrink_dcache_for_umount+0x6a/0x200\n generic_shutdown_super+0x52/0x2a0\n kill_anon_super+0x22/0x40\n cifs_kill_sb+0x159/0x1e0\n deactivate_locked_super+0x66/0xe0\n cleanup_mnt+0x140/0x210\n task_work_run+0xfb/0x170\n syscall_exit_to_user_mode+0x29f/0x2b0\n do_syscall_64+0xa1/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f23bfb93ae7\nCode: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53178",
"url": "https://www.suse.com/security/cve/CVE-2024-53178"
},
{
"category": "external",
"summary": "SUSE Bug 1234895 for CVE-2024-53178",
"url": "https://bugzilla.suse.com/1234895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53178"
},
{
"cve": "CVE-2024-53226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg()\n\nib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argument.\nThe driver needs to check whether it is a NULL pointer before\ndereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53226",
"url": "https://www.suse.com/security/cve/CVE-2024-53226"
},
{
"category": "external",
"summary": "SUSE Bug 1236576 for CVE-2024-53226",
"url": "https://bugzilla.suse.com/1236576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53226"
},
{
"cve": "CVE-2024-53239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: 6fire: Release resources at card release\n\nThe current 6fire code tries to release the resources right after the\ncall of usb6fire_chip_abort(). But at this moment, the card object\nmight be still in use (as we\u0027re calling snd_card_free_when_closed()).\n\nFor avoid potential UAFs, move the release of resources to the card\u0027s\nprivate_free instead of the manual call of usb6fire_chip_destroy() at\nthe USB disconnect callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53239",
"url": "https://www.suse.com/security/cve/CVE-2024-53239"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235054 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "external",
"summary": "SUSE Bug 1235055 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-53239"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[ 356.775250] ------------[ cut here ]------------\n[ 356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv-\u003essid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n ssid_len = user_scan_in-\u003essid_list[i].ssid_len;\n [...]\n memcpy(wildcard_ssid_tlv-\u003essid,\n user_scan_in-\u003essid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn\u0027t account for the size of the one-element\narray, so it doesn\u0027t need to be changed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56539",
"url": "https://www.suse.com/security/cve/CVE-2024-56539"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234963 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "external",
"summary": "SUSE Bug 1234964 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-56539"
},
{
"cve": "CVE-2024-56548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don\u0027t query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[ 419.944641] ==================================================================\n[ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[ 419.947612]\n[ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 419.950035] Call Trace:\n[ 419.950384] \u003cTASK\u003e\n[ 419.950676] dump_stack_lvl+0x57/0x78\n[ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.951830] print_report+0x14c/0x49e\n[ 419.952361] ? __virt_addr_valid+0x267/0x278\n[ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d\n[ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.954231] kasan_report+0x89/0xb0\n[ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955367] hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9\n[ 419.957214] ? _raw_spin_unlock+0x1a/0x2e\n[ 419.957772] hfsplus_fill_super+0x348/0x1590\n[ 419.958355] ? hlock_class+0x4c/0x109\n[ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.959499] ? __pfx_string+0x10/0x10\n[ 419.960006] ? lock_acquire+0x3e2/0x454\n[ 419.960532] ? bdev_name.constprop.0+0xce/0x243\n[ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10\n[ 419.961799] ? pointer+0x3f0/0x62f\n[ 419.962277] ? __pfx_pointer+0x10/0x10\n[ 419.962761] ? vsnprintf+0x6c4/0xfba\n[ 419.963178] ? __pfx_vsnprintf+0x10/0x10\n[ 419.963621] ? setup_bdev_super+0x376/0x3b3\n[ 419.964029] ? snprintf+0x9d/0xd2\n[ 419.964344] ? __pfx_snprintf+0x10/0x10\n[ 419.964675] ? lock_acquired+0x45c/0x5e9\n[ 419.965016] ? set_blocksize+0x139/0x1c1\n[ 419.965381] ? sb_set_blocksize+0x6d/0xae\n[ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.966179] mount_bdev+0x12f/0x1bf\n[ 419.966512] ? __pfx_mount_bdev+0x10/0x10\n[ 419.966886] ? vfs_parse_fs_string+0xce/0x111\n[ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10\n[ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10\n[ 419.968073] legacy_get_tree+0x104/0x178\n[ 419.968414] vfs_get_tree+0x86/0x296\n[ 419.968751] path_mount+0xba3/0xd0b\n[ 419.969157] ? __pfx_path_mount+0x10/0x10\n[ 419.969594] ? kmem_cache_free+0x1e2/0x260\n[ 419.970311] do_mount+0x99/0xe0\n[ 419.970630] ? __pfx_do_mount+0x10/0x10\n[ 419.971008] __do_sys_mount+0x199/0x1c9\n[ 419.971397] do_syscall_64+0xd0/0x135\n[ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 419.972233] RIP: 0033:0x7c3cb812972e\n[ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56548",
"url": "https://www.suse.com/security/cve/CVE-2024-56548"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235073 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "external",
"summary": "SUSE Bug 1235074 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-56548"
},
{
"cve": "CVE-2024-56579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: amphion: Set video drvdata before register video device\n\nThe video drvdata should be set before the video device is registered,\notherwise video_drvdata() may return NULL in the open() file ops, and led\nto oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56579",
"url": "https://www.suse.com/security/cve/CVE-2024-56579"
},
{
"category": "external",
"summary": "SUSE Bug 1236575 for CVE-2024-56579",
"url": "https://bugzilla.suse.com/1236575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56579"
},
{
"cve": "CVE-2024-56592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Call free_htab_elem() after htab_unlock_bucket()\n\nFor htab of maps, when the map is removed from the htab, it may hold the\nlast reference of the map. bpf_map_fd_put_ptr() will invoke\nbpf_map_free_id() to free the id of the removed map element. However,\nbpf_map_fd_put_ptr() is invoked while holding a bucket lock\n(raw_spin_lock_t), and bpf_map_free_id() attempts to acquire map_idr_lock\n(spinlock_t), triggering the following lockdep warning:\n\n =============================\n [ BUG: Invalid wait context ]\n 6.11.0-rc4+ #49 Not tainted\n -----------------------------\n test_maps/4881 is trying to lock:\n ffffffff84884578 (map_idr_lock){+...}-{3:3}, at: bpf_map_free_id.part.0+0x21/0x70\n other info that might help us debug this:\n context-{5:5}\n 2 locks held by test_maps/4881:\n #0: ffffffff846caf60 (rcu_read_lock){....}-{1:3}, at: bpf_fd_htab_map_update_elem+0xf9/0x270\n #1: ffff888149ced148 (\u0026htab-\u003elockdep_key#2){....}-{2:2}, at: htab_map_update_elem+0x178/0xa80\n stack backtrace:\n CPU: 0 UID: 0 PID: 4881 Comm: test_maps Not tainted 6.11.0-rc4+ #49\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), ...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6e/0xb0\n dump_stack+0x10/0x20\n __lock_acquire+0x73e/0x36c0\n lock_acquire+0x182/0x450\n _raw_spin_lock_irqsave+0x43/0x70\n bpf_map_free_id.part.0+0x21/0x70\n bpf_map_put+0xcf/0x110\n bpf_map_fd_put_ptr+0x9a/0xb0\n free_htab_elem+0x69/0xe0\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n bpf_map_update_value+0x266/0x380\n __sys_bpf+0x21bb/0x36b0\n __x64_sys_bpf+0x45/0x60\n x64_sys_call+0x1b2a/0x20d0\n do_syscall_64+0x5d/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nOne way to fix the lockdep warning is using raw_spinlock_t for\nmap_idr_lock as well. However, bpf_map_alloc_id() invokes\nidr_alloc_cyclic() after acquiring map_idr_lock, it will trigger a\nsimilar lockdep warning because the slab\u0027s lock (s-\u003ecpu_slab-\u003elock) is\nstill a spinlock.\n\nInstead of changing map_idr_lock\u0027s type, fix the issue by invoking\nhtab_put_fd_value() after htab_unlock_bucket(). However, only deferring\nthe invocation of htab_put_fd_value() is not enough, because the old map\npointers in htab of maps can not be saved during batched deletion.\nTherefore, also defer the invocation of free_htab_elem(), so these\nto-be-freed elements could be linked together similar to lru map.\n\nThere are four callers for -\u003emap_fd_put_ptr:\n\n(1) alloc_htab_elem() (through htab_put_fd_value())\nIt invokes -\u003emap_fd_put_ptr() under a raw_spinlock_t. The invocation of\nhtab_put_fd_value() can not simply move after htab_unlock_bucket(),\nbecause the old element has already been stashed in htab-\u003eextra_elems.\nIt may be reused immediately after htab_unlock_bucket() and the\ninvocation of htab_put_fd_value() after htab_unlock_bucket() may release\nthe newly-added element incorrectly. Therefore, saving the map pointer\nof the old element for htab of maps before unlocking the bucket and\nreleasing the map_ptr after unlock. Beside the map pointer in the old\nelement, should do the same thing for the special fields in the old\nelement as well.\n\n(2) free_htab_elem() (through htab_put_fd_value())\nIts caller includes __htab_map_lookup_and_delete_elem(),\nhtab_map_delete_elem() and __htab_map_lookup_and_delete_batch().\n\nFor htab_map_delete_elem(), simply invoke free_htab_elem() after\nhtab_unlock_bucket(). For __htab_map_lookup_and_delete_batch(), just\nlike lru map, linking the to-be-freed element into node_to_free list\nand invoking free_htab_elem() for these element after unlock. It is safe\nto reuse batch_flink as the link for node_to_free, because these\nelements have been removed from the hash llist.\n\nBecause htab of maps doesn\u0027t support lookup_and_delete operation,\n__htab_map_lookup_and_delete_elem() doesn\u0027t have the problem, so kept\nit as\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56592",
"url": "https://www.suse.com/security/cve/CVE-2024-56592"
},
{
"category": "external",
"summary": "SUSE Bug 1235244 for CVE-2024-56592",
"url": "https://bugzilla.suse.com/1235244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56592"
},
{
"cve": "CVE-2024-56605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56605",
"url": "https://www.suse.com/security/cve/CVE-2024-56605"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235061 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "external",
"summary": "SUSE Bug 1235062 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-56605"
},
{
"cve": "CVE-2024-56633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg\n\nThe current sk memory accounting logic in __SK_REDIRECT is pre-uncharging\ntosend bytes, which is either msg-\u003esg.size or a smaller value apply_bytes.\n\nPotential problems with this strategy are as follows:\n\n- If the actual sent bytes are smaller than tosend, we need to charge some\n bytes back, as in line 487, which is okay but seems not clean.\n\n- When tosend is set to apply_bytes, as in line 417, and (ret \u003c 0), we may\n miss uncharging (msg-\u003esg.size - apply_bytes) bytes.\n\n[...]\n415 tosend = msg-\u003esg.size;\n416 if (psock-\u003eapply_bytes \u0026\u0026 psock-\u003eapply_bytes \u003c tosend)\n417 tosend = psock-\u003eapply_bytes;\n[...]\n443 sk_msg_return(sk, msg, tosend);\n444 release_sock(sk);\n446 origsize = msg-\u003esg.size;\n447 ret = tcp_bpf_sendmsg_redir(sk_redir, redir_ingress,\n448 msg, tosend, flags);\n449 sent = origsize - msg-\u003esg.size;\n[...]\n454 lock_sock(sk);\n455 if (unlikely(ret \u003c 0)) {\n456 int free = sk_msg_free_nocharge(sk, msg);\n458 if (!cork)\n459 *copied -= free;\n460 }\n[...]\n487 if (eval == __SK_REDIRECT)\n488 sk_mem_charge(sk, tosend - sent);\n[...]\n\nWhen running the selftest test_txmsg_redir_wait_sndmem with txmsg_apply,\nthe following warning will be reported:\n\n------------[ cut here ]------------\nWARNING: CPU: 6 PID: 57 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x190/0x1a0\nModules linked in:\nCPU: 6 UID: 0 PID: 57 Comm: kworker/6:0 Not tainted 6.12.0-rc1.bm.1-amd64+ #43\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nWorkqueue: events sk_psock_destroy\nRIP: 0010:inet_sock_destruct+0x190/0x1a0\nRSP: 0018:ffffad0a8021fe08 EFLAGS: 00010206\nRAX: 0000000000000011 RBX: ffff9aab4475b900 RCX: ffff9aab481a0800\nRDX: 0000000000000303 RSI: 0000000000000011 RDI: ffff9aab4475b900\nRBP: ffff9aab4475b990 R08: 0000000000000000 R09: ffff9aab40050ec0\nR10: 0000000000000000 R11: ffff9aae6fdb1d01 R12: ffff9aab49c60400\nR13: ffff9aab49c60598 R14: ffff9aab49c60598 R15: dead000000000100\nFS: 0000000000000000(0000) GS:ffff9aae6fd80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffec7e47bd8 CR3: 00000001a1a1c004 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x89/0x130\n? inet_sock_destruct+0x190/0x1a0\n? report_bug+0xfc/0x1e0\n? handle_bug+0x5c/0xa0\n? exc_invalid_op+0x17/0x70\n? asm_exc_invalid_op+0x1a/0x20\n? inet_sock_destruct+0x190/0x1a0\n__sk_destruct+0x25/0x220\nsk_psock_destroy+0x2b2/0x310\nprocess_scheduled_works+0xa3/0x3e0\nworker_thread+0x117/0x240\n? __pfx_worker_thread+0x10/0x10\nkthread+0xcf/0x100\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x31/0x40\n? __pfx_kthread+0x10/0x10\nret_from_fork_asm+0x1a/0x30\n\u003c/TASK\u003e\n---[ end trace 0000000000000000 ]---\n\nIn __SK_REDIRECT, a more concise way is delaying the uncharging after sent\nbytes are finalized, and uncharge this value. When (ret \u003c 0), we shall\ninvoke sk_msg_free.\n\nSame thing happens in case __SK_DROP, when tosend is set to apply_bytes,\nwe may miss uncharging (msg-\u003esg.size - apply_bytes) bytes. The same\nwarning will be reported in selftest.\n\n[...]\n468 case __SK_DROP:\n469 default:\n470 sk_msg_free_partial(sk, msg, tosend);\n471 sk_msg_apply_bytes(psock, tosend);\n472 *copied -= (tosend + delta);\n473 return -EACCES;\n[...]\n\nSo instead of sk_msg_free_partial we can do sk_msg_free here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56633",
"url": "https://www.suse.com/security/cve/CVE-2024-56633"
},
{
"category": "external",
"summary": "SUSE Bug 1235485 for CVE-2024-56633",
"url": "https://bugzilla.suse.com/1235485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56633"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix icmp host relookup triggering ip_rt_bug\n\narp link failure may trigger ip_rt_bug while xfrm enabled, call trace is:\n\nWARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 ip_rt_bug+0x14/0x20\nModules linked in:\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:ip_rt_bug+0x14/0x20\nCall Trace:\n \u003cIRQ\u003e\n ip_send_skb+0x14/0x40\n __icmp_send+0x42d/0x6a0\n ipv4_link_failure+0xe2/0x1d0\n arp_error_report+0x3c/0x50\n neigh_invalidate+0x8d/0x100\n neigh_timer_handler+0x2e1/0x330\n call_timer_fn+0x21/0x120\n __run_timer_base.part.0+0x1c9/0x270\n run_timer_softirq+0x4c/0x80\n handle_softirqs+0xac/0x280\n irq_exit_rcu+0x62/0x80\n sysvec_apic_timer_interrupt+0x77/0x90\n\nThe script below reproduces this scenario:\nip xfrm policy add src 0.0.0.0/0 dst 0.0.0.0/0 \\\n\tdir out priority 0 ptype main flag localok icmp\nip l a veth1 type veth\nip a a 192.168.141.111/24 dev veth0\nip l s veth0 up\nping 192.168.141.155 -c 1\n\nicmp_route_lookup() create input routes for locally generated packets\nwhile xfrm relookup ICMP traffic.Then it will set input route\n(dst-\u003eout = ip_rt_bug) to skb for DESTUNREACH.\n\nFor ICMP err triggered by locally generated packets, dst-\u003edev of output\nroute is loopback. Generally, xfrm relookup verification is not required\non loopback interfaces (net.ipv4.conf.lo.disable_xfrm = 1).\n\nSkip icmp relookup for locally generated packets to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56647",
"url": "https://www.suse.com/security/cve/CVE-2024-56647"
},
{
"category": "external",
"summary": "SUSE Bug 1235435 for CVE-2024-56647",
"url": "https://bugzilla.suse.com/1235435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56647"
},
{
"cve": "CVE-2024-56658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: defer final \u0027struct net\u0027 free in netns dismantle\n\nIlya reported a slab-use-after-free in dst_destroy [1]\n\nIssue is in xfrm6_net_init() and xfrm4_net_init() :\n\nThey copy xfrm[46]_dst_ops_template into net-\u003exfrm.xfrm[46]_dst_ops.\n\nBut net structure might be freed before all the dst callbacks are\ncalled. So when dst_destroy() calls later :\n\nif (dst-\u003eops-\u003edestroy)\n dst-\u003eops-\u003edestroy(dst);\n\ndst-\u003eops points to the old net-\u003exfrm.xfrm[46]_dst_ops, which has been freed.\n\nSee a relevant issue fixed in :\n\nac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\")\n\nA fix is to queue the \u0027struct net\u0027 to be freed after one\nanother cleanup_net() round (and existing rcu_barrier())\n\n[1]\n\nBUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112)\nRead of size 8 at addr ffff8882137ccab0 by task swapper/37/0\nDec 03 05:46:18 kernel:\nCPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67\nHardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\ndump_stack_lvl (lib/dump_stack.c:124)\nprint_address_description.constprop.0 (mm/kasan/report.c:378)\n? dst_destroy (net/core/dst.c:112)\nprint_report (mm/kasan/report.c:489)\n? dst_destroy (net/core/dst.c:112)\n? kasan_addr_to_slab (mm/kasan/common.c:37)\nkasan_report (mm/kasan/report.c:603)\n? dst_destroy (net/core/dst.c:112)\n? rcu_do_batch (kernel/rcu/tree.c:2567)\ndst_destroy (net/core/dst.c:112)\nrcu_do_batch (kernel/rcu/tree.c:2567)\n? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406)\nrcu_core (kernel/rcu/tree.c:2825)\nhandle_softirqs (kernel/softirq.c:554)\n__irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637)\nirq_exit_rcu (kernel/softirq.c:651)\nsysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049)\n \u003c/IRQ\u003e\n \u003cTASK\u003e\nasm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702)\nRIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743)\nCode: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 \u003cfa\u003e c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90\nRSP: 0018:ffff888100d2fe00 EFLAGS: 00000246\nRAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123\nRBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d\nR10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000\nR13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000\n? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148)\n? cpuidle_idle_call (kernel/sched/idle.c:186)\ndefault_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118)\ncpuidle_idle_call (kernel/sched/idle.c:186)\n? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168)\n? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406)\n? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59)\ndo_idle (kernel/sched/idle.c:326)\ncpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1))\nstart_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282)\n? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232)\n? soft_restart_cpu (arch/x86/kernel/head_64.S:452)\ncommon_startup_64 (arch/x86/kernel/head_64.S:414)\n \u003c/TASK\u003e\nDec 03 05:46:18 kernel:\nAllocated by task 12184:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69)\n__kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\nkmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141)\ncopy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480)\ncreate_new_namespaces\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56658",
"url": "https://www.suse.com/security/cve/CVE-2024-56658"
},
{
"category": "external",
"summary": "SUSE Bug 1235441 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "external",
"summary": "SUSE Bug 1235442 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-56658"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core-indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Several fixes to bpf_msg_pop_data\n\nSeveral fixes to bpf_msg_pop_data,\n1. In sk_msg_shift_left, we should put_page\n2. if (len == 0), return early is better\n3. pop the entire sk_msg (last == msg-\u003esg.size) should be supported\n4. Fix for the value of variable \"a\"\n5. In sk_msg_shift_left, after shifting, i has already pointed to the next\nelement. Addtional sk_msg_iter_var_next may result in BUG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56720",
"url": "https://www.suse.com/security/cve/CVE-2024-56720"
},
{
"category": "external",
"summary": "SUSE Bug 1235592 for CVE-2024-56720",
"url": "https://bugzilla.suse.com/1235592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56720"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a \u0027possible circular locking dependency detected\u0027 warning\n CPU0 CPU1\n ---- ----\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n\nFix this by temporarily releasing the reset_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57807",
"url": "https://www.suse.com/security/cve/CVE-2024-57807"
},
{
"category": "external",
"summary": "SUSE Bug 1235761 for CVE-2024-57807",
"url": "https://bugzilla.suse.com/1235761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread\n\nsyzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1]\n\nIf dvb-\u003emux is not initialized successfully by vidtv_mux_init() in the\nvidtv_start_streaming(), it will trigger null pointer dereference about mux\nin vidtv_mux_stop_thread().\n\nAdjust the timing of streaming initialization and check it before\nstopping it.\n\n[1]\nKASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]\nCPU: 0 UID: 0 PID: 5842 Comm: syz-executor248 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:vidtv_mux_stop_thread+0x26/0x80 drivers/media/test-drivers/vidtv/vidtv_mux.c:471\nCode: 90 90 90 90 66 0f 1f 00 55 53 48 89 fb e8 82 2e c8 f9 48 8d bb 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 02 7e 3b 0f b6 ab 28 01 00 00 31 ff 89 ee e8\nRSP: 0018:ffffc90003f2faa8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87cfb125\nRDX: 0000000000000025 RSI: ffffffff87d120ce RDI: 0000000000000128\nRBP: ffff888029b8d220 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000003 R12: ffff888029b8d188\nR13: ffffffff8f590aa0 R14: ffffc9000581c5c8 R15: ffff888029a17710\nFS: 00007f7eef5156c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7eef5e635c CR3: 0000000076ca6000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vidtv_stop_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:209 [inline]\n vidtv_stop_feed+0x151/0x250 drivers/media/test-drivers/vidtv/vidtv_bridge.c:252\n dmx_section_feed_stop_filtering+0x90/0x160 drivers/media/dvb-core/dvb_demux.c:1000\n dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270 drivers/media/dvb-core/dmxdev.c:486\n dvb_dmxdev_filter_stop+0x22a/0x3a0 drivers/media/dvb-core/dmxdev.c:559\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3f8/0xb60 fs/file_table.c:450\n task_work_run+0x14e/0x250 kernel/task_work.c:239\n get_signal+0x1d3/0x2610 kernel/signal.c:2790\n arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218\n do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57834",
"url": "https://www.suse.com/security/cve/CVE-2024-57834"
},
{
"category": "external",
"summary": "SUSE Bug 1238993 for CVE-2024-57834",
"url": "https://bugzilla.suse.com/1238993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix TCP options overflow.\n\nSyzbot reported the following splat:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 UID: 0 PID: 5836 Comm: sshd Not tainted 6.13.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\nRIP: 0010:_compound_head include/linux/page-flags.h:242 [inline]\nRIP: 0010:put_page+0x23/0x260 include/linux/mm.h:1552\nCode: 90 90 90 90 90 90 90 55 41 57 41 56 53 49 89 fe 48 bd 00 00 00 00 00 fc ff df e8 f8 5e 12 f8 49 8d 5e 08 48 89 d8 48 c1 e8 03 \u003c80\u003e 3c 28 00 74 08 48 89 df e8 8f c7 78 f8 48 8b 1b 48 89 de 48 83\nRSP: 0000:ffffc90003916c90 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888030458000\nRDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: dffffc0000000000 R08: ffffffff898ca81d R09: 1ffff110054414ac\nR10: dffffc0000000000 R11: ffffed10054414ad R12: 0000000000000007\nR13: ffff88802a20a542 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f34f496e800(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9d6ec9ec28 CR3: 000000004d260000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n skb_page_unref include/linux/skbuff_ref.h:43 [inline]\n __skb_frag_unref include/linux/skbuff_ref.h:56 [inline]\n skb_release_data+0x483/0x8a0 net/core/skbuff.c:1119\n skb_release_all net/core/skbuff.c:1190 [inline]\n __kfree_skb+0x55/0x70 net/core/skbuff.c:1204\n tcp_clean_rtx_queue net/ipv4/tcp_input.c:3436 [inline]\n tcp_ack+0x2442/0x6bc0 net/ipv4/tcp_input.c:4032\n tcp_rcv_state_process+0x8eb/0x44e0 net/ipv4/tcp_input.c:6805\n tcp_v4_do_rcv+0x77d/0xc70 net/ipv4/tcp_ipv4.c:1939\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5672 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5785\n process_backlog+0x662/0x15b0 net/core/dev.c:6117\n __napi_poll+0xcb/0x490 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:7074\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x57/0xc0 arch/x86/kernel/apic/apic.c:1049\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\nRIP: 0033:0x7f34f4519ad5\nCode: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83\nRSP: 002b:00007ffec5b32ce0 EFLAGS: 00000246\nRAX: 0000000000000001 RBX: 00000000000668a0 RCX: 00007f34f4519ad5\nRDX: 00007ffec5b32d00 RSI: 0000000000000004 RDI: 0000564f4bc6cae0\nRBP: 0000564f4bc6b5a0 R08: 0000000000000008 R09: 0000000000000000\nR10: 00007ffec5b32de8 R11: 0000000000000246 R12: 0000564f48ea8aa4\nR13: 0000000000000001 R14: 0000564f48ea93e8 R15: 00007ffec5b32d68\n \u003c/TASK\u003e\n\nEric noted a probable shinfo-\u003enr_frags corruption, which indeed\noccurs.\n\nThe root cause is a buggy MPTCP option len computation in some\ncircumstances: the ADD_ADDR option should be mutually exclusive\nwith DSS since the blamed commit.\n\nStill, mptcp_established_options_add_addr() tries to set the\nrelevant info in mptcp_out_options, if \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57882",
"url": "https://www.suse.com/security/cve/CVE-2024-57882"
},
{
"category": "external",
"summary": "SUSE Bug 1235914 for CVE-2024-57882",
"url": "https://bugzilla.suse.com/1235914"
},
{
"category": "external",
"summary": "SUSE Bug 1235916 for CVE-2024-57882",
"url": "https://bugzilla.suse.com/1235916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-57882"
},
{
"cve": "CVE-2024-57889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking\n\nIf a device uses MCP23xxx IO expander to receive IRQs, the following\nbug can happen:\n\n BUG: sleeping function called from invalid context\n at kernel/locking/mutex.c:283\n in_atomic(): 1, irqs_disabled(): 1, non_block: 0, ...\n preempt_count: 1, expected: 0\n ...\n Call Trace:\n ...\n __might_resched+0x104/0x10e\n __might_sleep+0x3e/0x62\n mutex_lock+0x20/0x4c\n regmap_lock_mutex+0x10/0x18\n regmap_update_bits_base+0x2c/0x66\n mcp23s08_irq_set_type+0x1ae/0x1d6\n __irq_set_trigger+0x56/0x172\n __setup_irq+0x1e6/0x646\n request_threaded_irq+0xb6/0x160\n ...\n\nWe observed the problem while experimenting with a touchscreen driver which\nused MCP23017 IO expander (I2C).\n\nThe regmap in the pinctrl-mcp23s08 driver uses a mutex for protection from\nconcurrent accesses, which is the default for regmaps without .fast_io,\n.disable_locking, etc.\n\nmcp23s08_irq_set_type() calls regmap_update_bits_base(), and the latter\nlocks the mutex.\n\nHowever, __setup_irq() locks desc-\u003elock spinlock before calling these\nfunctions. As a result, the system tries to lock the mutex whole holding\nthe spinlock.\n\nIt seems, the internal regmap locks are not needed in this driver at all.\nmcp-\u003elock seems to protect the regmap from concurrent accesses already,\nexcept, probably, in mcp_pinconf_get/set.\n\nmcp23s08_irq_set_type() and mcp23s08_irq_mask/unmask() are called under\nchip_bus_lock(), which calls mcp23s08_irq_bus_lock(). The latter takes\nmcp-\u003elock and enables regmap caching, so that the potentially slow I2C\naccesses are deferred until chip_bus_unlock().\n\nThe accesses to the regmap from mcp23s08_probe_one() do not need additional\nlocking.\n\nIn all remaining places where the regmap is accessed, except\nmcp_pinconf_get/set(), the driver already takes mcp-\u003elock.\n\nThis patch adds locking in mcp_pinconf_get/set() and disables internal\nlocking in the regmap config. Among other things, it fixes the sleeping\nin atomic context described above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57889",
"url": "https://www.suse.com/security/cve/CVE-2024-57889"
},
{
"category": "external",
"summary": "SUSE Bug 1236573 for CVE-2024-57889",
"url": "https://bugzilla.suse.com/1236573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57889"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: check local interfaces before deleting sdata list\n\nsyzkaller reported a corrupted list in ieee802154_if_remove. [1]\n\nRemove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4\nhardware device from the system.\n\nCPU0\t\t\t\t\tCPU1\n====\t\t\t\t\t====\ngenl_family_rcv_msg_doit\t\tieee802154_unregister_hw\nieee802154_del_iface\t\t\tieee802154_remove_interfaces\nrdev_del_virtual_intf_deprecated\tlist_del(\u0026sdata-\u003elist)\nieee802154_if_remove\nlist_del_rcu\n\nThe net device has been unregistered, since the rcu grace period,\nunregistration must be run before ieee802154_if_remove.\n\nTo avoid this issue, add a check for local-\u003einterfaces before deleting\nsdata list.\n\n[1]\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 6277 Comm: syz-executor157 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:__list_del_entry_valid_or_report+0xf4/0x140 lib/list_debug.c:56\nCode: e8 a1 7e 00 07 90 0f 0b 48 c7 c7 e0 37 60 8c 4c 89 fe e8 8f 7e 00 07 90 0f 0b 48 c7 c7 40 38 60 8c 4c 89 fe e8 7d 7e 00 07 90 \u003c0f\u003e 0b 48 c7 c7 a0 38 60 8c 4c 89 fe e8 6b 7e 00 07 90 0f 0b 48 c7\nRSP: 0018:ffffc9000490f3d0 EFLAGS: 00010246\nRAX: 000000000000004e RBX: dead000000000122 RCX: d211eee56bb28d00\nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\nRBP: ffff88805b278dd8 R08: ffffffff8174a12c R09: 1ffffffff2852f0d\nR10: dffffc0000000000 R11: fffffbfff2852f0e R12: dffffc0000000000\nR13: dffffc0000000000 R14: dead000000000100 R15: ffff88805b278cc0\nFS: 0000555572f94380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000056262e4a3000 CR3: 0000000078496000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n __list_del_entry_valid include/linux/list.h:124 [inline]\n __list_del_entry include/linux/list.h:215 [inline]\n list_del_rcu include/linux/rculist.h:157 [inline]\n ieee802154_if_remove+0x86/0x1e0 net/mac802154/iface.c:687\n rdev_del_virtual_intf_deprecated net/ieee802154/rdev-ops.h:24 [inline]\n ieee802154_del_iface+0x2c0/0x5c0 net/ieee802154/nl-phy.c:323\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:744\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2607\n ___sys_sendmsg net/socket.c:2661 [inline]\n __sys_sendmsg+0x292/0x380 net/socket.c:2690\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57948",
"url": "https://www.suse.com/security/cve/CVE-2024-57948"
},
{
"category": "external",
"summary": "SUSE Bug 1236677 for CVE-2024-57948",
"url": "https://bugzilla.suse.com/1236677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57948"
},
{
"cve": "CVE-2024-57973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user. It comes from\nprocess_responses(). On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug. Use size_add() to prevent this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57973",
"url": "https://www.suse.com/security/cve/CVE-2024-57973"
},
{
"category": "external",
"summary": "SUSE Bug 1238531 for CVE-2024-57973",
"url": "https://bugzilla.suse.com/1238531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Fix potential error pointer dereference in detach_pm()\n\nThe proble is on the first line:\n\n\tif (jpeg-\u003epd_dev[i] \u0026\u0026 !pm_runtime_suspended(jpeg-\u003epd_dev[i]))\n\nIf jpeg-\u003epd_dev[i] is an error pointer, then passing it to\npm_runtime_suspended() will lead to an Oops. The other conditions\ncheck for both error pointers and NULL, but it would be more clear to\nuse the IS_ERR_OR_NULL() check for that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57978",
"url": "https://www.suse.com/security/cve/CVE-2024-57978"
},
{
"category": "external",
"summary": "SUSE Bug 1238523 for CVE-2024-57978",
"url": "https://bugzilla.suse.com/1238523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: Fix a use-after-free\n\nOn a board running ntpd and gpsd, I\u0027m seeing a consistent use-after-free\nin sys_exit() from gpsd when rebooting:\n\n pps pps1: removed\n ------------[ cut here ]------------\n kobject: \u0027(null)\u0027 (00000000db4bec24): is not initialized, yet kobject_put() is being called.\n WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150\n CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1\n Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : kobject_put+0x120/0x150\n lr : kobject_put+0x120/0x150\n sp : ffffffc0803d3ae0\n x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001\n x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440\n x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600\n x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20\n x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n kobject_put+0x120/0x150\n cdev_put+0x20/0x3c\n __fput+0x2c4/0x2d8\n ____fput+0x1c/0x38\n task_work_run+0x70/0xfc\n do_exit+0x2a0/0x924\n do_group_exit+0x34/0x90\n get_signal+0x7fc/0x8c0\n do_signal+0x128/0x13b4\n do_notify_resume+0xdc/0x160\n el0_svc+0xd4/0xf8\n el0t_64_sync_handler+0x140/0x14c\n el0t_64_sync+0x190/0x194\n ---[ end trace 0000000000000000 ]---\n\n...followed by more symptoms of corruption, with similar stacks:\n\n refcount_t: underflow; use-after-free.\n kernel BUG at lib/list_debug.c:62!\n Kernel panic - not syncing: Oops - BUG: Fatal exception\n\nThis happens because pps_device_destruct() frees the pps_device with the\nembedded cdev immediately after calling cdev_del(), but, as the comment\nabove cdev_del() notes, fops for previously opened cdevs are still\ncallable even after cdev_del() returns. I think this bug has always\nbeen there: I can\u0027t explain why it suddenly started happening every time\nI reboot this particular board.\n\nIn commit d953e0e837e6 (\"pps: Fix a use-after free bug when\nunregistering a source.\"), George Spelvin suggested removing the\nembedded cdev. That seems like the simplest way to fix this, so I\u0027ve\nimplemented his suggestion, using __register_chrdev() with pps_idr\nbecoming the source of truth for which minor corresponds to which\ndevice.\n\nBut now that pps_idr defines userspace visibility instead of cdev_add(),\nwe need to be sure the pps-\u003edev refcount can\u0027t reach zero while\nuserspace can still find it again. So, the idr_remove() call moves to\npps_unregister_cdev(), and pps_idr now holds a reference to pps-\u003edev.\n\n pps_core: source serial1 got cdev (251:1)\n \u003c...\u003e\n pps pps1: removed\n pps_core: unregistering pps1\n pps_core: deallocating pps1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57979",
"url": "https://www.suse.com/security/cve/CVE-2024-57979"
},
{
"category": "external",
"summary": "SUSE Bug 1238521 for CVE-2024-57979",
"url": "https://bugzilla.suse.com/1238521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57980",
"url": "https://www.suse.com/security/cve/CVE-2024-57980"
},
{
"category": "external",
"summary": "SUSE Bug 1237911 for CVE-2024-57980",
"url": "https://bugzilla.suse.com/1237911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57981",
"url": "https://www.suse.com/security/cve/CVE-2024-57981"
},
{
"category": "external",
"summary": "SUSE Bug 1237912 for CVE-2024-57981",
"url": "https://bugzilla.suse.com/1237912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Fix assumption that Resolution Multipliers must be in Logical Collections\n\nA report in 2019 by the syzbot fuzzer was found to be connected to two\nerrors in the HID core associated with Resolution Multipliers. One of\nthe errors was fixed by commit ea427a222d8b (\"HID: core: Fix deadloop\nin hid_apply_multiplier.\"), but the other has not been fixed.\n\nThis error arises because hid_apply_multipler() assumes that every\nResolution Multiplier control is contained in a Logical Collection,\ni.e., there\u0027s no way the routine can ever set multiplier_collection to\nNULL. This is in spite of the fact that the function starts with a\nbig comment saying:\n\n\t * \"The Resolution Multiplier control must be contained in the same\n\t * Logical Collection as the control(s) to which it is to be applied.\n\t ...\n\t * If no Logical Collection is\n\t * defined, the Resolution Multiplier is associated with all\n\t * controls in the report.\"\n\t * HID Usage Table, v1.12, Section 4.3.1, p30\n\t *\n\t * Thus, search from the current collection upwards until we find a\n\t * logical collection...\n\nThe comment and the code overlook the possibility that none of the\ncollections found may be a Logical Collection.\n\nThe fix is to set the multiplier_collection pointer to NULL if the\ncollection found isn\u0027t a Logical Collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57986",
"url": "https://www.suse.com/security/cve/CVE-2024-57986"
},
{
"category": "external",
"summary": "SUSE Bug 1237907 for CVE-2024-57986",
"url": "https://bugzilla.suse.com/1237907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: fix off by one in mt7925_load_clc()\n\nThis comparison should be \u003e= instead of \u003e to prevent an out of bounds\nread and write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57990",
"url": "https://www.suse.com/security/cve/CVE-2024-57990"
},
{
"category": "external",
"summary": "SUSE Bug 1237900 for CVE-2024-57990",
"url": "https://bugzilla.suse.com/1237900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check\n\nsyzbot has found a type mismatch between a USB pipe and the transfer\nendpoint, which is triggered by the hid-thrustmaster driver[1].\nThere is a number of similar, already fixed issues [2].\nIn this case as in others, implementing check for endpoint type fixes the issue.\n\n[1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470\n[2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57993",
"url": "https://www.suse.com/security/cve/CVE-2024-57993"
},
{
"category": "external",
"summary": "SUSE Bug 1237894 for CVE-2024-57993",
"url": "https://bugzilla.suse.com/1237894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptr_ring: do not block hard interrupts in ptr_ring_resize_multiple()\n\nJakub added a lockdep_assert_no_hardirq() check in __page_pool_put_page()\nto increase test coverage.\n\nsyzbot found a splat caused by hard irq blocking in\nptr_ring_resize_multiple() [1]\n\nAs current users of ptr_ring_resize_multiple() do not require\nhard irqs being masked, replace it to only block BH.\n\nRename helpers to better reflect they are safe against BH only.\n\n- ptr_ring_resize_multiple() to ptr_ring_resize_multiple_bh()\n- skb_array_resize_multiple() to skb_array_resize_multiple_bh()\n\n[1]\n\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 __page_pool_put_page net/core/page_pool.c:709 [inline]\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nModules linked in:\nCPU: 1 UID: 0 PID: 9150 Comm: syz.1.1052 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:__page_pool_put_page net/core/page_pool.c:709 [inline]\nRIP: 0010:page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nCode: 74 0e e8 7c aa fb f7 eb 43 e8 75 aa fb f7 eb 3c 65 8b 1d 38 a8 6a 76 31 ff 89 de e8 a3 ae fb f7 85 db 74 0b e8 5a aa fb f7 90 \u003c0f\u003e 0b 90 eb 1d 65 8b 1d 15 a8 6a 76 31 ff 89 de e8 84 ae fb f7 85\nRSP: 0018:ffffc9000bda6b58 EFLAGS: 00010083\nRAX: ffffffff8997e523 RBX: 0000000000000000 RCX: 0000000000040000\nRDX: ffffc9000fbd0000 RSI: 0000000000001842 RDI: 0000000000001843\nRBP: 0000000000000000 R08: ffffffff8997df2c R09: 1ffffd40003a000d\nR10: dffffc0000000000 R11: fffff940003a000e R12: ffffea0001d00040\nR13: ffff88802e8a4000 R14: dffffc0000000000 R15: 00000000ffffffff\nFS: 00007fb7aaf716c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa15a0d4b72 CR3: 00000000561b0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tun_ptr_free drivers/net/tun.c:617 [inline]\n __ptr_ring_swap_queue include/linux/ptr_ring.h:571 [inline]\n ptr_ring_resize_multiple_noprof include/linux/ptr_ring.h:643 [inline]\n tun_queue_resize drivers/net/tun.c:3694 [inline]\n tun_device_event+0xaaf/0x1080 drivers/net/tun.c:3714\n notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93\n call_netdevice_notifiers_extack net/core/dev.c:2032 [inline]\n call_netdevice_notifiers net/core/dev.c:2046 [inline]\n dev_change_tx_queue_len+0x158/0x2a0 net/core/dev.c:9024\n do_setlink+0xff6/0x41f0 net/core/rtnetlink.c:2923\n rtnl_setlink+0x40d/0x5a0 net/core/rtnetlink.c:3201\n rtnetlink_rcv_msg+0x73f/0xcf0 net/core/rtnetlink.c:6647\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57994",
"url": "https://www.suse.com/security/cve/CVE-2024-57994"
},
{
"category": "external",
"summary": "SUSE Bug 1237901 for CVE-2024-57994",
"url": "https://bugzilla.suse.com/1237901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57994"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wcn36xx: fix channel survey memory allocation size\n\nKASAN reported a memory allocation issue in wcn-\u003echan_survey\ndue to incorrect size calculation.\nThis commit uses kcalloc to allocate memory for wcn-\u003echan_survey,\nensuring proper initialization and preventing the use of uninitialized\nvalues when there are no frames on the channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57997",
"url": "https://www.suse.com/security/cve/CVE-2024-57997"
},
{
"category": "external",
"summary": "SUSE Bug 1238529 for CVE-2024-57997",
"url": "https://bugzilla.suse.com/1238529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58002",
"url": "https://www.suse.com/security/cve/CVE-2024-58002"
},
{
"category": "external",
"summary": "SUSE Bug 1238503 for CVE-2024-58002",
"url": "https://bugzilla.suse.com/1238503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58005",
"url": "https://www.suse.com/security/cve/CVE-2024-58005"
},
{
"category": "external",
"summary": "SUSE Bug 1237873 for CVE-2024-58005",
"url": "https://bugzilla.suse.com/1237873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()\n\nIn commit 4284c88fff0e (\"PCI: designware-ep: Allow pci_epc_set_bar() update\ninbound map address\") set_bar() was modified to support dynamically\nchanging the backing physical address of a BAR that was already configured.\n\nThis means that set_bar() can be called twice, without ever calling\nclear_bar() (as calling clear_bar() would clear the BAR\u0027s PCI address\nassigned by the host).\n\nThis can only be done if the new BAR size/flags does not differ from the\nexisting BAR configuration. Add these missing checks.\n\nIf we allow set_bar() to set e.g. a new BAR size that differs from the\nexisting BAR size, the new address translation range will be smaller than\nthe BAR size already determined by the host, which would mean that a read\npast the new BAR size would pass the iATU untranslated, which could allow\nthe host to read memory not belonging to the new struct pci_epf_bar.\n\nWhile at it, add comments which clarifies the support for dynamically\nchanging the physical address of a BAR. (Which was also missing.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58006",
"url": "https://www.suse.com/security/cve/CVE-2024-58006"
},
{
"category": "external",
"summary": "SUSE Bug 1238772 for CVE-2024-58006",
"url": "https://bugzilla.suse.com/1238772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It\u0027s always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it\u0027s\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58007",
"url": "https://www.suse.com/security/cve/CVE-2024-58007"
},
{
"category": "external",
"summary": "SUSE Bug 1238511 for CVE-2024-58007",
"url": "https://bugzilla.suse.com/1238511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58009",
"url": "https://www.suse.com/security/cve/CVE-2024-58009"
},
{
"category": "external",
"summary": "SUSE Bug 1238760 for CVE-2024-58009",
"url": "https://bugzilla.suse.com/1238760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58011",
"url": "https://www.suse.com/security/cve/CVE-2024-58011"
},
{
"category": "external",
"summary": "SUSE Bug 1239080 for CVE-2024-58011",
"url": "https://bugzilla.suse.com/1239080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params\n\nEach cpu DAI should associate with a widget. However, the topology might\nnot create the right number of DAI widgets for aggregated amps. And it\nwill cause NULL pointer deference.\nCheck that the DAI widget associated with the CPU DAI is valid to prevent\nNULL pointer deference due to missing DAI widgets in topologies with\naggregated amps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58012",
"url": "https://www.suse.com/security/cve/CVE-2024-58012"
},
{
"category": "external",
"summary": "SUSE Bug 1239104 for CVE-2024-58012",
"url": "https://bugzilla.suse.com/1239104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58013",
"url": "https://www.suse.com/security/cve/CVE-2024-58013"
},
{
"category": "external",
"summary": "SUSE Bug 1239095 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "external",
"summary": "SUSE Bug 1239096 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58014",
"url": "https://www.suse.com/security/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "SUSE Bug 1239109 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "external",
"summary": "SUSE Bug 1239110 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58017",
"url": "https://www.suse.com/security/cve/CVE-2024-58017"
},
{
"category": "external",
"summary": "SUSE Bug 1239112 for CVE-2024-58017",
"url": "https://bugzilla.suse.com/1239112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm: correctly calculate the available space of the GSP cmdq buffer\n\nr535_gsp_cmdq_push() waits for the available page in the GSP cmdq\nbuffer when handling a large RPC request. When it sees at least one\navailable page in the cmdq, it quits the waiting with the amount of\nfree buffer pages in the queue.\n\nUnfortunately, it always takes the [write pointer, buf_size) as\navailable buffer pages before rolling back and wrongly calculates the\nsize of the data should be copied. Thus, it can overwrite the RPC\nrequest that GSP is currently reading, which causes GSP hang due\nto corrupted RPC request:\n\n[ 549.209389] ------------[ cut here ]------------\n[ 549.214010] WARNING: CPU: 8 PID: 6314 at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c:116 r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.225678] Modules linked in: nvkm(E+) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) mlx5_ib(E) amd64_edac(E) edac_mce_amd(E) kvm_amd(E) ib_uverbs(E) kvm(E) ib_core(E) acpi_ipmi(E) ipmi_si(E) mxm_wmi(E) ipmi_devintf(E) rapl(E) i2c_piix4(E) wmi_bmof(E) joydev(E) ptdma(E) acpi_cpufreq(E) k10temp(E) pcspkr(E) ipmi_msghandler(E) xfs(E) libcrc32c(E) ast(E) i2c_algo_bit(E) crct10dif_pclmul(E) drm_shmem_helper(E) nvme_tcp(E) crc32_pclmul(E) ahci(E) drm_kms_helper(E) libahci(E) nvme_fabrics(E) crc32c_intel(E) nvme(E) cdc_ether(E) mlx5_core(E) nvme_core(E) usbnet(E) drm(E) libata(E) ccp(E) ghash_clmulni_intel(E) mii(E) t10_pi(E) mlxfw(E) sp5100_tco(E) psample(E) pci_hyperv_intf(E) wmi(E) dm_multipath(E) sunrpc(E) dm_mirror(E) dm_region_hash(E) dm_log(E) dm_mod(E) be2iscsi(E) bnx2i(E) cnic(E) uio(E) cxgb4i(E) cxgb4(E) tls(E) libcxgbi(E) libcxgb(E) qla4xxx(E)\n[ 549.225752] iscsi_boot_sysfs(E) iscsi_tcp(E) libiscsi_tcp(E) libiscsi(E) scsi_transport_iscsi(E) fuse(E) [last unloaded: gsp_log(E)]\n[ 549.326293] CPU: 8 PID: 6314 Comm: insmod Tainted: G E 6.9.0-rc6+ #1\n[ 549.334039] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 549.341781] RIP: 0010:r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.347343] Code: 08 00 00 89 da c1 e2 0c 48 8d ac 11 00 10 00 00 48 8b 0c 24 48 85 c9 74 1f c1 e0 0c 4c 8d 6d 30 83 e8 30 89 01 e9 68 ff ff ff \u003c0f\u003e 0b 49 c7 c5 92 ff ff ff e9 5a ff ff ff ba ff ff ff ff be c0 0c\n[ 549.366090] RSP: 0018:ffffacbccaaeb7d0 EFLAGS: 00010246\n[ 549.371315] RAX: 0000000000000000 RBX: 0000000000000012 RCX: 0000000000923e28\n[ 549.378451] RDX: 0000000000000000 RSI: 0000000055555554 RDI: ffffacbccaaeb730\n[ 549.385590] RBP: 0000000000000001 R08: ffff8bd14d235f70 R09: ffff8bd14d235f70\n[ 549.392721] R10: 0000000000000002 R11: ffff8bd14d233864 R12: 0000000000000020\n[ 549.399854] R13: ffffacbccaaeb818 R14: 0000000000000020 R15: ffff8bb298c67000\n[ 549.406988] FS: 00007f5179244740(0000) GS:ffff8bd14d200000(0000) knlGS:0000000000000000\n[ 549.415076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 549.420829] CR2: 00007fa844000010 CR3: 00000001567dc005 CR4: 0000000000770ef0\n[ 549.427963] PKRU: 55555554\n[ 549.430672] Call Trace:\n[ 549.433126] \u003cTASK\u003e\n[ 549.435233] ? __warn+0x7f/0x130\n[ 549.438473] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.443426] ? report_bug+0x18a/0x1a0\n[ 549.447098] ? handle_bug+0x3c/0x70\n[ 549.450589] ? exc_invalid_op+0x14/0x70\n[ 549.454430] ? asm_exc_invalid_op+0x16/0x20\n[ 549.458619] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.463565] r535_gsp_msg_recv+0x46/0x230 [nvkm]\n[ 549.468257] r535_gsp_rpc_push+0x106/0x160 [nvkm]\n[ 549.473033] r535_gsp_rpc_rm_ctrl_push+0x40/0x130 [nvkm]\n[ 549.478422] nvidia_grid_init_vgpu_types+0xbc/0xe0 [nvkm]\n[ 549.483899] nvidia_grid_init+0xb1/0xd0 [nvkm]\n[ 549.488420] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 549.493213] nvkm_device_pci_probe+0x305/0x420 [nvkm]\n[ 549.498338] local_pci_probe+0x46/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58018",
"url": "https://www.suse.com/security/cve/CVE-2024-58018"
},
{
"category": "external",
"summary": "SUSE Bug 1238990 for CVE-2024-58018",
"url": "https://bugzilla.suse.com/1238990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58018"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()\n\nAs of_find_node_by_name() release the reference of the argument device\nnode, tegra_emc_find_node_by_ram_code() releases some device nodes while\nstill in use, resulting in possible UAFs. According to the bindings and\nthe in-tree DTS files, the \"emc-tables\" node is always device\u0027s child\nnode with the property \"nvidia,use-ram-code\", and the \"lpddr2\" node is a\nchild of the \"emc-tables\" node. Thus utilize the\nfor_each_child_of_node() macro and of_get_child_by_name() instead of\nof_find_node_by_name() to simplify the code.\n\nThis bug was found by an experimental verification tool that I am\ndeveloping.\n\n[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58034",
"url": "https://www.suse.com/security/cve/CVE-2024-58034"
},
{
"category": "external",
"summary": "SUSE Bug 1238773 for CVE-2024-58034",
"url": "https://bugzilla.suse.com/1238773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: ipmb: Add check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this\nreturned value is not checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58051",
"url": "https://www.suse.com/security/cve/CVE-2024-58051"
},
{
"category": "external",
"summary": "SUSE Bug 1238963 for CVE-2024-58051",
"url": "https://bugzilla.suse.com/1238963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58052",
"url": "https://www.suse.com/security/cve/CVE-2024-58052"
},
{
"category": "external",
"summary": "SUSE Bug 1238986 for CVE-2024-58052",
"url": "https://bugzilla.suse.com/1238986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: max96712: fix kernel oops when removing module\n\nThe following kernel oops is thrown when trying to remove the max96712\nmodule:\n\nUnable to handle kernel paging request at virtual address 00007375746174db\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000\n[00007375746174db] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan\n snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2\n imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev\n snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils\n max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse\n [last unloaded: imx8_isi]\nCPU: 0 UID: 0 PID: 754 Comm: rmmod\n\t Tainted: G C 6.12.0-rc6-06364-g327fec852c31 #17\nTainted: [C]=CRAP\nHardware name: NXP i.MX95 19X19 board (DT)\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : led_put+0x1c/0x40\nlr : v4l2_subdev_put_privacy_led+0x48/0x58\nsp : ffff80008699bbb0\nx29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000\nx26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8\nx20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000\nx11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010\nx8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\nx5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1\nx2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473\nCall trace:\n led_put+0x1c/0x40\n v4l2_subdev_put_privacy_led+0x48/0x58\n v4l2_async_unregister_subdev+0x2c/0x1a4\n max96712_remove+0x1c/0x38 [max96712]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x4c/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n max96712_i2c_driver_exit+0x18/0x1d0 [max96712]\n __arm64_sys_delete_module+0x1a4/0x290\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xd8\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\nCode: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400)\n---[ end trace 0000000000000000 ]---\n\nThis happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata()\nis called again and the data is overwritten to point to sd, instead of\npriv. So, in remove(), the wrong pointer is passed to\nv4l2_async_unregister_subdev(), leading to a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58054",
"url": "https://www.suse.com/security/cve/CVE-2024-58054"
},
{
"category": "external",
"summary": "SUSE Bug 1238975 for CVE-2024-58054",
"url": "https://bugzilla.suse.com/1238975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don\u0027t free command immediately\n\nDon\u0027t prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58055",
"url": "https://www.suse.com/security/cve/CVE-2024-58055"
},
{
"category": "external",
"summary": "SUSE Bug 1238959 for CVE-2024-58055",
"url": "https://bugzilla.suse.com/1238959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been initialized to 0.\nida_free() is called reporting a warning:\n[ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[ 4.188854] ida_free called for id=0 which is not allocated.\n[ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[ 4.231481] Hardware name: STM32 (Device Tree Support)\n[ 4.236627] Workqueue: events_unbound deferred_probe_work_func\n[ 4.242504] Call trace:\n[ 4.242522] unwind_backtrace from show_stack+0x10/0x14\n[ 4.250218] show_stack from dump_stack_lvl+0x50/0x64\n[ 4.255274] dump_stack_lvl from __warn+0x80/0x12c\n[ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188\n[ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164\n[ 4.270565] ida_free from rproc_type_release+0x38/0x60\n[ 4.275832] rproc_type_release from device_release+0x30/0xa0\n[ 4.281601] device_release from kobject_put+0xc4/0x294\n[ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c\n[ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58056",
"url": "https://www.suse.com/security/cve/CVE-2024-58056"
},
{
"category": "external",
"summary": "SUSE Bug 1238981 for CVE-2024-58056",
"url": "https://bugzilla.suse.com/1238981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert workqueues to unbound\n\nWhen a workqueue is created with `WQ_UNBOUND`, its work items are\nserved by special worker-pools, whose host workers are not bound to\nany specific CPU. In the default configuration (i.e. when\n`queue_delayed_work` and friends do not specify which CPU to run the\nwork item on), `WQ_UNBOUND` allows the work item to be executed on any\nCPU in the same node of the CPU it was enqueued on. While this\nsolution potentially sacrifices locality, it avoids contention with\nother processes that might dominate the CPU time of the processor the\nwork item was scheduled on.\n\nThis is not just a theoretical problem: in a particular scenario\nmisconfigured process was hogging most of the time from CPU0, leaving\nless than 0.5% of its CPU time to the kworker. The IDPF workqueues\nthat were using the kworker on CPU0 suffered large completion delays\nas a result, causing performance degradation, timeouts and eventual\nsystem crash.\n\n\n* I have also run a manual test to gauge the performance\n improvement. The test consists of an antagonist process\n (`./stress --cpu 2`) consuming as much of CPU 0 as possible. This\n process is run under `taskset 01` to bind it to CPU0, and its\n priority is changed with `chrt -pQ 9900 10000 ${pid}` and\n `renice -n -20 ${pid}` after start.\n\n Then, the IDPF driver is forced to prefer CPU0 by editing all calls\n to `queue_delayed_work`, `mod_delayed_work`, etc... to use CPU 0.\n\n Finally, `ktraces` for the workqueue events are collected.\n\n Without the current patch, the antagonist process can force\n arbitrary delays between `workqueue_queue_work` and\n `workqueue_execute_start`, that in my tests were as high as\n `30ms`. With the current patch applied, the workqueue can be\n migrated to another unloaded CPU in the same node, and, keeping\n everything else equal, the maximum delay I could see was `6us`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58057",
"url": "https://www.suse.com/security/cve/CVE-2024-58057"
},
{
"category": "external",
"summary": "SUSE Bug 1238969 for CVE-2024-58057",
"url": "https://bugzilla.suse.com/1238969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58058",
"url": "https://www.suse.com/security/cve/CVE-2024-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1238979 for CVE-2024-58058",
"url": "https://bugzilla.suse.com/1238979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58061",
"url": "https://www.suse.com/security/cve/CVE-2024-58061"
},
{
"category": "external",
"summary": "SUSE Bug 1238973 for CVE-2024-58061",
"url": "https://bugzilla.suse.com/1238973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58063",
"url": "https://www.suse.com/security/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "SUSE Bug 1238984 for CVE-2024-58063",
"url": "https://bugzilla.suse.com/1238984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read\n\nThe nvmem interface supports variable buffer sizes, while the regmap\ninterface operates with fixed-size storage. If an nvmem client uses a\nbuffer size less than 4 bytes, regmap_read will write out of bounds\nas it expects the buffer to point at an unsigned int.\n\nFix this by using an intermediary unsigned int to hold the value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58069",
"url": "https://www.suse.com/security/cve/CVE-2024-58069"
},
{
"category": "external",
"summary": "SUSE Bug 1238978 for CVE-2024-58069",
"url": "https://bugzilla.suse.com/1238978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: prevent adding a device which is already a team device lower\n\nPrevent adding a device which is already a team device lower,\ne.g. adding veth0 if vlan1 was already added and veth0 is a lower of\nvlan1.\n\nThis is not useful in practice and can lead to recursive locking:\n\n$ ip link add veth0 type veth peer name veth1\n$ ip link set veth0 up\n$ ip link set veth1 up\n$ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1\n$ ip link add team0 type team\n$ ip link set veth0.1 down\n$ ip link set veth0.1 master team0\nteam0: Port device veth0.1 added\n$ ip link set veth0 down\n$ ip link set veth0 master team0\n\n============================================\nWARNING: possible recursive locking detected\n6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted\n--------------------------------------------\nip/7684 is trying to acquire lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n\nbut task is already holding lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977)\n\nother info that might help us debug this:\nPossible unsafe locking scenario:\n\nCPU0\n----\nlock(team-\u003eteam_lock_key);\nlock(team-\u003eteam_lock_key);\n\n*** DEADLOCK ***\n\nMay be due to missing lock nesting notation\n\n2 locks held by ip/7684:\n\nstack backtrace:\nCPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:122)\nprint_deadlock_bug.cold (kernel/locking/lockdep.c:3040)\n__lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226)\n? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548)\nlock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2))\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? lock_acquire (kernel/locking/lockdep.c:5822)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n__mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? fib_sync_up (net/ipv4/fib_semantics.c:2167)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nteam_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\n__dev_notify_flags (net/core/dev.c:8993)\n? __dev_change_flags (net/core/dev.c:8975)\ndev_change_flags (net/core/dev.c:9027)\nvlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470)\n? br_device_event (net/bridge/br.c:143)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\ndev_open (net/core/dev.c:1519 net/core/dev.c:1505)\nteam_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977)\n? __pfx_team_add_slave (drivers/net/team/team_core.c:1972)\ndo_set_master (net/core/rtnetlink.c:2917)\ndo_setlink.isra.0 (net/core/rtnetlink.c:3117)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58071",
"url": "https://www.suse.com/security/cve/CVE-2024-58071"
},
{
"category": "external",
"summary": "SUSE Bug 1238970 for CVE-2024-58071",
"url": "https://bugzilla.suse.com/1238970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58071"
},
{
"cve": "CVE-2024-58072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58072",
"url": "https://www.suse.com/security/cve/CVE-2024-58072"
},
{
"category": "external",
"summary": "SUSE Bug 1238964 for CVE-2024-58072",
"url": "https://bugzilla.suse.com/1238964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58076",
"url": "https://www.suse.com/security/cve/CVE-2024-58076"
},
{
"category": "external",
"summary": "SUSE Bug 1239037 for CVE-2024-58076",
"url": "https://bugzilla.suse.com/1239037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n\u003e \u003e WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n\u003e \u003e ida_free called for id=127 which is not allocated.\n\u003e \u003e \u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\n...\n\u003e \u003e [\u003c60941eb4\u003e] ida_free+0x3e0/0x41f\n\u003e \u003e [\u003c605ac993\u003e] misc_minor_free+0x3e/0xbc\n\u003e \u003e [\u003c605acb82\u003e] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58078",
"url": "https://www.suse.com/security/cve/CVE-2024-58078"
},
{
"category": "external",
"summary": "SUSE Bug 1239034 for CVE-2024-58078",
"url": "https://bugzilla.suse.com/1239034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58079",
"url": "https://www.suse.com/security/cve/CVE-2024-58079"
},
{
"category": "external",
"summary": "SUSE Bug 1239029 for CVE-2024-58079",
"url": "https://bugzilla.suse.com/1239029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58080",
"url": "https://www.suse.com/security/cve/CVE-2024-58080"
},
{
"category": "external",
"summary": "SUSE Bug 1239027 for CVE-2024-58080",
"url": "https://bugzilla.suse.com/1239027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don\u0027t emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58085",
"url": "https://www.suse.com/security/cve/CVE-2024-58085"
},
{
"category": "external",
"summary": "SUSE Bug 1239085 for CVE-2024-58085",
"url": "https://bugzilla.suse.com/1239085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58086",
"url": "https://www.suse.com/security/cve/CVE-2024-58086"
},
{
"category": "external",
"summary": "SUSE Bug 1239038 for CVE-2024-58086",
"url": "https://bugzilla.suse.com/1239038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2025-21631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix waker_bfqq UAF after bfq_split_bfqq()\n\nOur syzkaller report a following UAF for v6.6:\n\nBUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\nRead of size 8 at addr ffff8881b57147d8 by task fsstress/232726\n\nCPU: 2 PID: 232726 Comm: fsstress Not tainted 6.6.0-g3629d1885222 #39\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\n print_report+0x3e/0x70 mm/kasan/report.c:475\n kasan_report+0xb8/0xf0 mm/kasan/report.c:588\n hlist_add_head include/linux/list.h:1023 [inline]\n bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh+0x15e/0x2e0 fs/ext4/super.c:230\n __read_extent_tree_block+0x304/0x6f0 fs/ext4/extents.c:567\n ext4_find_extent+0x479/0xd20 fs/ext4/extents.c:947\n ext4_ext_map_blocks+0x1a3/0x2680 fs/ext4/extents.c:4182\n ext4_map_blocks+0x929/0x15a0 fs/ext4/inode.c:660\n ext4_iomap_begin_report+0x298/0x480 fs/ext4/inode.c:3569\n iomap_iter+0x3dd/0x1010 fs/iomap/iter.c:91\n iomap_fiemap+0x1f4/0x360 fs/iomap/fiemap.c:80\n ext4_fiemap+0x181/0x210 fs/ext4/extents.c:5051\n ioctl_fiemap.isra.0+0x1b4/0x290 fs/ioctl.c:220\n do_vfs_ioctl+0x31c/0x11a0 fs/ioctl.c:811\n __do_sys_ioctl fs/ioctl.c:869 [inline]\n __se_sys_ioctl+0xae/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nAllocated by task 232719:\n kasan_save_stack+0x22/0x50 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:768 [inline]\n slab_alloc_node mm/slub.c:3492 [inline]\n kmem_cache_alloc_node+0x1b8/0x6f0 mm/slub.c:3537\n bfq_get_queue+0x215/0x1f00 block/bfq-iosched.c:5869\n bfq_get_bfqq_handle_split+0x167/0x5f0 block/bfq-iosched.c:6776\n bfq_init_rq+0x13a4/0x17a0 block/bfq-iosched.c:6938\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh_nowait+0x15a/0x240 fs/ext4/super.c:217\n ext4_read_bh_lock+0xac/0xd0 fs/ext4/super.c:242\n ext4_bread_batch+0x268/0x500 fs/ext4/inode.c:958\n __ext4_find_entry+0x448/0x10f0 fs/ext4/namei.c:1671\n ext4_lookup_entry fs/ext4/namei.c:1774 [inline]\n ext4_lookup.part.0+0x359/0x6f0 fs/ext4/namei.c:1842\n ext4_lookup+0x72/0x90 fs/ext4/namei.c:1839\n __lookup_slow+0x257/0x480 fs/namei.c:1696\n lookup_slow fs/namei.c:1713 [inline]\n walk_component+0x454/0x5c0 fs/namei.c:2004\n link_path_walk.part.0+0x773/0xda0 fs/namei.c:2331\n link_path_walk fs/namei.c:3826 [inline]\n path_openat+0x1b9/0x520 fs/namei.c:3826\n do_filp_open+0x1b7/0x400 fs/namei.c:3857\n do_sys_openat2+0x5dc/0x6e0 fs/open.c:1428\n do_sys_open fs/open.c:1443 [inline]\n __do_sys_openat fs/open.c:1459 [inline]\n __se_sys_openat fs/open.c:1454 [inline]\n __x64_sys_openat+0x148/0x200 fs/open.c:1454\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_6\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21631",
"url": "https://www.suse.com/security/cve/CVE-2025-21631"
},
{
"category": "external",
"summary": "SUSE Bug 1236099 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "external",
"summary": "SUSE Bug 1236100 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: plpmtud_probe_interval: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.probe_interval\u0027 is\nused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21636",
"url": "https://www.suse.com/security/cve/CVE-2025-21636"
},
{
"category": "external",
"summary": "SUSE Bug 1236113 for CVE-2025-21636",
"url": "https://bugzilla.suse.com/1236113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21636"
},
{
"cve": "CVE-2025-21637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: udp_port: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21637",
"url": "https://www.suse.com/security/cve/CVE-2025-21637"
},
{
"category": "external",
"summary": "SUSE Bug 1236114 for CVE-2025-21637",
"url": "https://bugzilla.suse.com/1236114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21637"
},
{
"cve": "CVE-2025-21638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21638",
"url": "https://www.suse.com/security/cve/CVE-2025-21638"
},
{
"category": "external",
"summary": "SUSE Bug 1236115 for CVE-2025-21638",
"url": "https://bugzilla.suse.com/1236115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: rto_min/max: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.rto_min/max\u0027 is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21639",
"url": "https://www.suse.com/security/cve/CVE-2025-21639"
},
{
"category": "external",
"summary": "SUSE Bug 1236122 for CVE-2025-21639",
"url": "https://bugzilla.suse.com/1236122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.sctp_hmac_alg\u0027 is\nused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21640",
"url": "https://www.suse.com/security/cve/CVE-2025-21640"
},
{
"category": "external",
"summary": "SUSE Bug 1236123 for CVE-2025-21640",
"url": "https://bugzilla.suse.com/1236123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: sch_cake: add bounds checks to host bulk flow fairness counts\n\nEven though we fixed a logic error in the commit cited below, syzbot\nstill managed to trigger an underflow of the per-host bulk flow\ncounters, leading to an out of bounds memory access.\n\nTo avoid any such logic errors causing out of bounds memory accesses,\nthis commit factors out all accesses to the per-host bulk flow counters\nto a series of helpers that perform bounds-checking before any\nincrements and decrements. This also has the benefit of improving\nreadability by moving the conditional checks for the flow mode into\nthese helpers, instead of having them spread out throughout the\ncode (which was the cause of the original logic error).\n\nAs part of this change, the flow quantum calculation is consolidated\ninto a helper function, which means that the dithering applied to the\nost load scaling is now applied both in the DRR rotation and when a\nsparse flow\u0027s quantum is first initiated. The only user-visible effect\nof this is that the maximum packet size that can be sent while a flow\nstays sparse will now vary with +/- one byte in some cases. This should\nnot make a noticeable difference in practice, and thus it\u0027s not worth\ncomplicating the code to preserve the old behaviour.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21647",
"url": "https://www.suse.com/security/cve/CVE-2025-21647"
},
{
"category": "external",
"summary": "SUSE Bug 1236133 for CVE-2025-21647",
"url": "https://bugzilla.suse.com/1236133"
},
{
"category": "external",
"summary": "SUSE Bug 1236134 for CVE-2025-21647",
"url": "https://bugzilla.suse.com/1236134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21647"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: avoid truncating 64-bit offset to 32 bits\n\nOn 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a\n64-bit value to 32 bits, leading to a possible infinite loop when writing\nto an xfs filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21665",
"url": "https://www.suse.com/security/cve/CVE-2025-21665"
},
{
"category": "external",
"summary": "SUSE Bug 1236684 for CVE-2025-21665",
"url": "https://bugzilla.suse.com/1236684"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21665"
},
{
"cve": "CVE-2025-21666",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21666"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: prevent null-ptr-deref in vsock_*[has_data|has_space]\n\nRecent reports have shown how we sometimes call vsock_*_has_data()\nwhen a vsock socket has been de-assigned from a transport (see attached\nlinks), but we shouldn\u0027t.\n\nPrevious commits should have solved the real problems, but we may have\nmore in the future, so to avoid null-ptr-deref, we can return 0\n(no space, no data available) but with a warning.\n\nThis way the code should continue to run in a nearly consistent state\nand have a warning that allows us to debug future problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21666",
"url": "https://www.suse.com/security/cve/CVE-2025-21666"
},
{
"category": "external",
"summary": "SUSE Bug 1236680 for CVE-2025-21666",
"url": "https://bugzilla.suse.com/1236680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21666"
},
{
"cve": "CVE-2025-21667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: avoid avoid truncating 64-bit offset to 32 bits\n\non 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a\n32-bit position due to folio_next_index() returning an unsigned long.\nThis could lead to an infinite loop when writing to an xfs filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21667",
"url": "https://www.suse.com/security/cve/CVE-2025-21667"
},
{
"category": "external",
"summary": "SUSE Bug 1236681 for CVE-2025-21667",
"url": "https://bugzilla.suse.com/1236681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21667"
},
{
"cve": "CVE-2025-21668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: add missing loop break condition\n\nCurrently imx8mp_blk_ctrl_remove() will continue the for loop\nuntil an out-of-bounds exception occurs.\n\npstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : dev_pm_domain_detach+0x8/0x48\nlr : imx8mp_blk_ctrl_shutdown+0x58/0x90\nsp : ffffffc084f8bbf0\nx29: ffffffc084f8bbf0 x28: ffffff80daf32ac0 x27: 0000000000000000\nx26: ffffffc081658d78 x25: 0000000000000001 x24: ffffffc08201b028\nx23: ffffff80d0db9490 x22: ffffffc082340a78 x21: 00000000000005b0\nx20: ffffff80d19bc180 x19: 000000000000000a x18: ffffffffffffffff\nx17: ffffffc080a39e08 x16: ffffffc080a39c98 x15: 4f435f464f006c72\nx14: 0000000000000004 x13: ffffff80d0172110 x12: 0000000000000000\nx11: ffffff80d0537740 x10: ffffff80d05376c0 x9 : ffffffc0808ed2d8\nx8 : ffffffc084f8bab0 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : ffffff80d19b9420 x4 : fffffffe03466e60 x3 : 0000000080800077\nx2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000\nCall trace:\n dev_pm_domain_detach+0x8/0x48\n platform_shutdown+0x2c/0x48\n device_shutdown+0x158/0x268\n kernel_restart_prepare+0x40/0x58\n kernel_kexec+0x58/0xe8\n __do_sys_reboot+0x198/0x258\n __arm64_sys_reboot+0x2c/0x40\n invoke_syscall+0x5c/0x138\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x38/0xc8\n el0t_64_sync_handler+0x120/0x130\n el0t_64_sync+0x190/0x198\nCode: 8128c2d0 ffffffc0 aa1e03e9 d503201f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21668",
"url": "https://www.suse.com/security/cve/CVE-2025-21668"
},
{
"category": "external",
"summary": "SUSE Bug 1236682 for CVE-2025-21668",
"url": "https://bugzilla.suse.com/1236682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21668"
},
{
"cve": "CVE-2025-21669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: discard packets if the transport changes\n\nIf the socket has been de-assigned or assigned to another transport,\nwe must discard any packets received because they are not expected\nand would cause issues when we access vsk-\u003etransport.\n\nA possible scenario is described by Hyunwoo Kim in the attached link,\nwhere after a first connect() interrupted by a signal, and a second\nconnect() failed, we can find `vsk-\u003etransport` at NULL, leading to a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21669",
"url": "https://www.suse.com/security/cve/CVE-2025-21669"
},
{
"category": "external",
"summary": "SUSE Bug 1236683 for CVE-2025-21669",
"url": "https://bugzilla.suse.com/1236683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21669"
},
{
"cve": "CVE-2025-21670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/bpf: return early if transport is not assigned\n\nSome of the core functions can only be called if the transport\nhas been assigned.\n\nAs Michal reported, a socket might have the transport at NULL,\nfor example after a failed connect(), causing the following trace:\n\n BUG: kernel NULL pointer dereference, address: 00000000000000a0\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 12faf8067 P4D 12faf8067 PUD 113670067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 15 UID: 0 PID: 1198 Comm: a.out Not tainted 6.13.0-rc2+\n RIP: 0010:vsock_connectible_has_data+0x1f/0x40\n Call Trace:\n vsock_bpf_recvmsg+0xca/0x5e0\n sock_recvmsg+0xb9/0xc0\n __sys_recvfrom+0xb3/0x130\n __x64_sys_recvfrom+0x20/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nSo we need to check the `vsk-\u003etransport` in vsock_bpf_recvmsg(),\nespecially for connected sockets (stream/seqpacket) as we already\ndo in __vsock_connectible_recvmsg().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21670",
"url": "https://www.suse.com/security/cve/CVE-2025-21670"
},
{
"category": "external",
"summary": "SUSE Bug 1236685 for CVE-2025-21670",
"url": "https://bugzilla.suse.com/1236685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21670"
},
{
"cve": "CVE-2025-21671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram-\u003etable without\nsetting it NULL. Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21671",
"url": "https://www.suse.com/security/cve/CVE-2025-21671"
},
{
"category": "external",
"summary": "SUSE Bug 1236692 for CVE-2025-21671",
"url": "https://bugzilla.suse.com/1236692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double free of TCP_Server_Info::hostname\n\nWhen shutting down the server in cifs_put_tcp_session(), cifsd thread\nmight be reconnecting to multiple DFS targets before it realizes it\nshould exit the loop, so @server-\u003ehostname can\u0027t be freed as long as\ncifsd thread isn\u0027t done. Otherwise the following can happen:\n\n RIP: 0010:__slab_free+0x223/0x3c0\n Code: 5e 41 5f c3 cc cc cc cc 4c 89 de 4c 89 cf 44 89 44 24 08 4c 89\n 1c 24 e8 fb cf 8e 00 44 8b 44 24 08 4c 8b 1c 24 e9 5f fe ff ff \u003c0f\u003e\n 0b 41 f7 45 08 00 0d 21 00 0f 85 2d ff ff ff e9 1f ff ff ff 80\n RSP: 0018:ffffb26180dbfd08 EFLAGS: 00010246\n RAX: ffff8ea34728e510 RBX: ffff8ea34728e500 RCX: 0000000000800068\n RDX: 0000000000800068 RSI: 0000000000000000 RDI: ffff8ea340042400\n RBP: ffffe112041ca380 R08: 0000000000000001 R09: 0000000000000000\n R10: 6170732e31303000 R11: 70726f632e786563 R12: ffff8ea34728e500\n R13: ffff8ea340042400 R14: ffff8ea34728e500 R15: 0000000000800068\n FS: 0000000000000000(0000) GS:ffff8ea66fd80000(0000)\n 000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc25376080 CR3: 000000012a2ba001 CR4:\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __reconnect_target_unlocked+0x3e/0x160 [cifs]\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0xce/0x120\n ? __slab_free+0x223/0x3c0\n ? do_error_trap+0x65/0x80\n ? __slab_free+0x223/0x3c0\n ? exc_invalid_op+0x4e/0x70\n ? __slab_free+0x223/0x3c0\n ? asm_exc_invalid_op+0x16/0x20\n ? __slab_free+0x223/0x3c0\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? __kmalloc+0x4b/0x140\n __reconnect_target_unlocked+0x3e/0x160 [cifs]\n reconnect_dfs_server+0x145/0x430 [cifs]\n cifs_handle_standard+0x1ad/0x1d0 [cifs]\n cifs_demultiplex_thread+0x592/0x730 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21673",
"url": "https://www.suse.com/security/cve/CVE-2025-21673"
},
{
"category": "external",
"summary": "SUSE Bug 1236689 for CVE-2025-21673",
"url": "https://bugzilla.suse.com/1236689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21673"
},
{
"cve": "CVE-2025-21675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Clear port select structure when fail to create\n\nClear the port select structure on error so no stale values left after\ndefiners are destroyed. That\u0027s because the mlx5_lag_destroy_definers()\nalways try to destroy all lag definers in the tt_map, so in the flow\nbelow lag definers get double-destroyed and cause kernel crash:\n\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() \u003c- Failed on tt 1\n mlx5_lag_destroy_definers() \u003c- definers[tt=0] gets destroyed\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() \u003c- Failed on tt 0\n mlx5_lag_destroy_definers() \u003c- definers[tt=0] gets double-destroyed\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008\n Mem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 64k pages, 48-bit VAs, pgdp=0000000112ce2e00\n [0000000000000008] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n Modules linked in: iptable_raw bonding ip_gre ip6_gre gre ip6_tunnel tunnel6 geneve ip6_udp_tunnel udp_tunnel ipip tunnel4 ip_tunnel rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) mlx5_fwctl(OE) fwctl(OE) mlx5_core(OE) mlxdevm(OE) ib_core(OE) mlxfw(OE) memtrack(OE) mlx_compat(OE) openvswitch nsh nf_conncount psample xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc netconsole overlay efi_pstore sch_fq_codel zram ip_tables crct10dif_ce qemu_fw_cfg fuse ipv6 crc_ccitt [last unloaded: mlx_compat(OE)]\n CPU: 3 UID: 0 PID: 217 Comm: kworker/u53:2 Tainted: G OE 6.11.0+ #2\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n Workqueue: mlx5_lag mlx5_do_bond_work [mlx5_core]\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n lr : mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n sp : ffff800085fafb00\n x29: ffff800085fafb00 x28: ffff0000da0c8000 x27: 0000000000000000\n x26: ffff0000da0c8000 x25: ffff0000da0c8000 x24: ffff0000da0c8000\n x23: ffff0000c31f81a0 x22: 0400000000000000 x21: ffff0000da0c8000\n x20: 0000000000000000 x19: 0000000000000001 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffff8b0c9350\n x14: 0000000000000000 x13: ffff800081390d18 x12: ffff800081dc3cc0\n x11: 0000000000000001 x10: 0000000000000b10 x9 : ffff80007ab7304c\n x8 : ffff0000d00711f0 x7 : 0000000000000004 x6 : 0000000000000190\n x5 : ffff00027edb3010 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : ffff0000d39b8000 x1 : ffff0000d39b8000 x0 : 0400000000000000\n Call trace:\n mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n mlx5_lag_destroy_definers+0xa0/0x108 [mlx5_core]\n mlx5_lag_port_sel_create+0x2d4/0x6f8 [mlx5_core]\n mlx5_activate_lag+0x60c/0x6f8 [mlx5_core]\n mlx5_do_bond_work+0x284/0x5c8 [mlx5_core]\n process_one_work+0x170/0x3e0\n worker_thread+0x2d8/0x3e0\n kthread+0x11c/0x128\n ret_from_fork+0x10/0x20\n Code: a9025bf5 aa0003f6 a90363f7 f90023f9 (f9400400)\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21675",
"url": "https://www.suse.com/security/cve/CVE-2025-21675"
},
{
"category": "external",
"summary": "SUSE Bug 1236694 for CVE-2025-21675",
"url": "https://bugzilla.suse.com/1236694"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21675"
},
{
"cve": "CVE-2025-21678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Destroy device along with udp socket\u0027s netns dismantle.\n\ngtp_newlink() links the device to a list in dev_net(dev) instead of\nsrc_net, where a udp tunnel socket is created.\n\nEven when src_net is removed, the device stays alive on dev_net(dev).\nThen, removing src_net triggers the splat below. [0]\n\nIn this example, gtp0 is created in ns2, and the udp socket is created\nin ns1.\n\n ip netns add ns1\n ip netns add ns2\n ip -n ns1 link add netns ns2 name gtp0 type gtp role sgsn\n ip netns del ns1\n\nLet\u0027s link the device to the socket\u0027s netns instead.\n\nNow, gtp_net_exit_batch_rtnl() needs another netdev iteration to remove\nall gtp devices in the netns.\n\n[0]:\nref_tracker: net notrefcnt@000000003d6e7d05 has 1/2 users at\n sk_alloc (./include/net/net_namespace.h:345 net/core/sock.c:2236)\n inet_create (net/ipv4/af_inet.c:326 net/ipv4/af_inet.c:252)\n __sock_create (net/socket.c:1558)\n udp_sock_create4 (net/ipv4/udp_tunnel_core.c:18)\n gtp_create_sock (./include/net/udp_tunnel.h:59 drivers/net/gtp.c:1423)\n gtp_create_sockets (drivers/net/gtp.c:1447)\n gtp_newlink (drivers/net/gtp.c:1507)\n rtnl_newlink (net/core/rtnetlink.c:3786 net/core/rtnetlink.c:3897 net/core/rtnetlink.c:4012)\n rtnetlink_rcv_msg (net/core/rtnetlink.c:6922)\n netlink_rcv_skb (net/netlink/af_netlink.c:2542)\n netlink_unicast (net/netlink/af_netlink.c:1321 net/netlink/af_netlink.c:1347)\n netlink_sendmsg (net/netlink/af_netlink.c:1891)\n ____sys_sendmsg (net/socket.c:711 net/socket.c:726 net/socket.c:2583)\n ___sys_sendmsg (net/socket.c:2639)\n __sys_sendmsg (net/socket.c:2669)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n\nWARNING: CPU: 1 PID: 60 at lib/ref_tracker.c:179 ref_tracker_dir_exit (lib/ref_tracker.c:179)\nModules linked in:\nCPU: 1 UID: 0 PID: 60 Comm: kworker/u16:2 Not tainted 6.13.0-rc5-00147-g4c1224501e9d #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:ref_tracker_dir_exit (lib/ref_tracker.c:179)\nCode: 00 00 00 fc ff df 4d 8b 26 49 bd 00 01 00 00 00 00 ad de 4c 39 f5 0f 85 df 00 00 00 48 8b 74 24 08 48 89 df e8 a5 cc 12 02 90 \u003c0f\u003e 0b 90 48 8d 6b 44 be 04 00 00 00 48 89 ef e8 80 de 67 ff 48 89\nRSP: 0018:ff11000009a07b60 EFLAGS: 00010286\nRAX: 0000000000002bd3 RBX: ff1100000f4e1aa0 RCX: 1ffffffff0e40ac6\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8423ee3c\nRBP: ff1100000f4e1af0 R08: 0000000000000001 R09: fffffbfff0e395ae\nR10: 0000000000000001 R11: 0000000000036001 R12: ff1100000f4e1af0\nR13: dead000000000100 R14: ff1100000f4e1af0 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ff1100006ce80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9b2464bd98 CR3: 0000000005286005 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn (kernel/panic.c:748)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:285)\n ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:97 ./arch/x86/include/asm/irqflags.h:155 ./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:158)\n ? kfree (mm/slub.c:4613 mm/slub.c:4761)\n net_free (net/core/net_namespace.c:476 net/core/net_namespace.c:467)\n cleanup_net (net/core/net_namespace.c:664 (discriminator 3))\n process_one_work (kernel/workqueue.c:3229)\n worker_thread (kernel/workqueue.c:3304 kernel/workqueue.c:3391\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21678",
"url": "https://www.suse.com/security/cve/CVE-2025-21678"
},
{
"category": "external",
"summary": "SUSE Bug 1236698 for CVE-2025-21678",
"url": "https://bugzilla.suse.com/1236698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21678"
},
{
"cve": "CVE-2025-21680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npktgen: Avoid out-of-bounds access in get_imix_entries\n\nPassing a sufficient amount of imix entries leads to invalid access to the\npkt_dev-\u003eimix_entries array because of the incorrect boundary check.\n\nUBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24\nindex 20 is out of range for type \u0027imix_pkt [20]\u0027\nCPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl lib/dump_stack.c:117\n__ubsan_handle_out_of_bounds lib/ubsan.c:429\nget_imix_entries net/core/pktgen.c:874\npktgen_if_write net/core/pktgen.c:1063\npde_write fs/proc/inode.c:334\nproc_reg_write fs/proc/inode.c:346\nvfs_write fs/read_write.c:593\nksys_write fs/read_write.c:644\ndo_syscall_64 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[ fp: allow to fill the array completely; minor changelog cleanup ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21680",
"url": "https://www.suse.com/security/cve/CVE-2025-21680"
},
{
"category": "external",
"summary": "SUSE Bug 1236700 for CVE-2025-21680",
"url": "https://bugzilla.suse.com/1236700"
},
{
"category": "external",
"summary": "SUSE Bug 1236701 for CVE-2025-21680",
"url": "https://bugzilla.suse.com/1236701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21680"
},
{
"cve": "CVE-2025-21681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix lockup on tx to unregistering netdev with carrier\n\nCommit in a fixes tag attempted to fix the issue in the following\nsequence of calls:\n\n do_output\n -\u003e ovs_vport_send\n -\u003e dev_queue_xmit\n -\u003e __dev_queue_xmit\n -\u003e netdev_core_pick_tx\n -\u003e skb_tx_hash\n\nWhen device is unregistering, the \u0027dev-\u003ereal_num_tx_queues\u0027 goes to\nzero and the \u0027while (unlikely(hash \u003e= qcount))\u0027 loop inside the\n\u0027skb_tx_hash\u0027 becomes infinite, locking up the core forever.\n\nBut unfortunately, checking just the carrier status is not enough to\nfix the issue, because some devices may still be in unregistering\nstate while reporting carrier status OK.\n\nOne example of such device is a net/dummy. It sets carrier ON\non start, but it doesn\u0027t implement .ndo_stop to set the carrier off.\nAnd it makes sense, because dummy doesn\u0027t really have a carrier.\nTherefore, while this device is unregistering, it\u0027s still easy to hit\nthe infinite loop in the skb_tx_hash() from the OVS datapath. There\nmight be other drivers that do the same, but dummy by itself is\nimportant for the OVS ecosystem, because it is frequently used as a\npacket sink for tcpdump while debugging OVS deployments. And when the\nissue is hit, the only way to recover is to reboot.\n\nFix that by also checking if the device is running. The running\nstate is handled by the net core during unregistering, so it covers\nunregistering case better, and we don\u0027t really need to send packets\nto devices that are not running anyway.\n\nWhile only checking the running state might be enough, the carrier\ncheck is preserved. The running and the carrier states seem disjoined\nthroughout the code and different drivers. And other core functions\nlike __dev_direct_xmit() check both before attempting to transmit\na packet. So, it seems safer to check both flags in OVS as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21681",
"url": "https://www.suse.com/security/cve/CVE-2025-21681"
},
{
"category": "external",
"summary": "SUSE Bug 1236702 for CVE-2025-21681",
"url": "https://bugzilla.suse.com/1236702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21681"
},
{
"cve": "CVE-2025-21684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: xilinx: Convert gpio_lock to raw spinlock\n\nirq_chip functions may be called in raw spinlock context. Therefore, we\nmust also use a raw spinlock for our own internal locking.\n\nThis fixes the following lockdep splat:\n\n[ 5.349336] =============================\n[ 5.353349] [ BUG: Invalid wait context ]\n[ 5.357361] 6.13.0-rc5+ #69 Tainted: G W\n[ 5.363031] -----------------------------\n[ 5.367045] kworker/u17:1/44 is trying to lock:\n[ 5.371587] ffffff88018b02c0 (\u0026chip-\u003egpio_lock){....}-{3:3}, at: xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.380079] other info that might help us debug this:\n[ 5.385138] context-{5:5}\n[ 5.387762] 5 locks held by kworker/u17:1/44:\n[ 5.392123] #0: ffffff8800014958 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3204)\n[ 5.402260] #1: ffffffc082fcbdd8 (deferred_probe_work){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3205)\n[ 5.411528] #2: ffffff880172c900 (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach (drivers/base/dd.c:1006)\n[ 5.419929] #3: ffffff88039c8268 (request_class#2){+.+.}-{4:4}, at: __setup_irq (kernel/irq/internals.h:156 kernel/irq/manage.c:1596)\n[ 5.428331] #4: ffffff88039c80c8 (lock_class#2){....}-{2:2}, at: __setup_irq (kernel/irq/manage.c:1614)\n[ 5.436472] stack backtrace:\n[ 5.439359] CPU: 2 UID: 0 PID: 44 Comm: kworker/u17:1 Tainted: G W 6.13.0-rc5+ #69\n[ 5.448690] Tainted: [W]=WARN\n[ 5.451656] Hardware name: xlnx,zynqmp (DT)\n[ 5.455845] Workqueue: events_unbound deferred_probe_work_func\n[ 5.461699] Call trace:\n[ 5.464147] show_stack+0x18/0x24 C\n[ 5.467821] dump_stack_lvl (lib/dump_stack.c:123)\n[ 5.471501] dump_stack (lib/dump_stack.c:130)\n[ 5.474824] __lock_acquire (kernel/locking/lockdep.c:4828 kernel/locking/lockdep.c:4898 kernel/locking/lockdep.c:5176)\n[ 5.478758] lock_acquire (arch/arm64/include/asm/percpu.h:40 kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851 kernel/locking/lockdep.c:5814)\n[ 5.482429] _raw_spin_lock_irqsave (include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 5.486797] xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.490737] irq_enable (kernel/irq/internals.h:236 kernel/irq/chip.c:170 kernel/irq/chip.c:439 kernel/irq/chip.c:432 kernel/irq/chip.c:345)\n[ 5.494060] __irq_startup (kernel/irq/internals.h:241 kernel/irq/chip.c:180 kernel/irq/chip.c:250)\n[ 5.497645] irq_startup (kernel/irq/chip.c:270)\n[ 5.501143] __setup_irq (kernel/irq/manage.c:1807)\n[ 5.504728] request_threaded_irq (kernel/irq/manage.c:2208)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21684",
"url": "https://www.suse.com/security/cve/CVE-2025-21684"
},
{
"category": "external",
"summary": "SUSE Bug 1236952 for CVE-2025-21684",
"url": "https://bugzilla.suse.com/1236952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21684"
},
{
"cve": "CVE-2025-21687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/platform: check the bounds of read/write syscalls\n\ncount and offset are passed from user space and not checked, only\noffset is capped to 40 bits, which can be used to read/write out of\nbounds of the device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21687",
"url": "https://www.suse.com/security/cve/CVE-2025-21687"
},
{
"category": "external",
"summary": "SUSE Bug 1237045 for CVE-2025-21687",
"url": "https://bugzilla.suse.com/1237045"
},
{
"category": "external",
"summary": "SUSE Bug 1237046 for CVE-2025-21687",
"url": "https://bugzilla.suse.com/1237046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21687"
},
{
"cve": "CVE-2025-21688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Assign job pointer to NULL before signaling the fence\n\nIn commit e4b5ccd392b9 (\"drm/v3d: Ensure job pointer is set to NULL\nafter job completion\"), we introduced a change to assign the job pointer\nto NULL after completing a job, indicating job completion.\n\nHowever, this approach created a race condition between the DRM\nscheduler workqueue and the IRQ execution thread. As soon as the fence is\nsignaled in the IRQ execution thread, a new job starts to be executed.\nThis results in a race condition where the IRQ execution thread sets the\njob pointer to NULL simultaneously as the `run_job()` function assigns\na new job to the pointer.\n\nThis race condition can lead to a NULL pointer dereference if the IRQ\nexecution thread sets the job pointer to NULL after `run_job()` assigns\nit to the new job. When the new job completes and the GPU emits an\ninterrupt, `v3d_irq()` is triggered, potentially causing a crash.\n\n[ 466.310099] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000c0\n[ 466.318928] Mem abort info:\n[ 466.321723] ESR = 0x0000000096000005\n[ 466.325479] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 466.330807] SET = 0, FnV = 0\n[ 466.333864] EA = 0, S1PTW = 0\n[ 466.337010] FSC = 0x05: level 1 translation fault\n[ 466.341900] Data abort info:\n[ 466.344783] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n[ 466.350285] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 466.355350] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 466.360677] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000089772000\n[ 466.367140] [00000000000000c0] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 466.375875] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n[ 466.382163] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device algif_hash algif_skcipher af_alg bnep binfmt_misc vc4 snd_soc_hdmi_codec drm_display_helper cec brcmfmac_wcc spidev rpivid_hevc(C) drm_client_lib brcmfmac hci_uart drm_dma_helper pisp_be btbcm brcmutil snd_soc_core aes_ce_blk v4l2_mem2mem bluetooth aes_ce_cipher snd_compress videobuf2_dma_contig ghash_ce cfg80211 gf128mul snd_pcm_dmaengine videobuf2_memops ecdh_generic sha2_ce ecc videobuf2_v4l2 snd_pcm v3d sha256_arm64 rfkill videodev snd_timer sha1_ce libaes gpu_sched snd videobuf2_common sha1_generic drm_shmem_helper mc rp1_pio drm_kms_helper raspberrypi_hwmon spi_bcm2835 gpio_keys i2c_brcmstb rp1 raspberrypi_gpiomem rp1_mailbox rp1_adc nvmem_rmem uio_pdrv_genirq uio i2c_dev drm ledtrig_pattern drm_panel_orientation_quirks backlight fuse dm_mod ip_tables x_tables ipv6\n[ 466.458429] CPU: 0 UID: 1000 PID: 2008 Comm: chromium Tainted: G C 6.13.0-v8+ #18\n[ 466.467336] Tainted: [C]=CRAP\n[ 466.470306] Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT)\n[ 466.476157] pstate: 404000c9 (nZcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 466.483143] pc : v3d_irq+0x118/0x2e0 [v3d]\n[ 466.487258] lr : __handle_irq_event_percpu+0x60/0x228\n[ 466.492327] sp : ffffffc080003ea0\n[ 466.495646] x29: ffffffc080003ea0 x28: ffffff80c0c94200 x27: 0000000000000000\n[ 466.502807] x26: ffffffd08dd81d7b x25: ffffff80c0c94200 x24: ffffff8003bdc200\n[ 466.509969] x23: 0000000000000001 x22: 00000000000000a7 x21: 0000000000000000\n[ 466.517130] x20: ffffff8041bb0000 x19: 0000000000000001 x18: 0000000000000000\n[ 466.524291] x17: ffffffafadfb0000 x16: ffffffc080000000 x15: 0000000000000000\n[ 466.531452] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n[ 466.538613] x11: 0000000000000000 x10: 0000000000000000 x9 : ffffffd08c527eb0\n[ 466.545777] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n[ 466.552941] x5 : ffffffd08c4100d0 x4 : ffffffafadfb0000 x3 : ffffffc080003f70\n[ 466.560102] x2 : ffffffc0829e8058 x1 : 0000000000000001 x0 : 0000000000000000\n[ 466.567263] Call trace:\n[ 466.569711] v3d_irq+0x118/0x2e0 [v3d] (P)\n[ 466.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21688",
"url": "https://www.suse.com/security/cve/CVE-2025-21688"
},
{
"category": "external",
"summary": "SUSE Bug 1237007 for CVE-2025-21688",
"url": "https://bugzilla.suse.com/1237007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21688"
},
{
"cve": "CVE-2025-21689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()\n\nThis patch addresses a null-ptr-deref in qt2_process_read_urb() due to\nan incorrect bounds check in the following:\n\n if (newport \u003e serial-\u003enum_ports) {\n dev_err(\u0026port-\u003edev,\n \"%s - port change to invalid port: %i\\n\",\n __func__, newport);\n break;\n }\n\nThe condition doesn\u0027t account for the valid range of the serial-\u003eport\nbuffer, which is from 0 to serial-\u003enum_ports - 1. When newport is equal\nto serial-\u003enum_ports, the assignment of \"port\" in the\nfollowing code is out-of-bounds and NULL:\n\n serial_priv-\u003ecurrent_port = newport;\n port = serial-\u003eport[serial_priv-\u003ecurrent_port];\n\nThe fix checks if newport is greater than or equal to serial-\u003enum_ports\nindicating it is out-of-bounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21689",
"url": "https://www.suse.com/security/cve/CVE-2025-21689"
},
{
"category": "external",
"summary": "SUSE Bug 1237017 for CVE-2025-21689",
"url": "https://bugzilla.suse.com/1237017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21689"
},
{
"cve": "CVE-2025-21690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Ratelimit warning logs to prevent VM denial of service\n\nIf there\u0027s a persistent error in the hypervisor, the SCSI warning for\nfailed I/O can flood the kernel log and max out CPU utilization,\npreventing troubleshooting from the VM side. Ratelimit the warning so\nit doesn\u0027t DoS the VM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21690",
"url": "https://www.suse.com/security/cve/CVE-2025-21690"
},
{
"category": "external",
"summary": "SUSE Bug 1237025 for CVE-2025-21690",
"url": "https://bugzilla.suse.com/1237025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21690"
},
{
"cve": "CVE-2025-21692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ets qdisc OOB Indexing\n\nHaowei Yan \u003cg1042620637@gmail.com\u003e found that ets_class_from_arg() can\nindex an Out-Of-Bound class in ets_class_from_arg() when passed clid of\n0. The overflow may cause local privilege escalation.\n\n [ 18.852298] ------------[ cut here ]------------\n [ 18.853271] UBSAN: array-index-out-of-bounds in net/sched/sch_ets.c:93:20\n [ 18.853743] index 18446744073709551615 is out of range for type \u0027ets_class [16]\u0027\n [ 18.854254] CPU: 0 UID: 0 PID: 1275 Comm: poc Not tainted 6.12.6-dirty #17\n [ 18.854821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [ 18.856532] Call Trace:\n [ 18.857441] \u003cTASK\u003e\n [ 18.858227] dump_stack_lvl+0xc2/0xf0\n [ 18.859607] dump_stack+0x10/0x20\n [ 18.860908] __ubsan_handle_out_of_bounds+0xa7/0xf0\n [ 18.864022] ets_class_change+0x3d6/0x3f0\n [ 18.864322] tc_ctl_tclass+0x251/0x910\n [ 18.864587] ? lock_acquire+0x5e/0x140\n [ 18.865113] ? __mutex_lock+0x9c/0xe70\n [ 18.866009] ? __mutex_lock+0xa34/0xe70\n [ 18.866401] rtnetlink_rcv_msg+0x170/0x6f0\n [ 18.866806] ? __lock_acquire+0x578/0xc10\n [ 18.867184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n [ 18.867503] netlink_rcv_skb+0x59/0x110\n [ 18.867776] rtnetlink_rcv+0x15/0x30\n [ 18.868159] netlink_unicast+0x1c3/0x2b0\n [ 18.868440] netlink_sendmsg+0x239/0x4b0\n [ 18.868721] ____sys_sendmsg+0x3e2/0x410\n [ 18.869012] ___sys_sendmsg+0x88/0xe0\n [ 18.869276] ? rseq_ip_fixup+0x198/0x260\n [ 18.869563] ? rseq_update_cpu_node_id+0x10a/0x190\n [ 18.869900] ? trace_hardirqs_off+0x5a/0xd0\n [ 18.870196] ? syscall_exit_to_user_mode+0xcc/0x220\n [ 18.870547] ? do_syscall_64+0x93/0x150\n [ 18.870821] ? __memcg_slab_free_hook+0x69/0x290\n [ 18.871157] __sys_sendmsg+0x69/0xd0\n [ 18.871416] __x64_sys_sendmsg+0x1d/0x30\n [ 18.871699] x64_sys_call+0x9e2/0x2670\n [ 18.871979] do_syscall_64+0x87/0x150\n [ 18.873280] ? do_syscall_64+0x93/0x150\n [ 18.874742] ? lock_release+0x7b/0x160\n [ 18.876157] ? do_user_addr_fault+0x5ce/0x8f0\n [ 18.877833] ? irqentry_exit_to_user_mode+0xc2/0x210\n [ 18.879608] ? irqentry_exit+0x77/0xb0\n [ 18.879808] ? clear_bhb_loop+0x15/0x70\n [ 18.880023] ? clear_bhb_loop+0x15/0x70\n [ 18.880223] ? clear_bhb_loop+0x15/0x70\n [ 18.880426] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [ 18.880683] RIP: 0033:0x44a957\n [ 18.880851] Code: ff ff e8 fc 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 8974 24 10\n [ 18.881766] RSP: 002b:00007ffcdd00fad8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n [ 18.882149] RAX: ffffffffffffffda RBX: 00007ffcdd010db8 RCX: 000000000044a957\n [ 18.882507] RDX: 0000000000000000 RSI: 00007ffcdd00fb70 RDI: 0000000000000003\n [ 18.885037] RBP: 00007ffcdd010bc0 R08: 000000000703c770 R09: 000000000703c7c0\n [ 18.887203] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001\n [ 18.888026] R13: 00007ffcdd010da8 R14: 00000000004ca7d0 R15: 0000000000000001\n [ 18.888395] \u003c/TASK\u003e\n [ 18.888610] ---[ end trace ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21692",
"url": "https://www.suse.com/security/cve/CVE-2025-21692"
},
{
"category": "external",
"summary": "SUSE Bug 1237028 for CVE-2025-21692",
"url": "https://bugzilla.suse.com/1237028"
},
{
"category": "external",
"summary": "SUSE Bug 1237048 for CVE-2025-21692",
"url": "https://bugzilla.suse.com/1237048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21692"
},
{
"cve": "CVE-2025-21693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that\u0027s discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21693",
"url": "https://www.suse.com/security/cve/CVE-2025-21693"
},
{
"category": "external",
"summary": "SUSE Bug 1237029 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "external",
"summary": "SUSE Bug 1237047 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Ensure job pointer is set to NULL after job completion\n\nAfter a job completes, the corresponding pointer in the device must\nbe set to NULL. Failing to do so triggers a warning when unloading\nthe driver, as it appears the job is still active. To prevent this,\nassign the job pointer to NULL after completing the job, indicating\nthe job has finished.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21697",
"url": "https://www.suse.com/security/cve/CVE-2025-21697"
},
{
"category": "external",
"summary": "SUSE Bug 1237132 for CVE-2025-21697",
"url": "https://bugzilla.suse.com/1237132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "low"
}
],
"title": "CVE-2025-21697"
},
{
"cve": "CVE-2025-21699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Truncate address space when flipping GFS2_DIF_JDATA flag\n\nTruncate an inode\u0027s address space when flipping the GFS2_DIF_JDATA flag:\ndepending on that flag, the pages in the address space will either use\nbuffer heads or iomap_folio_state structs, and we cannot mix the two.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21699",
"url": "https://www.suse.com/security/cve/CVE-2025-21699"
},
{
"category": "external",
"summary": "SUSE Bug 1237139 for CVE-2025-21699",
"url": "https://bugzilla.suse.com/1237139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21699"
},
{
"cve": "CVE-2025-21700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug \u003c=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann \u003cnnamrec@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21700",
"url": "https://www.suse.com/security/cve/CVE-2025-21700"
},
{
"category": "external",
"summary": "SUSE Bug 1237159 for CVE-2025-21700",
"url": "https://bugzilla.suse.com/1237159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdc-acm: Check control transfer buffer size before access\n\nIf the first fragment is shorter than struct usb_cdc_notification, we can\u0027t\ncalculate an expected_size. Log an error and discard the notification\ninstead of reading lengths from memory outside the received data, which can\nlead to memory corruption when the expected_size decreases between\nfragments, causing `expected_size - acm-\u003enb_index` to wrap.\n\nThis issue has been present since the beginning of git history; however,\nit only leads to memory corruption since commit ea2583529cd1\n(\"cdc-acm: reassemble fragmented notifications\").\n\nA mitigating factor is that acm_ctrl_irq() can only execute after userspace\nhas opened /dev/ttyACM*; but if ModemManager is running, ModemManager will\ndo that automatically depending on the USB device\u0027s vendor/product IDs and\nits other interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21704",
"url": "https://www.suse.com/security/cve/CVE-2025-21704"
},
{
"category": "external",
"summary": "SUSE Bug 1237571 for CVE-2025-21704",
"url": "https://bugzilla.suse.com/1237571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle fastopen disconnect correctly\n\nSyzbot was able to trigger a data stream corruption:\n\n WARNING: CPU: 0 PID: 9846 at net/mptcp/protocol.c:1024 __mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Modules linked in:\n CPU: 0 UID: 0 PID: 9846 Comm: syz-executor351 Not tainted 6.13.0-rc2-syzkaller-00059-g00a5acdbf398 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\n RIP: 0010:__mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Code: fa ff ff 48 8b 4c 24 18 80 e1 07 fe c1 38 c1 0f 8c 8e fa ff ff 48 8b 7c 24 18 e8 e0 db 54 f6 e9 7f fa ff ff e8 e6 80 ee f5 90 \u003c0f\u003e 0b 90 4c 8b 6c 24 40 4d 89 f4 e9 04 f5 ff ff 44 89 f1 80 e1 07\n RSP: 0018:ffffc9000c0cf400 EFLAGS: 00010293\n RAX: ffffffff8bb0dd5a RBX: ffff888033f5d230 RCX: ffff888059ce8000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000c0cf518 R08: ffffffff8bb0d1dd R09: 1ffff110170c8928\n R10: dffffc0000000000 R11: ffffed10170c8929 R12: 0000000000000000\n R13: ffff888033f5d220 R14: dffffc0000000000 R15: ffff8880592b8000\n FS: 00007f6e866496c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f6e86f491a0 CR3: 00000000310e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup+0x7f/0x2d0 net/mptcp/protocol.c:1074\n mptcp_release_cb+0x7cb/0xb30 net/mptcp/protocol.c:3493\n release_sock+0x1aa/0x1f0 net/core/sock.c:3640\n inet_wait_for_connect net/ipv4/af_inet.c:609 [inline]\n __inet_stream_connect+0x8bd/0xf30 net/ipv4/af_inet.c:703\n mptcp_sendmsg_fastopen+0x2a2/0x530 net/mptcp/protocol.c:1755\n mptcp_sendmsg+0x1884/0x1b10 net/mptcp/protocol.c:1830\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f6e86ebfe69\n Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f6e86649168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f6e86f491b8 RCX: 00007f6e86ebfe69\n RDX: 0000000030004001 RSI: 0000000020000080 RDI: 0000000000000003\n RBP: 00007f6e86f491b0 R08: 00007f6e866496c0 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6e86f491bc\n R13: 000000000000006e R14: 00007ffe445d9420 R15: 00007ffe445d9508\n \u003c/TASK\u003e\n\nThe root cause is the bad handling of disconnect() generated internally\nby the MPTCP protocol in case of connect FASTOPEN errors.\n\nAddress the issue increasing the socket disconnect counter even on such\na case, to allow other threads waiting on the same socket lock to\nproperly error out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21705",
"url": "https://www.suse.com/security/cve/CVE-2025-21705"
},
{
"category": "external",
"summary": "SUSE Bug 1238525 for CVE-2025-21705",
"url": "https://bugzilla.suse.com/1238525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21705"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: enable basic endpoint checking\n\nSyzkaller reports [1] encountering a common issue of utilizing a wrong\nusb endpoint type during URB submitting stage. This, in turn, triggers\na warning shown below.\n\nFor now, enable simple endpoint checking (specifically, bulk and\ninterrupt eps, testing control one is not essential) to mitigate\nthe issue with a view to do other related cosmetic changes later,\nif they are necessary.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 1 PID: 2586 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 driv\u003e\nModules linked in:\nCPU: 1 UID: 0 PID: 2586 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00069-gfc88bb11617\u003e\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nCode: 84 3c 02 00 00 e8 05 e4 fc fc 4c 89 ef e8 fd 25 d7 fe 45 89 e0 89 e9 4c 89 f2 48 8\u003e\nRSP: 0018:ffffc9000441f740 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888112487a00 RCX: ffffffff811a99a9\nRDX: ffff88810df6ba80 RSI: ffffffff811a99b6 RDI: 0000000000000001\nRBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff8881023bf0a8 R14: ffff888112452a20 R15: ffff888112487a7c\nFS: 00007fc04eea5740(0000) GS:ffff8881f6300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0a1de9f870 CR3: 000000010dbd0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rtl8150_open+0x300/0xe30 drivers/net/usb/rtl8150.c:733\n __dev_open+0x2d4/0x4e0 net/core/dev.c:1474\n __dev_change_flags+0x561/0x720 net/core/dev.c:8838\n dev_change_flags+0x8f/0x160 net/core/dev.c:8910\n devinet_ioctl+0x127a/0x1f10 net/ipv4/devinet.c:1177\n inet_ioctl+0x3aa/0x3f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x116/0x280 net/socket.c:1222\n sock_ioctl+0x22e/0x6c0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fc04ef73d49\n...\n\nThis change has not been tested on real hardware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21708",
"url": "https://www.suse.com/security/cve/CVE-2025-21708"
},
{
"category": "external",
"summary": "SUSE Bug 1239087 for CVE-2025-21708",
"url": "https://bugzilla.suse.com/1239087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rose: prevent integer overflows in rose_setsockopt()\n\nIn case of possible unpredictably large arguments passed to\nrose_setsockopt() and multiplied by extra values on top of that,\ninteger overflows may occur.\n\nDo the safest minimum and fix these issues by checking the\ncontents of \u0027opt\u0027 and returning -EINVAL if they are too large. Also,\nswitch to unsigned int and remove useless check for negative \u0027opt\u0027\nin ROSE_IDLE case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21711",
"url": "https://www.suse.com/security/cve/CVE-2025-21711"
},
{
"category": "external",
"summary": "SUSE Bug 1239114 for CVE-2025-21711",
"url": "https://bugzilla.suse.com/1239114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP use after free\n\nPrevent double queueing of implicit ODP mr destroy work by using\n__xa_cmpxchg() to make sure this is the only time we are destroying this\nspecific mr.\n\nWithout this change, we could try to invalidate this mr twice, which in\nturn could result in queuing a MR work destroy twice, and eventually the\nsecond work could execute after the MR was freed due to the first work,\ncausing a user after free and trace below.\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 2 PID: 12178 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x130\n Modules linked in: bonding ib_ipoib vfio_pci ip_gre geneve nf_tables ip6_gre gre ip6_tunnel tunnel6 ipip tunnel4 ib_umad rdma_ucm mlx5_vfio_pci vfio_pci_core vfio_iommu_type1 mlx5_ib vfio ib_uverbs mlx5_core iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\n CPU: 2 PID: 12178 Comm: kworker/u20:5 Not tainted 6.5.0-rc1_net_next_mlx5_58c644e #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events_unbound free_implicit_child_mr_work [mlx5_ib]\n RIP: 0010:refcount_warn_saturate+0x12b/0x130\n Code: 48 c7 c7 38 95 2a 82 c6 05 bc c6 fe 00 01 e8 0c 66 aa ff 0f 0b 5b c3 48 c7 c7 e0 94 2a 82 c6 05 a7 c6 fe 00 01 e8 f5 65 aa ff \u003c0f\u003e 0b 5b c3 90 8b 07 3d 00 00 00 c0 74 12 83 f8 01 74 13 8d 50 ff\n RSP: 0018:ffff8881008e3e40 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000027\n RDX: ffff88852c91b5c8 RSI: 0000000000000001 RDI: ffff88852c91b5c0\n RBP: ffff8881dacd4e00 R08: 00000000ffffffff R09: 0000000000000019\n R10: 000000000000072e R11: 0000000063666572 R12: ffff88812bfd9e00\n R13: ffff8881c792d200 R14: ffff88810011c005 R15: ffff8881002099c0\n FS: 0000000000000000(0000) GS:ffff88852c900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5694b5e000 CR3: 00000001153f6003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0x12b/0x130\n free_implicit_child_mr_work+0x180/0x1b0 [mlx5_ib]\n process_one_work+0x1cc/0x3c0\n worker_thread+0x218/0x3c0\n kthread+0xc6/0xf0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21714",
"url": "https://www.suse.com/security/cve/CVE-2025-21714"
},
{
"category": "external",
"summary": "SUSE Bug 1237890 for CVE-2025-21714",
"url": "https://bugzilla.suse.com/1237890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: davicom: fix UAF in dm9000_drv_remove\n\ndm is netdev private data and it cannot be\nused after free_netdev() call. Using dm after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.\n\nThis is similar to the issue fixed in commit\nad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\").\n\nThis bug is detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21715",
"url": "https://www.suse.com/security/cve/CVE-2025-21715"
},
{
"category": "external",
"summary": "SUSE Bug 1237889 for CVE-2025-21715",
"url": "https://bugzilla.suse.com/1237889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21715"
},
{
"cve": "CVE-2025-21716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21716"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: Fix uninit-value in vxlan_vnifilter_dump()\n\nKMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1].\n\nIf the length of the netlink message payload is less than\nsizeof(struct tunnel_msg), vxlan_vnifilter_dump() accesses bytes\nbeyond the message. This can lead to uninit-value access. Fix this by\nreturning an error in such situations.\n\n[1]\nBUG: KMSAN: uninit-value in vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6786\n netlink_dump+0x93e/0x15f0 net/netlink/af_netlink.c:2317\n __netlink_dump_start+0x716/0xd60 net/netlink/af_netlink.c:2432\n netlink_dump_start include/linux/netlink.h:340 [inline]\n rtnetlink_dump_start net/core/rtnetlink.c:6815 [inline]\n rtnetlink_rcv_msg+0x1256/0x14a0 net/core/rtnetlink.c:6882\n netlink_rcv_skb+0x467/0x660 net/netlink/af_netlink.c:2542\n rtnetlink_rcv+0x35/0x40 net/core/rtnetlink.c:6944\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0xed6/0x1290 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x1092/0x1230 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4110 [inline]\n slab_alloc_node mm/slub.c:4153 [inline]\n kmem_cache_alloc_node_noprof+0x800/0xe80 mm/slub.c:4205\n kmalloc_reserve+0x13b/0x4b0 net/core/skbuff.c:587\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1323 [inline]\n netlink_alloc_large_skb+0xa5/0x280 net/netlink/af_netlink.c:1196\n netlink_sendmsg+0xac9/0x1230 net/netlink/af_netlink.c:1866\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 30991 Comm: syz.4.10630 Not tainted 6.12.0-10694-gc44daa7e3c73 #29\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21716",
"url": "https://www.suse.com/security/cve/CVE-2025-21716"
},
{
"category": "external",
"summary": "SUSE Bug 1237891 for CVE-2025-21716",
"url": "https://bugzilla.suse.com/1237891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21716"
},
{
"cve": "CVE-2025-21718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21718",
"url": "https://www.suse.com/security/cve/CVE-2025-21718"
},
{
"category": "external",
"summary": "SUSE Bug 1239073 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "external",
"summary": "SUSE Bug 1239074 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239074"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmr: do not call mr_mfc_uses_dev() for unres entries\n\nsyzbot found that calling mr_mfc_uses_dev() for unres entries\nwould crash [1], because c-\u003emfc_un.res.minvif / c-\u003emfc_un.res.maxvif\nalias to \"struct sk_buff_head unresolved\", which contain two pointers.\n\nThis code never worked, lets remove it.\n\n[1]\nUnable to handle kernel paging request at virtual address ffff5fff2d536613\nKASAN: maybe wild-memory-access in range [0xfffefff96a9b3098-0xfffefff96a9b309f]\nModules linked in:\nCPU: 1 UID: 0 PID: 7321 Comm: syz.0.16 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline]\n pc : mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334\n lr : mr_mfc_uses_dev net/ipv4/ipmr_base.c:289 [inline]\n lr : mr_table_dump+0x694/0x8b0 net/ipv4/ipmr_base.c:334\nCall trace:\n mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] (P)\n mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 (P)\n mr_rtm_dumproute+0x254/0x454 net/ipv4/ipmr_base.c:382\n ipmr_rtm_dumproute+0x248/0x4b4 net/ipv4/ipmr.c:2648\n rtnl_dump_all+0x2e4/0x4e8 net/core/rtnetlink.c:4327\n rtnl_dumpit+0x98/0x1d0 net/core/rtnetlink.c:6791\n netlink_dump+0x4f0/0xbc0 net/netlink/af_netlink.c:2317\n netlink_recvmsg+0x56c/0xe64 net/netlink/af_netlink.c:1973\n sock_recvmsg_nosec net/socket.c:1033 [inline]\n sock_recvmsg net/socket.c:1055 [inline]\n sock_read_iter+0x2d8/0x40c net/socket.c:1125\n new_sync_read fs/read_write.c:484 [inline]\n vfs_read+0x740/0x970 fs/read_write.c:565\n ksys_read+0x15c/0x26c fs/read_write.c:708",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21719",
"url": "https://www.suse.com/security/cve/CVE-2025-21719"
},
{
"category": "external",
"summary": "SUSE Bug 1238860 for CVE-2025-21719",
"url": "https://bugzilla.suse.com/1238860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix possible crash when setting up bsg fails\n\nIf bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.\nConsequently, in mpi3mr_bsg_exit(), the condition \"if(!mrioc-\u003ebsg_queue)\"\nwill not be satisfied, preventing execution from entering\nbsg_remove_queue(), which could lead to the following crash:\n\nBUG: kernel NULL pointer dereference, address: 000000000000041c\nCall Trace:\n \u003cTASK\u003e\n mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr]\n mpi3mr_remove+0x6f/0x340 [mpi3mr]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x19d/0x220\n unbind_store+0xa4/0xb0\n kernfs_fop_write_iter+0x11f/0x200\n vfs_write+0x1fc/0x3e0\n ksys_write+0x67/0xe0\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0xe2",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21723",
"url": "https://www.suse.com/security/cve/CVE-2025-21723"
},
{
"category": "external",
"summary": "SUSE Bug 1238864 for CVE-2025-21723",
"url": "https://bugzilla.suse.com/1238864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()\n\nResolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index()\nwhere shifting the constant \"1\" (of type int) by bitmap-\u003emapped.pgshift\n(an unsigned long value) could result in undefined behavior.\n\nThe constant \"1\" defaults to a 32-bit \"int\", and when \"pgshift\" exceeds\n31 (e.g., pgshift = 63) the shift operation overflows, as the result\ncannot be represented in a 32-bit type.\n\nTo resolve this, the constant is updated to \"1UL\", promoting it to an\nunsigned long type to match the operand\u0027s type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21724",
"url": "https://www.suse.com/security/cve/CVE-2025-21724"
},
{
"category": "external",
"summary": "SUSE Bug 1238863 for CVE-2025-21724",
"url": "https://bugzilla.suse.com/1238863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix oops due to unset link speed\n\nIt isn\u0027t guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will always\nbe set by the server, so the client must handle any values and then\nprevent oopses like below from happening:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 1323 Comm: cat Not tainted 6.13.0-rc7 #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nRIP: 0010:cifs_debug_data_proc_show+0xa45/0x1460 [cifs] Code: 00 00 48\n89 df e8 3b cd 1b c1 41 f6 44 24 2c 04 0f 84 50 01 00 00 48 89 ef e8\ne7 d0 1b c1 49 8b 44 24 18 31 d2 49 8d 7c 24 28 \u003c48\u003e f7 74 24 18 48 89\nc3 e8 6e cf 1b c1 41 8b 6c 24 28 49 8d 7c 24\nRSP: 0018:ffffc90001817be0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88811230022c RCX: ffffffffc041bd99\nRDX: 0000000000000000 RSI: 0000000000000567 RDI: ffff888112300228\nRBP: ffff888112300218 R08: fffff52000302f5f R09: ffffed1022fa58ac\nR10: ffff888117d2c566 R11: 00000000fffffffe R12: ffff888112300200\nR13: 000000012a15343f R14: 0000000000000001 R15: ffff888113f2db58\nFS: 00007fe27119e740(0000) GS:ffff888148600000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe2633c5000 CR3: 0000000124da0000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x27\n ? die+0x2e/0x50\n ? do_trap+0x159/0x1b0\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? do_error_trap+0x90/0x130\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? exc_divide_error+0x39/0x50\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? asm_exc_divide_error+0x1a/0x20\n ? cifs_debug_data_proc_show+0xa39/0x1460 [cifs]\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? seq_read_iter+0x42e/0x790\n seq_read_iter+0x19a/0x790\n proc_reg_read_iter+0xbe/0x110\n ? __pfx_proc_reg_read_iter+0x10/0x10\n vfs_read+0x469/0x570\n ? do_user_addr_fault+0x398/0x760\n ? __pfx_vfs_read+0x10/0x10\n ? find_held_lock+0x8a/0xa0\n ? __pfx_lock_release+0x10/0x10\n ksys_read+0xd3/0x170\n ? __pfx_ksys_read+0x10/0x10\n ? __rcu_read_unlock+0x50/0x270\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe271288911\nCode: 00 48 8b 15 01 25 10 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd e8\n20 ad 01 00 f3 0f 1e fa 80 3d b5 a7 10 00 00 74 13 31 c0 0f 05 \u003c48\u003e 3d\n00 f0 ff ff 77 4f c3 66 0f 1f 44 00 00 55 48 89 e5 48 83 ec\nRSP: 002b:00007ffe87c079d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\nRAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007fe271288911\nRDX: 0000000000040000 RSI: 00007fe2633c6000 RDI: 0000000000000003\nRBP: 00007ffe87c07a00 R08: 0000000000000000 R09: 00007fe2713e6380\nR10: 0000000000000022 R11: 0000000000000246 R12: 0000000000040000\nR13: 00007fe2633c6000 R14: 0000000000000003 R15: 0000000000000000\n \u003c/TASK\u003e\n\nFix this by setting cifs_server_iface::speed to a sane value (1Gbps)\nby default when link speed is unset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21725",
"url": "https://www.suse.com/security/cve/CVE-2025-21725"
},
{
"category": "external",
"summary": "SUSE Bug 1238877 for CVE-2025-21725",
"url": "https://bugzilla.suse.com/1238877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21725"
},
{
"cve": "CVE-2025-21726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: avoid UAF for reorder_work\n\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\n\ncrypto_request\t\t\tcrypto_request\t\tcrypto_del_alg\npadata_do_serial\n ...\n padata_reorder\n // processes all remaining\n // requests then breaks\n while (1) {\n if (!padata)\n break;\n ...\n }\n\n\t\t\t\tpadata_do_serial\n\t\t\t\t // new request added\n\t\t\t\t list_add\n // sees the new request\n queue_work(reorder_work)\n\t\t\t\t padata_reorder\n\t\t\t\t queue_work_on(squeue-\u003ework)\n...\n\n\t\t\t\t\u003ckworker context\u003e\n\t\t\t\tpadata_serial_worker\n\t\t\t\t// completes new request,\n\t\t\t\t// no more outstanding\n\t\t\t\t// requests\n\n\t\t\t\t\t\t\tcrypto_del_alg\n\t\t\t\t\t\t\t // free pd\n\n\u003ckworker context\u003e\ninvoke_padata_reorder\n // UAF of pd\n\nTo avoid UAF for \u0027reorder_work\u0027, get \u0027pd\u0027 ref before put \u0027reorder_work\u0027\ninto the \u0027serial_wq\u0027 and put \u0027pd\u0027 ref until the \u0027serial_wq\u0027 finish.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21726",
"url": "https://www.suse.com/security/cve/CVE-2025-21726"
},
{
"category": "external",
"summary": "SUSE Bug 1238865 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "external",
"summary": "SUSE Bug 1240837 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1240837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf \u0027mdelay(10)\u0027 is added before calling \u0027padata_find_next\u0027 in the\n\u0027padata_reorder\u0027 function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(\u0026pd-\u003erefcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps-\u003epd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in \u0027while\u0027, if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n\u0027padata_find_next\u0027, which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in \u0027padata_free_shell\u0027 wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21727",
"url": "https://www.suse.com/security/cve/CVE-2025-21727"
},
{
"category": "external",
"summary": "SUSE Bug 1237876 for CVE-2025-21727",
"url": "https://bugzilla.suse.com/1237876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Send signals asynchronously if !preemptible\n\nBPF programs can execute in all kinds of contexts and when a program\nrunning in a non-preemptible context uses the bpf_send_signal() kfunc,\nit will cause issues because this kfunc can sleep.\nChange `irqs_disabled()` to `!preemptible()`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21728",
"url": "https://www.suse.com/security/cve/CVE-2025-21728"
},
{
"category": "external",
"summary": "SUSE Bug 1237879 for CVE-2025-21728",
"url": "https://bugzilla.suse.com/1237879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix race between cancel_hw_scan and hw_scan completion\n\nThe rtwdev-\u003escanning flag isn\u0027t protected by mutex originally, so\ncancel_hw_scan can pass the condition, but suddenly hw_scan completion\nunset the flag and calls ieee80211_scan_completed() that will free\nlocal-\u003ehw_scan_req. Then, cancel_hw_scan raises null-ptr-deref and\nuse-after-free. Fix it by moving the check condition to where\nprotected by mutex.\n\n KASAN: null-ptr-deref in range [0x0000000000000088-0x000000000000008f]\n CPU: 2 PID: 6922 Comm: kworker/2:2 Tainted: G OE\n Hardware name: LENOVO 2356AD1/2356AD1, BIOS G7ETB6WW (2.76 ) 09/10/2019\n Workqueue: events cfg80211_conn_work [cfg80211]\n RIP: 0010:rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n Code: 00 45 89 6c 24 1c 0f 85 23 01 00 00 48 8b 85 20 ff ff ff 48 8d\n RSP: 0018:ffff88811fd9f068 EFLAGS: 00010206\n RAX: dffffc0000000000 RBX: ffff88811fd9f258 RCX: 0000000000000001\n RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000089\n RBP: ffff88811fd9f170 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff88811fd9f108 R11: 0000000000000000 R12: ffff88810e47f960\n R13: 0000000000000000 R14: 000000000000ffff R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8881d6f00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007531dfca55b0 CR3: 00000001be296004 CR4: 00000000001706e0\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x61/0x73\n ? __die_body+0x20/0x73\n ? die_addr+0x4f/0x7b\n ? exc_general_protection+0x191/0x1db\n ? asm_exc_general_protection+0x27/0x30\n ? rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n ? rtw89_fw_h2c_scan_offload_be+0x458/0x13c3 [rtw89_core]\n ? __pfx_rtw89_fw_h2c_scan_offload_be+0x10/0x10 [rtw89_core]\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx_do_raw_spin_lock+0x10/0x10\n rtw89_hw_scan_offload+0xb5e/0xbf7 [rtw89_core]\n ? _raw_spin_unlock+0xe/0x24\n ? __mutex_lock.constprop.0+0x40c/0x471\n ? __pfx_rtw89_hw_scan_offload+0x10/0x10 [rtw89_core]\n ? __mutex_lock_slowpath+0x13/0x1f\n ? mutex_lock+0xa2/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n rtw89_hw_scan_abort+0x58/0xb7 [rtw89_core]\n rtw89_ops_cancel_hw_scan+0x120/0x13b [rtw89_core]\n ieee80211_scan_cancel+0x468/0x4d0 [mac80211]\n ieee80211_prep_connection+0x858/0x899 [mac80211]\n ieee80211_mgd_auth+0xbea/0xdde [mac80211]\n ? __pfx_ieee80211_mgd_auth+0x10/0x10 [mac80211]\n ? cfg80211_find_elem+0x15/0x29 [cfg80211]\n ? is_bss+0x1b7/0x1d7 [cfg80211]\n ieee80211_auth+0x18/0x27 [mac80211]\n cfg80211_mlme_auth+0x3bb/0x3e7 [cfg80211]\n cfg80211_conn_do_work+0x410/0xb81 [cfg80211]\n ? __pfx_cfg80211_conn_do_work+0x10/0x10 [cfg80211]\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? __kasan_check_write+0x14/0x22\n ? mutex_lock+0x8e/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n ? __pfx___radix_tree_lookup+0x10/0x10\n cfg80211_conn_work+0x245/0x34d [cfg80211]\n ? __pfx_cfg80211_conn_work+0x10/0x10 [cfg80211]\n ? update_cfs_rq_load_avg+0x3bc/0x3d7\n ? sched_clock_noinstr+0x9/0x1a\n ? sched_clock+0x10/0x24\n ? sched_clock_cpu+0x7e/0x42e\n ? newidle_balance+0x796/0x937\n ? __pfx_sched_clock_cpu+0x10/0x10\n ? __pfx_newidle_balance+0x10/0x10\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? _raw_spin_unlock+0xe/0x24\n ? raw_spin_rq_unlock+0x47/0x54\n ? raw_spin_rq_unlock_irq+0x9/0x1f\n ? finish_task_switch.isra.0+0x347/0x586\n ? __schedule+0x27bf/0x2892\n ? mutex_unlock+0x80/0xd0\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx___schedule+0x10/0x10\n process_scheduled_works+0x58c/0x821\n worker_thread+0x4c7/0x586\n ? __kasan_check_read+0x11/0x1f\n kthread+0x285/0x294\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x6f\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21729",
"url": "https://www.suse.com/security/cve/CVE-2025-21729"
},
{
"category": "external",
"summary": "SUSE Bug 1237874 for CVE-2025-21729",
"url": "https://bugzilla.suse.com/1237874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21729"
},
{
"cve": "CVE-2025-21731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd-\u003erecv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -\u003e succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -\u003e succeed\n nbd_reconnect_socket\n queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -\u003e nbd_config is freed\n atomic_dec(\u0026config-\u003erecv_threads)\n -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21731",
"url": "https://www.suse.com/security/cve/CVE-2025-21731"
},
{
"category": "external",
"summary": "SUSE Bug 1237881 for CVE-2025-21731",
"url": "https://bugzilla.suse.com/1237881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error\n\nThis patch addresses a race condition for an ODP MR that can result in a\nCQE with an error on the UMR QP.\n\nDuring the __mlx5_ib_dereg_mr() flow, the following sequence of calls\noccurs:\n\nmlx5_revoke_mr()\n mlx5r_umr_revoke_mr()\n mlx5r_umr_post_send_wait()\n\nAt this point, the lkey is freed from the hardware\u0027s perspective.\n\nHowever, concurrently, mlx5_ib_invalidate_range() might be triggered by\nanother task attempting to invalidate a range for the same freed lkey.\n\nThis task will:\n - Acquire the umem_odp-\u003eumem_mutex lock.\n - Call mlx5r_umr_update_xlt() on the UMR QP.\n - Since the lkey has already been freed, this can lead to a CQE error,\n causing the UMR QP to enter an error state [1].\n\nTo resolve this race condition, the umem_odp-\u003eumem_mutex lock is now also\nacquired as part of the mlx5_revoke_mr() scope. Upon successful revoke,\nwe set umem_odp-\u003eprivate which points to that MR to NULL, preventing any\nfurther invalidation attempts on its lkey.\n\n[1] From dmesg:\n\n infiniband rocep8s0f0: dump_cqe:277:(pid 0): WC error: 6, Message: memory bind operation error\n cqe_dump: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000030: 00 00 00 00 08 00 78 06 25 00 11 b9 00 0e dd d2\n\n WARNING: CPU: 15 PID: 1506 at drivers/infiniband/hw/mlx5/umr.c:394 mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n Modules linked in: ip6table_mangle ip6table_natip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\n CPU: 15 UID: 0 PID: 1506 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1626\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n [..]\n Call Trace:\n \u003cTASK\u003e\n mlx5r_umr_update_xlt+0x23c/0x3e0 [mlx5_ib]\n mlx5_ib_invalidate_range+0x2e1/0x330 [mlx5_ib]\n __mmu_notifier_invalidate_range_start+0x1e1/0x240\n zap_page_range_single+0xf1/0x1a0\n madvise_vma_behavior+0x677/0x6e0\n do_madvise+0x1a2/0x4b0\n __x64_sys_madvise+0x25/0x30\n do_syscall_64+0x6b/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21732",
"url": "https://www.suse.com/security/cve/CVE-2025-21732"
},
{
"category": "external",
"summary": "SUSE Bug 1237877 for CVE-2025-21732",
"url": "https://bugzilla.suse.com/1237877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Fix resetting of tracepoints\n\nIf a timerlat tracer is started with the osnoise option OSNOISE_WORKLOAD\ndisabled, but then that option is enabled and timerlat is removed, the\ntracepoints that were enabled on timerlat registration do not get\ndisabled. If the option is disabled again and timelat is started, then it\ntriggers a warning in the tracepoint code due to registering the\ntracepoint again without ever disabling it.\n\nDo not use the same user space defined options to know to disable the\ntracepoints when timerlat is removed. Instead, set a global flag when it\nis enabled and use that flag to know to disable the events.\n\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n ~# echo OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo nop \u003e /sys/kernel/tracing/current_tracer\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n\nTriggers:\n\n ------------[ cut here ]------------\n WARNING: CPU: 6 PID: 1337 at kernel/tracepoint.c:294 tracepoint_add_func+0x3b6/0x3f0\n Modules linked in:\n CPU: 6 UID: 0 PID: 1337 Comm: rtla Not tainted 6.13.0-rc4-test-00018-ga867c441128e-dirty #73\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:tracepoint_add_func+0x3b6/0x3f0\n Code: 48 8b 53 28 48 8b 73 20 4c 89 04 24 e8 23 59 11 00 4c 8b 04 24 e9 36 fe ff ff 0f 0b b8 ea ff ff ff 45 84 e4 0f 84 68 fe ff ff \u003c0f\u003e 0b e9 61 fe ff ff 48 8b 7b 18 48 85 ff 0f 84 4f ff ff ff 49 8b\n RSP: 0018:ffffb9b003a87ca0 EFLAGS: 00010202\n RAX: 00000000ffffffef RBX: ffffffff92f30860 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9bf59e91ccd0 RDI: ffffffff913b6410\n RBP: 000000000000000a R08: 00000000000005c7 R09: 0000000000000002\n R10: ffffb9b003a87ce0 R11: 0000000000000002 R12: 0000000000000001\n R13: ffffb9b003a87ce0 R14: ffffffffffffffef R15: 0000000000000008\n FS: 00007fce81209240(0000) GS:ffff9bf6fdd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055e99b728000 CR3: 00000001277c0002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ? __warn.cold+0xb7/0x14d\n ? tracepoint_add_func+0x3b6/0x3f0\n ? report_bug+0xea/0x170\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? tracepoint_add_func+0x3b6/0x3f0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n tracepoint_probe_register+0x78/0xb0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n osnoise_workload_start+0x2b5/0x370\n timerlat_tracer_init+0x76/0x1b0\n tracing_set_tracer+0x244/0x400\n tracing_set_trace_write+0xa0/0xe0\n vfs_write+0xfc/0x570\n ? do_sys_openat2+0x9c/0xe0\n ksys_write+0x72/0xf0\n do_syscall_64+0x79/0x1c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21733",
"url": "https://www.suse.com/security/cve/CVE-2025-21733"
},
{
"category": "external",
"summary": "SUSE Bug 1238494 for CVE-2025-21733",
"url": "https://bugzilla.suse.com/1238494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21734",
"url": "https://www.suse.com/security/cve/CVE-2025-21734"
},
{
"category": "external",
"summary": "SUSE Bug 1238734 for CVE-2025-21734",
"url": "https://bugzilla.suse.com/1238734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21735",
"url": "https://www.suse.com/security/cve/CVE-2025-21735"
},
{
"category": "external",
"summary": "SUSE Bug 1238497 for CVE-2025-21735",
"url": "https://bugzilla.suse.com/1238497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix possible int overflows in nilfs_fiemap()\n\nSince nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result\nby being prepared to go through potentially maxblocks == INT_MAX blocks,\nthe value in n may experience an overflow caused by left shift of blkbits.\n\nWhile it is extremely unlikely to occur, play it safe and cast right hand\nexpression to wider type to mitigate the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with static analysis\ntool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21736",
"url": "https://www.suse.com/security/cve/CVE-2025-21736"
},
{
"category": "external",
"summary": "SUSE Bug 1238715 for CVE-2025-21736",
"url": "https://bugzilla.suse.com/1238715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21738",
"url": "https://www.suse.com/security/cve/CVE-2025-21738"
},
{
"category": "external",
"summary": "SUSE Bug 1238917 for CVE-2025-21738",
"url": "https://bugzilla.suse.com/1238917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21741",
"url": "https://www.suse.com/security/cve/CVE-2025-21741"
},
{
"category": "external",
"summary": "SUSE Bug 1238767 for CVE-2025-21741",
"url": "https://bugzilla.suse.com/1238767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21742",
"url": "https://www.suse.com/security/cve/CVE-2025-21742"
},
{
"category": "external",
"summary": "SUSE Bug 1238771 for CVE-2025-21742",
"url": "https://bugzilla.suse.com/1238771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix possible overflow in DPE length check\n\nOriginally, it was possible for the DPE length check to overflow if\nwDatagramIndex + wDatagramLength \u003e U16_MAX. This could lead to an OoB\nread.\n\nMove the wDatagramIndex term to the other side of the inequality.\n\nAn existing condition ensures that wDatagramIndex \u003c urb-\u003eactual_length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21743",
"url": "https://www.suse.com/security/cve/CVE-2025-21743"
},
{
"category": "external",
"summary": "SUSE Bug 1238781 for CVE-2025-21743",
"url": "https://bugzilla.suse.com/1238781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr-\u003eif2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp-\u003endev-\u003estats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21744",
"url": "https://www.suse.com/security/cve/CVE-2025-21744"
},
{
"category": "external",
"summary": "SUSE Bug 1238903 for CVE-2025-21744",
"url": "https://bugzilla.suse.com/1238903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21745",
"url": "https://www.suse.com/security/cve/CVE-2025-21745"
},
{
"category": "external",
"summary": "SUSE Bug 1238785 for CVE-2025-21745",
"url": "https://bugzilla.suse.com/1238785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21749",
"url": "https://www.suse.com/security/cve/CVE-2025-21749"
},
{
"category": "external",
"summary": "SUSE Bug 1238904 for CVE-2025-21749",
"url": "https://bugzilla.suse.com/1238904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "low"
}
],
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS: 00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21750",
"url": "https://www.suse.com/security/cve/CVE-2025-21750"
},
{
"category": "external",
"summary": "SUSE Bug 1238905 for CVE-2025-21750",
"url": "https://bugzilla.suse.com/1238905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn\u0027t cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n ASSERT(!(flags \u0026 ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n FAULT_INJECTION: forcing a failure.\n name failslab, interval 1, probability 0, space 0, times 1\n CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n fail_dump lib/fault-inject.c:53 [inline]\n should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n should_failslab+0xac/0x100 mm/failslab.c:46\n slab_pre_alloc_hook mm/slub.c:4072 [inline]\n slab_alloc_node mm/slub.c:4148 [inline]\n __do_kmalloc_node mm/slub.c:4297 [inline]\n __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_pwritev fs/read_write.c:1146 [inline]\n __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f1281f85d29\n RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n \u003c/TASK\u003e\n BTRFS error (device loop0 state A): Transaction aborted (error -12)\n BTRFS: error (device loop0 state A\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21754",
"url": "https://www.suse.com/security/cve/CVE-2025-21754"
},
{
"category": "external",
"summary": "SUSE Bug 1238496 for CVE-2025-21754",
"url": "https://bugzilla.suse.com/1238496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21755"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21755",
"url": "https://www.suse.com/security/cve/CVE-2025-21755"
},
{
"category": "external",
"summary": "SUSE Bug 1237882 for CVE-2025-21755",
"url": "https://bugzilla.suse.com/1237882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21755"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context\n\nThe following bug report happened with a PREEMPT_RT kernel:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n get_random_u32+0x4f/0x110\n clocksource_verify_choose_cpus+0xab/0x1a0\n clocksource_verify_percpu.part.0+0x6b/0x330\n clocksource_watchdog_kthread+0x193/0x1a0\n\nIt is due to the fact that clocksource_verify_choose_cpus() is invoked with\npreemption disabled. This function invokes get_random_u32() to obtain\nrandom numbers for choosing CPUs. The batched_entropy_32 local lock and/or\nthe base_crng.lock spinlock in driver/char/random.c will be acquired during\nthe call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot\nbe acquired in atomic context.\n\nFix this problem by using migrate_disable() to allow smp_processor_id() to\nbe reliably used without introducing atomic context. preempt_disable() is\nthen called after clocksource_verify_choose_cpus() but before the\nclocksource measurement is being run to avoid introducing unexpected\nlatency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21767",
"url": "https://www.suse.com/security/cve/CVE-2025-21767"
},
{
"category": "external",
"summary": "SUSE Bug 1238509 for CVE-2025-21767",
"url": "https://bugzilla.suse.com/1238509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial\n\nThe driver assumed that es58x_dev-\u003eudev-\u003eserial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev-\u003eudev-\u003eserial before accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21773",
"url": "https://www.suse.com/security/cve/CVE-2025-21773"
},
{
"category": "external",
"summary": "SUSE Bug 1238762 for CVE-2025-21773",
"url": "https://bugzilla.suse.com/1238762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21775",
"url": "https://www.suse.com/security/cve/CVE-2025-21775"
},
{
"category": "external",
"summary": "SUSE Bug 1238501 for CVE-2025-21775",
"url": "https://bugzilla.suse.com/1238501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: hub: Ignore non-compliant devices with too many configs or interfaces\n\nRobert Morris created a test program which can cause\nusb_hub_to_struct_hub() to dereference a NULL or inappropriate\npointer:\n\nOops: general protection fault, probably for non-canonical address\n0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI\nCPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14\nHardware name: FreeBSD BHYVE/BHYVE, BIOS 14.0 10/17/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_hub_adjust_deviceremovable+0x78/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x31/0x80\n ? exc_general_protection+0x1b4/0x3c0\n ? asm_exc_general_protection+0x26/0x30\n ? usb_hub_adjust_deviceremovable+0x78/0x110\n hub_probe+0x7c7/0xab0\n usb_probe_interface+0x14b/0x350\n really_probe+0xd0/0x2d0\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x6e/0x110\n driver_probe_device+0x1a/0x90\n __device_attach_driver+0x7e/0xc0\n bus_for_each_drv+0x7f/0xd0\n __device_attach+0xaa/0x1a0\n bus_probe_device+0x8b/0xa0\n device_add+0x62e/0x810\n usb_set_configuration+0x65d/0x990\n usb_generic_driver_probe+0x4b/0x70\n usb_probe_device+0x36/0xd0\n\nThe cause of this error is that the device has two interfaces, and the\nhub driver binds to interface 1 instead of interface 0, which is where\nusb_hub_to_struct_hub() looks.\n\nWe can prevent the problem from occurring by refusing to accept hub\ndevices that violate the USB spec by having more than one\nconfiguration or interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21776",
"url": "https://www.suse.com/security/cve/CVE-2025-21776"
},
{
"category": "external",
"summary": "SUSE Bug 1238909 for CVE-2025-21776",
"url": "https://bugzilla.suse.com/1238909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21779",
"url": "https://www.suse.com/security/cve/CVE-2025-21779"
},
{
"category": "external",
"summary": "SUSE Bug 1238768 for CVE-2025-21779",
"url": "https://bugzilla.suse.com/1238768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21780",
"url": "https://www.suse.com/security/cve/CVE-2025-21780"
},
{
"category": "external",
"summary": "SUSE Bug 1239115 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "external",
"summary": "SUSE Bug 1239116 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn\u0027t a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh-\u003ebat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21781",
"url": "https://www.suse.com/security/cve/CVE-2025-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1238735 for CVE-2025-21781",
"url": "https://bugzilla.suse.com/1238735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21784",
"url": "https://www.suse.com/security/cve/CVE-2025-21784"
},
{
"category": "external",
"summary": "SUSE Bug 1238510 for CVE-2025-21784",
"url": "https://bugzilla.suse.com/1238510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21785",
"url": "https://www.suse.com/security/cve/CVE-2025-21785"
},
{
"category": "external",
"summary": "SUSE Bug 1238747 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "external",
"summary": "SUSE Bug 1240745 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1240745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: check vxlan_vnigroup_init() return value\n\nvxlan_init() must check vxlan_vnigroup_init() success\notherwise a crash happens later, spotted by syzbot.\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000002c: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000160-0x0000000000000167]\nCPU: 0 UID: 0 PID: 7313 Comm: syz-executor147 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:vxlan_vnigroup_uninit+0x89/0x500 drivers/net/vxlan/vxlan_vnifilter.c:912\nCode: 00 48 8b 44 24 08 4c 8b b0 98 41 00 00 49 8d 86 60 01 00 00 48 89 c2 48 89 44 24 10 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4d 04 00 00 49 8b 86 60 01 00 00 48 ba 00 00 00\nRSP: 0018:ffffc9000cc1eea8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff8672effb\nRDX: 000000000000002c RSI: ffffffff8672ecb9 RDI: ffff8880461b4f18\nRBP: ffff8880461b4ef4 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000020000\nR13: ffff8880461b0d80 R14: 0000000000000000 R15: dffffc0000000000\nFS: 00007fecfa95d6c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fecfa95cfb8 CR3: 000000004472c000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vxlan_uninit+0x1ab/0x200 drivers/net/vxlan/vxlan_core.c:2942\n unregister_netdevice_many_notify+0x12d6/0x1f30 net/core/dev.c:11824\n unregister_netdevice_many net/core/dev.c:11866 [inline]\n unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11736\n register_netdevice+0x1829/0x1eb0 net/core/dev.c:10901\n __vxlan_dev_create+0x7c6/0xa30 drivers/net/vxlan/vxlan_core.c:3981\n vxlan_newlink+0xd1/0x130 drivers/net/vxlan/vxlan_core.c:4407\n rtnl_newlink_create net/core/rtnetlink.c:3795 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21790",
"url": "https://www.suse.com/security/cve/CVE-2025-21790"
},
{
"category": "external",
"summary": "SUSE Bug 1238753 for CVE-2025-21790",
"url": "https://bugzilla.suse.com/1238753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21790"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21793",
"url": "https://www.suse.com/security/cve/CVE-2025-21793"
},
{
"category": "external",
"summary": "SUSE Bug 1238500 for CVE-2025-21793",
"url": "https://bugzilla.suse.com/1238500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()\n\nSyzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from\nhid-thrustmaster driver. This array is passed to usb_check_int_endpoints\nfunction from usb.c core driver, which executes a for loop that iterates\nover the elements of the passed array. Not finding a null element at the end of\nthe array, it tries to read the next, non-existent element, crashing the kernel.\n\nTo fix this, a 0 element was added at the end of the array to break the for\nloop.\n\n[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21794",
"url": "https://www.suse.com/security/cve/CVE-2025-21794"
},
{
"category": "external",
"summary": "SUSE Bug 1238502 for CVE-2025-21794",
"url": "https://bugzilla.suse.com/1238502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix hang in nfsd4_shutdown_callback\n\nIf nfs4_client is in courtesy state then there is no point to send\nthe callback. This causes nfsd4_shutdown_callback to hang since\ncl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP\nnotifies NFSD that the connection was dropped.\n\nThis patch modifies nfsd4_run_cb_work to skip the RPC call if\nnfs4_client is in courtesy state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21795",
"url": "https://www.suse.com/security/cve/CVE-2025-21795"
},
{
"category": "external",
"summary": "SUSE Bug 1238759 for CVE-2025-21795",
"url": "https://bugzilla.suse.com/1238759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()\n\nWhen getting the IRQ we use k3_udma_glue_tx_get_irq() which returns\nnegative error value on error. So not NULL check is not sufficient\nto deteremine if IRQ is valid. Check that IRQ is greater then zero\nto ensure it is valid.\n\nThere is no issue at probe time but at runtime user can invoke\n.set_channels which results in the following call chain.\nam65_cpsw_set_channels()\n am65_cpsw_nuss_update_tx_rx_chns()\n am65_cpsw_nuss_remove_tx_chns()\n am65_cpsw_nuss_init_tx_chns()\n\nAt this point if am65_cpsw_nuss_init_tx_chns() fails due to\nk3_udma_glue_tx_get_irq() then tx_chn-\u003eirq will be set to a\nnegative value.\n\nThen, at subsequent .set_channels with higher channel count we\nwill attempt to free an invalid IRQ in am65_cpsw_nuss_remove_tx_chns()\nleading to a kernel warning.\n\nThe issue is present in the original commit that introduced this driver,\nalthough there, am65_cpsw_nuss_update_tx_rx_chns() existed as\nam65_cpsw_nuss_update_tx_chns().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21799",
"url": "https://www.suse.com/security/cve/CVE-2025-21799"
},
{
"category": "external",
"summary": "SUSE Bug 1238739 for CVE-2025-21799",
"url": "https://bugzilla.suse.com/1238739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21799"
},
{
"cve": "CVE-2025-21802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix oops when unload drivers paralleling\n\nWhen unload hclge driver, it tries to disable sriov first for each\nae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at\nthe time, because it removes all the ae_dev nodes, and it may cause\noops.\n\nBut we can\u0027t simply use hnae3_common_lock for this. Because in the\nprocess flow of pci_disable_sriov(), it will trigger the remove flow\nof VF, which will also take hnae3_common_lock.\n\nTo fixes it, introduce a new mutex to protect the unload process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21802",
"url": "https://www.suse.com/security/cve/CVE-2025-21802"
},
{
"category": "external",
"summary": "SUSE Bug 1238751 for CVE-2025-21802",
"url": "https://bugzilla.suse.com/1238751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21802"
},
{
"cve": "CVE-2025-21804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n $ cat /proc/iomem\n 30000000-37ffffff :\n 38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n $ cat /proc/iomem\n 30000000-37ffffff : memory2\n 38000000-3fffffff : memory3\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21804",
"url": "https://www.suse.com/security/cve/CVE-2025-21804"
},
{
"category": "external",
"summary": "SUSE Bug 1238736 for CVE-2025-21804",
"url": "https://bugzilla.suse.com/1238736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: let net.core.dev_weight always be non-zero\n\nThe following problem was encountered during stability test:\n\n(NULL net_device): NAPI poll function process_backlog+0x0/0x530 \\\n\treturned 1, exceeding its budget of 0.\n------------[ cut here ]------------\nlist_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \\\n\tnext=ffff88905f746e40.\nWARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \\\n\t__list_add_valid_or_report+0xf3/0x130\nCPU: 18 UID: 0 PID: 5462 Comm: ping Kdump: loaded Not tainted 6.13.0-rc7+\nRIP: 0010:__list_add_valid_or_report+0xf3/0x130\nCall Trace:\n? __warn+0xcd/0x250\n? __list_add_valid_or_report+0xf3/0x130\nenqueue_to_backlog+0x923/0x1070\nnetif_rx_internal+0x92/0x2b0\n__netif_rx+0x15/0x170\nloopback_xmit+0x2ef/0x450\ndev_hard_start_xmit+0x103/0x490\n__dev_queue_xmit+0xeac/0x1950\nip_finish_output2+0x6cc/0x1620\nip_output+0x161/0x270\nip_push_pending_frames+0x155/0x1a0\nraw_sendmsg+0xe13/0x1550\n__sys_sendto+0x3bf/0x4e0\n__x64_sys_sendto+0xdc/0x1b0\ndo_syscall_64+0x5b/0x170\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe reproduction command is as follows:\n sysctl -w net.core.dev_weight=0\n ping 127.0.0.1\n\nThis is because when the napi\u0027s weight is set to 0, process_backlog() may\nreturn 0 and clear the NAPI_STATE_SCHED bit of napi-\u003estate, causing this\nnapi to be re-polled in net_rx_action() until __do_softirq() times out.\nSince the NAPI_STATE_SCHED bit has been cleared, napi_schedule_rps() can\nbe retriggered in enqueue_to_backlog(), causing this issue.\n\nMaking the napi\u0027s weight always non-zero solves this problem.\n\nTriggering this issue requires system-wide admin (setting is\nnot namespaced).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21806",
"url": "https://www.suse.com/security/cve/CVE-2025-21806"
},
{
"category": "external",
"summary": "SUSE Bug 1238746 for CVE-2025-21806",
"url": "https://bugzilla.suse.com/1238746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21806"
},
{
"cve": "CVE-2025-21810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: class: Fix wild pointer dereferences in API class_dev_iter_next()\n\nThere are a potential wild pointer dereferences issue regarding APIs\nclass_dev_iter_(init|next|exit)(), as explained by below typical usage:\n\n// All members of @iter are wild pointers.\nstruct class_dev_iter iter;\n\n// class_dev_iter_init(@iter, @class, ...) checks parameter @class for\n// potential class_to_subsys() error, and it returns void type and does\n// not initialize its output parameter @iter, so caller can not detect\n// the error and continues to invoke class_dev_iter_next(@iter) even if\n// @iter still contains wild pointers.\nclass_dev_iter_init(\u0026iter, ...);\n\n// Dereference these wild pointers in @iter here once suffer the error.\nwhile (dev = class_dev_iter_next(\u0026iter)) { ... };\n\n// Also dereference these wild pointers here.\nclass_dev_iter_exit(\u0026iter);\n\nActually, all callers of these APIs have such usage pattern in kernel tree.\nFix by:\n- Initialize output parameter @iter by memset() in class_dev_iter_init()\n and give callers prompt by pr_crit() for the error.\n- Check if @iter is valid in class_dev_iter_next().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21810",
"url": "https://www.suse.com/security/cve/CVE-2025-21810"
},
{
"category": "external",
"summary": "SUSE Bug 1238757 for CVE-2025-21810",
"url": "https://bugzilla.suse.com/1238757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/compaction: fix UBSAN shift-out-of-bounds warning\n\nsyzkaller reported a UBSAN shift-out-of-bounds warning of (1UL \u003c\u003c order)\nin isolate_freepages_block(). The bogus compound_order can be any value\nbecause it is union with flags. Add back the MAX_PAGE_ORDER check to fix\nthe warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21815",
"url": "https://www.suse.com/security/cve/CVE-2025-21815"
},
{
"category": "external",
"summary": "SUSE Bug 1238474 for CVE-2025-21815",
"url": "https://bugzilla.suse.com/1238474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/display: Use HW lock mgr for PSR1\"\n\nThis reverts commit\na2b5a9956269 (\"drm/amd/display: Use HW lock mgr for PSR1\")\n\nBecause it may cause system hang while connect with two edp panel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21819",
"url": "https://www.suse.com/security/cve/CVE-2025-21819"
},
{
"category": "external",
"summary": "SUSE Bug 1238994 for CVE-2025-21819",
"url": "https://bugzilla.suse.com/1238994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port-\u003esysrq)\n uart_port_lock(port)\n uart_handle_break()\n port-\u003esysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port-\u003esysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port-\u003esysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21820",
"url": "https://www.suse.com/security/cve/CVE-2025-21820"
},
{
"category": "external",
"summary": "SUSE Bug 1238479 for CVE-2025-21820",
"url": "https://bugzilla.suse.com/1238479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21823",
"url": "https://www.suse.com/security/cve/CVE-2025-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1238475 for CVE-2025-21823",
"url": "https://bugzilla.suse.com/1238475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Cancel the running bpf_timer through kworker for PREEMPT_RT\n\nDuring the update procedure, when overwrite element in a pre-allocated\nhtab, the freeing of old_element is protected by the bucket lock. The\nreason why the bucket lock is necessary is that the old_element has\nalready been stashed in htab-\u003eextra_elems after alloc_htab_elem()\nreturns. If freeing the old_element after the bucket lock is unlocked,\nthe stashed element may be reused by concurrent update procedure and the\nfreeing of old_element will run concurrently with the reuse of the\nold_element. However, the invocation of check_and_free_fields() may\nacquire a spin-lock which violates the lockdep rule because its caller\nhas already held a raw-spin-lock (bucket lock). The following warning\nwill be reported when such race happens:\n\n BUG: scheduling while atomic: test_progs/676/0x00000003\n 3 locks held by test_progs/676:\n #0: ffffffff864b0240 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830\n #1: ffff88810e961188 (\u0026htab-\u003elockdep_key){....}-{2:2}, at: htab_map_update_elem+0x306/0x1500\n #2: ffff8881f4eac1b8 (\u0026base-\u003esoftirq_expiry_lock){....}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0\n Modules linked in: bpf_testmod(O)\n Preemption disabled at:\n [\u003cffffffff817837a3\u003e] htab_map_update_elem+0x293/0x1500\n CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G ... 6.12.0+ #11\n Tainted: [W]=WARN, [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n __schedule_bug+0x120/0x170\n __schedule+0x300c/0x4800\n schedule_rtlock+0x37/0x60\n rtlock_slowlock_locked+0x6d9/0x54c0\n rt_spin_lock+0x168/0x230\n hrtimer_cancel_wait_running+0xe9/0x1b0\n hrtimer_cancel+0x24/0x30\n bpf_timer_delete_work+0x1d/0x40\n bpf_timer_cancel_and_free+0x5e/0x80\n bpf_obj_free_fields+0x262/0x4a0\n check_and_free_fields+0x1d0/0x280\n htab_map_update_elem+0x7fc/0x1500\n bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43\n bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e\n bpf_prog_test_run_syscall+0x322/0x830\n __sys_bpf+0x135d/0x3ca0\n __x64_sys_bpf+0x75/0xb0\n x64_sys_call+0x1b5/0xa10\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n ...\n \u003c/TASK\u003e\n\nIt seems feasible to break the reuse and refill of per-cpu extra_elems\ninto two independent parts: reuse the per-cpu extra_elems with bucket\nlock being held and refill the old_element as per-cpu extra_elems after\nthe bucket lock is unlocked. However, it will make the concurrent\noverwrite procedures on the same CPU return unexpected -E2BIG error when\nthe map is full.\n\nTherefore, the patch fixes the lock problem by breaking the cancelling\nof bpf_timer into two steps for PREEMPT_RT:\n1) use hrtimer_try_to_cancel() and check its return value\n2) if the timer is running, use hrtimer_cancel() through a kworker to\n cancel it again\nConsidering that the current implementation of hrtimer_cancel() will try\nto acquire a being held softirq_expiry_lock when the current timer is\nrunning, these steps above are reasonable. However, it also has\ndownside. When the timer is running, the cancelling of the timer is\ndelayed when releasing the last map uref. The delay is also fixable\n(e.g., break the cancelling of bpf timer into two parts: one part in\nlocked scope, another one in unlocked scope), it can be revised later if\nnecessary.\n\nIt is a bit hard to decide the right fix tag. One reason is that the\nproblem depends on PREEMPT_RT which is enabled in v6.12. Considering the\nsoftirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced\nin v5.15, the bpf_timer commit is used in the fixes tag and an extra\ndepends-on tag is added to state the dependency on PREEMPT_RT.\n\nDepends-on: v6.12+ with PREEMPT_RT enabled",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21825",
"url": "https://www.suse.com/security/cve/CVE-2025-21825"
},
{
"category": "external",
"summary": "SUSE Bug 1238971 for CVE-2025-21825",
"url": "https://bugzilla.suse.com/1238971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t flush non-uploaded STAs\n\nIf STA state is pre-moved to AUTHORIZED (such as in IBSS\nscenarios) and insertion fails, the station is freed.\nIn this case, the driver never knew about the station,\nso trying to flush it is unexpected and may crash.\n\nCheck if the sta was uploaded to the driver before and\nfix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21828",
"url": "https://www.suse.com/security/cve/CVE-2025-21828"
},
{
"category": "external",
"summary": "SUSE Bug 1238958 for CVE-2025-21828",
"url": "https://bugzilla.suse.com/1238958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n \u003cTASK\u003e\n ? show_regs.cold+0x1a/0x1f\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __warn+0x84/0xd0\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? report_bug+0x105/0x180\n ? handle_bug+0x46/0x80\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n ib_destroy_qp_user+0x118/0x190 [ib_core]\n rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n process_one_work+0x21d/0x3f0\n worker_thread+0x4a/0x3c0\n ? process_one_work+0x3f0/0x3f0\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21829",
"url": "https://www.suse.com/security/cve/CVE-2025-21829"
},
{
"category": "external",
"summary": "SUSE Bug 1239030 for CVE-2025-21829",
"url": "https://bugzilla.suse.com/1239030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21830",
"url": "https://www.suse.com/security/cve/CVE-2025-21830"
},
{
"category": "external",
"summary": "SUSE Bug 1239033 for CVE-2025-21830",
"url": "https://bugzilla.suse.com/1239033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won\u0027t be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21831",
"url": "https://www.suse.com/security/cve/CVE-2025-21831"
},
{
"category": "external",
"summary": "SUSE Bug 1239039 for CVE-2025-21831",
"url": "https://bugzilla.suse.com/1239039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21835",
"url": "https://www.suse.com/security/cve/CVE-2025-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1239068 for CVE-2025-21835",
"url": "https://bugzilla.suse.com/1239068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: reallocate buf lists on upgrade\n\nIORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it\nwas created for legacy selected buffer and has been emptied. It violates\nthe requirement that most of the field should stay stable after publish.\nAlways reallocate it instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21836",
"url": "https://www.suse.com/security/cve/CVE-2025-21836"
},
{
"category": "external",
"summary": "SUSE Bug 1239066 for CVE-2025-21836",
"url": "https://bugzilla.suse.com/1239066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21836"
},
{
"cve": "CVE-2025-21838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget-\u003ework\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(\u0026gadget-\u003ework)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21838",
"url": "https://www.suse.com/security/cve/CVE-2025-21838"
},
{
"category": "external",
"summary": "SUSE Bug 1239065 for CVE-2025-21838",
"url": "https://bugzilla.suse.com/1239065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: prevent opcode speculation\n\nsqe-\u003eopcode is used for different tables, make sure we santitise it\nagainst speculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21863",
"url": "https://www.suse.com/security/cve/CVE-2025-21863"
},
{
"category": "external",
"summary": "SUSE Bug 1239475 for CVE-2025-21863",
"url": "https://bugzilla.suse.com/1239475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21863"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: bsg: Fix crash when arpmb command fails\n\nIf the device doesn\u0027t support arpmb we\u0027ll crash due to copying user data in\nbsg_transport_sg_io_fn().\n\nIn the case where ufs_bsg_exec_advanced_rpmb_req() returns an error, do not\nset the job\u0027s reply_len.\n\nMemory crash backtrace:\n3,1290,531166405,-;ufshcd 0000:00:12.5: ARPMB OP failed: error code -22\n\n4,1308,531166555,-;Call Trace:\n\n4,1309,531166559,-; \u003cTASK\u003e\n\n4,1310,531166565,-; ? show_regs+0x6d/0x80\n\n4,1311,531166575,-; ? die+0x37/0xa0\n\n4,1312,531166583,-; ? do_trap+0xd4/0xf0\n\n4,1313,531166593,-; ? do_error_trap+0x71/0xb0\n\n4,1314,531166601,-; ? usercopy_abort+0x6c/0x80\n\n4,1315,531166610,-; ? exc_invalid_op+0x52/0x80\n\n4,1316,531166622,-; ? usercopy_abort+0x6c/0x80\n\n4,1317,531166630,-; ? asm_exc_invalid_op+0x1b/0x20\n\n4,1318,531166643,-; ? usercopy_abort+0x6c/0x80\n\n4,1319,531166652,-; __check_heap_object+0xe3/0x120\n\n4,1320,531166661,-; check_heap_object+0x185/0x1d0\n\n4,1321,531166670,-; __check_object_size.part.0+0x72/0x150\n\n4,1322,531166679,-; __check_object_size+0x23/0x30\n\n4,1323,531166688,-; bsg_transport_sg_io_fn+0x314/0x3b0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21873",
"url": "https://www.suse.com/security/cve/CVE-2025-21873"
},
{
"category": "external",
"summary": "SUSE Bug 1240184 for CVE-2025-21873",
"url": "https://bugzilla.suse.com/1240184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21873"
},
{
"cve": "CVE-2025-21875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: always handle address removal under msk socket lock\n\nSyzkaller reported a lockdep splat in the PM control path:\n\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Modules linked in:\n CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\n RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]\n RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 \u003c0f\u003e 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff\n RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283\n RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408\n RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000\n R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0\n R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00\n FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59\n mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486\n mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]\n mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:733\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2573\n ___sys_sendmsg net/socket.c:2627 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f7e9998cde9\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9\n RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007\n RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088\n\nIndeed the PM can try to send a RM_ADDR over a msk without acquiring\nfirst the msk socket lock.\n\nThe bugged code-path comes from an early optimization: when there\nare no subflows, the PM should (usually) not send RM_ADDR\nnotifications.\n\nThe above statement is incorrect, as without locks another process\ncould concur\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21875",
"url": "https://www.suse.com/security/cve/CVE-2025-21875"
},
{
"category": "external",
"summary": "SUSE Bug 1240168 for CVE-2025-21875",
"url": "https://bugzilla.suse.com/1240168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21875"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: Reject the shared zeropage in uprobe_write_opcode()\n\nWe triggered the following crash in syzkaller tests:\n\n BUG: Bad page state in process syz.7.38 pfn:1eff3\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3\n flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)\n raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x32/0x50\n bad_page+0x69/0xf0\n free_unref_page_prepare+0x401/0x500\n free_unref_page+0x6d/0x1b0\n uprobe_write_opcode+0x460/0x8e0\n install_breakpoint.part.0+0x51/0x80\n register_for_each_vma+0x1d9/0x2b0\n __uprobe_register+0x245/0x300\n bpf_uprobe_multi_link_attach+0x29b/0x4f0\n link_create+0x1e2/0x280\n __sys_bpf+0x75f/0xac0\n __x64_sys_bpf+0x1a/0x30\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\n BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1\n\nThe following syzkaller test case can be used to reproduce:\n\n r2 = creat(\u0026(0x7f0000000000)=\u0027./file0\\x00\u0027, 0x8)\n write$nbd(r2, \u0026(0x7f0000000580)=ANY=[], 0x10)\n r4 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x42, 0x0)\n mmap$IORING_OFF_SQ_RING(\u0026(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)\n r5 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r5, 0xc018aa3f, \u0026(0x7f0000000040)={0xaa, 0x20})\n r6 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r6, 0xc018aa3f, \u0026(0x7f0000000140))\n ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, \u0026(0x7f0000000100)={{\u0026(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})\n ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, \u0026(0x7f0000000000)={{\u0026(0x7f0000ffd000/0x1000)=nil, 0x1000}})\n r7 = bpf$PROG_LOAD(0x5, \u0026(0x7f0000000140)={0x2, 0x3, \u0026(0x7f0000000200)=ANY=[@ANYBLOB=\"1800000000120000000000000000000095\"], \u0026(0x7f0000000000)=\u0027GPL\\x00\u0027, 0x7, 0x0, 0x0, 0x0, 0x0, \u0027\\x00\u0027, 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)\n bpf$BPF_LINK_CREATE_XDP(0x1c, \u0026(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={\u0026(0x7f0000000080)=\u0027./file0\\x00\u0027, \u0026(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40)\n\nThe cause is that zero pfn is set to the PTE without increasing the RSS\ncount in mfill_atomic_pte_zeropage() and the refcount of zero folio does\nnot increase accordingly. Then, the operation on the same pfn is performed\nin uprobe_write_opcode()-\u003e__replace_page() to unconditional decrease the\nRSS count and old_folio\u0027s refcount.\n\nTherefore, two bugs are introduced:\n\n 1. The RSS count is incorrect, when process exit, the check_mm() report\n error \"Bad rss-count\".\n\n 2. The reserved folio (zero folio) is freed when folio-\u003erefcount is zero,\n then free_pages_prepare-\u003efree_page_is_bad() report error\n \"Bad page state\".\n\nThere is more, the following warning could also theoretically be triggered:\n\n __replace_page()\n -\u003e ...\n -\u003e folio_remove_rmap_pte()\n -\u003e VM_WARN_ON_FOLIO(is_zero_folio(folio), folio)\n\nConsidering that uprobe hit on the zero folio is a very rare case, just\nreject zero old folio immediately after get_user_page_vma_remote().\n\n[ mingo: Cleaned up the changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21881",
"url": "https://www.suse.com/security/cve/CVE-2025-21881"
},
{
"category": "external",
"summary": "SUSE Bug 1240185 for CVE-2025-21881",
"url": "https://bugzilla.suse.com/1240185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21881"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: better track kernel sockets lifetime\n\nWhile kernel sockets are dismantled during pernet_operations-\u003eexit(),\ntheir freeing can be delayed by any tx packets still held in qdisc\nor device queues, due to skb_set_owner_w() prior calls.\n\nThis then trigger the following warning from ref_tracker_dir_exit() [1]\n\nTo fix this, make sure that kernel sockets own a reference on net-\u003epassive.\n\nAdd sk_net_refcnt_upgrade() helper, used whenever a kernel socket\nis converted to a refcounted one.\n\n[1]\n\n[ 136.263918][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.263918][ T35] sk_alloc+0x2b3/0x370\n[ 136.263918][ T35] inet6_create+0x6ce/0x10f0\n[ 136.263918][ T35] __sock_create+0x4c0/0xa30\n[ 136.263918][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.263918][ T35] igmp6_net_init+0x39/0x390\n[ 136.263918][ T35] ops_init+0x31e/0x590\n[ 136.263918][ T35] setup_net+0x287/0x9e0\n[ 136.263918][ T35] copy_net_ns+0x33f/0x570\n[ 136.263918][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.263918][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.263918][ T35] ksys_unshare+0x57d/0xa70\n[ 136.263918][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.263918][ T35] do_syscall_64+0xf3/0x230\n[ 136.263918][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 136.263918][ T35]\n[ 136.343488][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.343488][ T35] sk_alloc+0x2b3/0x370\n[ 136.343488][ T35] inet6_create+0x6ce/0x10f0\n[ 136.343488][ T35] __sock_create+0x4c0/0xa30\n[ 136.343488][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.343488][ T35] ndisc_net_init+0xa7/0x2b0\n[ 136.343488][ T35] ops_init+0x31e/0x590\n[ 136.343488][ T35] setup_net+0x287/0x9e0\n[ 136.343488][ T35] copy_net_ns+0x33f/0x570\n[ 136.343488][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.343488][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.343488][ T35] ksys_unshare+0x57d/0xa70\n[ 136.343488][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.343488][ T35] do_syscall_64+0xf3/0x230\n[ 136.343488][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21884",
"url": "https://www.suse.com/security/cve/CVE-2025-21884"
},
{
"category": "external",
"summary": "SUSE Bug 1240171 for CVE-2025-21884",
"url": "https://bugzilla.suse.com/1240171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21884"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up\n\nThe issue was caused by dput(upper) being called before\novl_dentry_update_reval(), while upper-\u003ed_flags was still\naccessed in ovl_dentry_remote().\n\nMove dput(upper) after its last use to prevent use-after-free.\n\nBUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\nBUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\n ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n ovl_link_up fs/overlayfs/copy_up.c:610 [inline]\n ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170\n ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223\n ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136\n vfs_rename+0xf84/0x20a0 fs/namei.c:4893\n...\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21887",
"url": "https://www.suse.com/security/cve/CVE-2025-21887"
},
{
"category": "external",
"summary": "SUSE Bug 1240176 for CVE-2025-21887",
"url": "https://bugzilla.suse.com/1240176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21887"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t lockdep_rcu_suspicious\n\t ? perf_event_addr_filters_apply\n\t perf_iterate_ctx\n\t perf_event_exec\n\t begin_new_exec\n\t ? load_elf_phdrs\n\t load_elf_binary\n\t ? lock_acquire\n\t ? find_held_lock\n\t ? bprm_execve\n\t bprm_execve\n\t do_execveat_common.isra.0\n\t __x64_sys_execve\n\t do_syscall_64\n\t entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21889",
"url": "https://www.suse.com/security/cve/CVE-2025-21889"
},
{
"category": "external",
"summary": "SUSE Bug 1240167 for CVE-2025-21889",
"url": "https://bugzilla.suse.com/1240167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21889"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
},
{
"cve": "CVE-2025-21894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC\n\nActually ENETC VFs do not support HWTSTAMP_TX_ONESTEP_SYNC because only\nENETC PF can access PMa_SINGLE_STEP registers. And there will be a crash\nif VFs are used to test one-step timestamp, the crash log as follows.\n\n[ 129.110909] Unable to handle kernel paging request at virtual address 00000000000080c0\n[ 129.287769] Call trace:\n[ 129.290219] enetc_port_mac_wr+0x30/0xec (P)\n[ 129.294504] enetc_start_xmit+0xda4/0xe74\n[ 129.298525] enetc_xmit+0x70/0xec\n[ 129.301848] dev_hard_start_xmit+0x98/0x118",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21894",
"url": "https://www.suse.com/security/cve/CVE-2025-21894"
},
{
"category": "external",
"summary": "SUSE Bug 1240581 for CVE-2025-21894",
"url": "https://bugzilla.suse.com/1240581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21894"
},
{
"cve": "CVE-2025-21895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Order the PMU list to fix warning about unordered pmu_ctx_list\n\nSyskaller triggers a warning due to prev_epc-\u003epmu != next_epc-\u003epmu in\nperf_event_swap_task_ctx_data(). vmcore shows that two lists have the same\nperf_event_pmu_context, but not in the same order.\n\nThe problem is that the order of pmu_ctx_list for the parent is impacted by\nthe time when an event/PMU is added. While the order for a child is\nimpacted by the event order in the pinned_groups and flexible_groups. So\nthe order of pmu_ctx_list in the parent and child may be different.\n\nTo fix this problem, insert the perf_event_pmu_context to its proper place\nafter iteration of the pmu_ctx_list.\n\nThe follow testcase can trigger above warning:\n\n # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out \u0026\n # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out\n\n test.c\n\n void main() {\n int count = 0;\n pid_t pid;\n\n printf(\"%d running\\n\", getpid());\n sleep(30);\n printf(\"running\\n\");\n\n pid = fork();\n if (pid == -1) {\n printf(\"fork error\\n\");\n return;\n }\n if (pid == 0) {\n while (1) {\n count++;\n }\n } else {\n while (1) {\n count++;\n }\n }\n }\n\nThe testcase first opens an LBR event, so it will allocate task_ctx_data,\nand then open tracepoint and software events, so the parent context will\nhave 3 different perf_event_pmu_contexts. On inheritance, child ctx will\ninsert the perf_event_pmu_context in another order and the warning will\ntrigger.\n\n[ mingo: Tidied up the changelog. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21895",
"url": "https://www.suse.com/security/cve/CVE-2025-21895"
},
{
"category": "external",
"summary": "SUSE Bug 1240585 for CVE-2025-21895",
"url": "https://bugzilla.suse.com/1240585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21895"
},
{
"cve": "CVE-2025-21905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: limit printed string from FW file\n\nThere\u0027s no guarantee here that the file is always with a\nNUL-termination, so reading the string may read beyond the\nend of the TLV. If that\u0027s the last TLV in the file, it can\nperhaps even read beyond the end of the file buffer.\n\nFix that by limiting the print format to the size of the\nbuffer we have.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21905",
"url": "https://www.suse.com/security/cve/CVE-2025-21905"
},
{
"category": "external",
"summary": "SUSE Bug 1240575 for CVE-2025-21905",
"url": "https://bugzilla.suse.com/1240575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21905"
},
{
"cve": "CVE-2025-21906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: clean up ROC on failure\n\nIf the firmware fails to start the session protection, then we\ndo call iwl_mvm_roc_finished() here, but that won\u0027t do anything\nat all because IWL_MVM_STATUS_ROC_P2P_RUNNING was never set.\nSet IWL_MVM_STATUS_ROC_P2P_RUNNING in the failure/stop path.\nIf it started successfully before, it\u0027s already set, so that\ndoesn\u0027t matter, and if it didn\u0027t start it needs to be set to\nclean up.\n\nNot doing so will lead to a WARN_ON() later on a fresh remain-\non-channel, since the link is already active when activated as\nit was never deactivated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21906",
"url": "https://www.suse.com/security/cve/CVE-2025-21906"
},
{
"category": "external",
"summary": "SUSE Bug 1240587 for CVE-2025-21906",
"url": "https://bugzilla.suse.com/1240587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21906"
},
{
"cve": "CVE-2025-21908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21908"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\n\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\n\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\nmount on the same host, NFSD blocks waiting for XFS\u0027s call to\n__filemap_get_folio):\n\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\n\n{---\n[58] \"kcompactd0\"\n[\u003c0\u003e] folio_wait_bit+0xe8/0x200\n[\u003c0\u003e] folio_wait_writeback+0x2b/0x80\n[\u003c0\u003e] nfs_wb_folio+0x80/0x1b0 [nfs]\n[\u003c0\u003e] nfs_release_folio+0x68/0x130 [nfs]\n[\u003c0\u003e] split_huge_page_to_list_to_order+0x362/0x840\n[\u003c0\u003e] migrate_pages_batch+0x43d/0xb90\n[\u003c0\u003e] migrate_pages_sync+0x9a/0x240\n[\u003c0\u003e] migrate_pages+0x93c/0x9f0\n[\u003c0\u003e] compact_zone+0x8e2/0x1030\n[\u003c0\u003e] compact_node+0xdb/0x120\n[\u003c0\u003e] kcompactd+0x121/0x2e0\n[\u003c0\u003e] kthread+0xcf/0x100\n[\u003c0\u003e] ret_from_fork+0x31/0x40\n[\u003c0\u003e] ret_from_fork_asm+0x1a/0x30\n---}\n\n[akpm@linux-foundation.org: fix build]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21908",
"url": "https://www.suse.com/security/cve/CVE-2025-21908"
},
{
"category": "external",
"summary": "SUSE Bug 1240600 for CVE-2025-21908",
"url": "https://bugzilla.suse.com/1240600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21908"
},
{
"cve": "CVE-2025-21909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject cooked mode if it is set along with other flags\n\nIt is possible to set both MONITOR_FLAG_COOK_FRAMES and MONITOR_FLAG_ACTIVE\nflags simultaneously on the same monitor interface from the userspace. This\ncauses a sub-interface to be created with no IEEE80211_SDATA_IN_DRIVER bit\nset because the monitor interface is in the cooked state and it takes\nprecedence over all other states. When the interface is then being deleted\nthe kernel calls WARN_ONCE() from check_sdata_in_driver() because of missing\nthat bit.\n\nFix this by rejecting MONITOR_FLAG_COOK_FRAMES if it is set along with\nother flags.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21909",
"url": "https://www.suse.com/security/cve/CVE-2025-21909"
},
{
"category": "external",
"summary": "SUSE Bug 1240590 for CVE-2025-21909",
"url": "https://bugzilla.suse.com/1240590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21909"
},
{
"cve": "CVE-2025-21910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: regulatory: improve invalid hints checking\n\nSyzbot keeps reporting an issue [1] that occurs when erroneous symbols\nsent from userspace get through into user_alpha2[] via\nregulatory_hint_user() call. Such invalid regulatory hints should be\nrejected.\n\nWhile a sanity check from commit 47caf685a685 (\"cfg80211: regulatory:\nreject invalid hints\") looks to be enough to deter these very cases,\nthere is a way to get around it due to 2 reasons.\n\n1) The way isalpha() works, symbols other than latin lower and\nupper letters may be used to determine a country/domain.\nFor instance, greek letters will also be considered upper/lower\nletters and for such characters isalpha() will return true as well.\nHowever, ISO-3166-1 alpha2 codes should only hold latin\ncharacters.\n\n2) While processing a user regulatory request, between\nreg_process_hint_user() and regulatory_hint_user() there happens to\nbe a call to queue_regulatory_request() which modifies letters in\nrequest-\u003ealpha2[] with toupper(). This works fine for latin symbols,\nless so for weird letter characters from the second part of _ctype[].\n\nSyzbot triggers a warning in is_user_regdom_saved() by first sending\nover an unexpected non-latin letter that gets malformed by toupper()\ninto a character that ends up failing isalpha() check.\n\nPrevent this by enhancing is_an_alpha2() to ensure that incoming\nsymbols are latin letters and nothing else.\n\n[1] Syzbot report:\n------------[ cut here ]------------\nUnexpected user alpha2: A\ufffd\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 is_user_regdom_saved net/wireless/reg.c:440 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_alpha2 net/wireless/reg.c:3424 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\nModules linked in:\nCPU: 1 UID: 0 PID: 964 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_power_efficient crda_timeout_work\nRIP: 0010:is_user_regdom_saved net/wireless/reg.c:440 [inline]\nRIP: 0010:restore_alpha2 net/wireless/reg.c:3424 [inline]\nRIP: 0010:restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\n...\nCall Trace:\n \u003cTASK\u003e\n crda_timeout_work+0x27/0x50 net/wireless/reg.c:542\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21910",
"url": "https://www.suse.com/security/cve/CVE-2025-21910"
},
{
"category": "external",
"summary": "SUSE Bug 1240583 for CVE-2025-21910",
"url": "https://bugzilla.suse.com/1240583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21910"
},
{
"cve": "CVE-2025-21912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: rcar: Use raw_spinlock to protect register access\n\nUse raw_spinlock in order to fix spurious messages about invalid context\nwhen spinlock debugging is enabled. The lock is only used to serialize\nregister access.\n\n [ 4.239592] =============================\n [ 4.239595] [ BUG: Invalid wait context ]\n [ 4.239599] 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35 Not tainted\n [ 4.239603] -----------------------------\n [ 4.239606] kworker/u8:5/76 is trying to lock:\n [ 4.239609] ffff0000091898a0 (\u0026p-\u003elock){....}-{3:3}, at: gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.239641] other info that might help us debug this:\n [ 4.239643] context-{5:5}\n [ 4.239646] 5 locks held by kworker/u8:5/76:\n [ 4.239651] #0: ffff0000080fb148 ((wq_completion)async){+.+.}-{0:0}, at: process_one_work+0x190/0x62c\n [ 4.250180] OF: /soc/sound@ec500000/ports/port@0/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.254094] #1: ffff80008299bd80 ((work_completion)(\u0026entry-\u003ework)){+.+.}-{0:0}, at: process_one_work+0x1b8/0x62c\n [ 4.254109] #2: ffff00000920c8f8\n [ 4.258345] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027bitclock-master\u0027 with a value.\n [ 4.264803] (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach_async_helper+0x3c/0xdc\n [ 4.264820] #3: ffff00000a50ca40 (request_class#2){+.+.}-{4:4}, at: __setup_irq+0xa0/0x690\n [ 4.264840] #4:\n [ 4.268872] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.273275] ffff00000a50c8c8 (lock_class){....}-{2:2}, at: __setup_irq+0xc4/0x690\n [ 4.296130] renesas_sdhi_internal_dmac ee100000.mmc: mmc1 base at 0x00000000ee100000, max clock rate 200 MHz\n [ 4.304082] stack backtrace:\n [ 4.304086] CPU: 1 UID: 0 PID: 76 Comm: kworker/u8:5 Not tainted 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35\n [ 4.304092] Hardware name: Renesas Salvator-X 2nd version board based on r8a77965 (DT)\n [ 4.304097] Workqueue: async async_run_entry_fn\n [ 4.304106] Call trace:\n [ 4.304110] show_stack+0x14/0x20 (C)\n [ 4.304122] dump_stack_lvl+0x6c/0x90\n [ 4.304131] dump_stack+0x14/0x1c\n [ 4.304138] __lock_acquire+0xdfc/0x1584\n [ 4.426274] lock_acquire+0x1c4/0x33c\n [ 4.429942] _raw_spin_lock_irqsave+0x5c/0x80\n [ 4.434307] gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.440061] gpio_rcar_irq_set_type+0xd4/0xd8\n [ 4.444422] __irq_set_trigger+0x5c/0x178\n [ 4.448435] __setup_irq+0x2e4/0x690\n [ 4.452012] request_threaded_irq+0xc4/0x190\n [ 4.456285] devm_request_threaded_irq+0x7c/0xf4\n [ 4.459398] ata1: link resume succeeded after 1 retries\n [ 4.460902] mmc_gpiod_request_cd_irq+0x68/0xe0\n [ 4.470660] mmc_start_host+0x50/0xac\n [ 4.474327] mmc_add_host+0x80/0xe4\n [ 4.477817] tmio_mmc_host_probe+0x2b0/0x440\n [ 4.482094] renesas_sdhi_probe+0x488/0x6f4\n [ 4.486281] renesas_sdhi_internal_dmac_probe+0x60/0x78\n [ 4.491509] platform_probe+0x64/0xd8\n [ 4.495178] really_probe+0xb8/0x2a8\n [ 4.498756] __driver_probe_device+0x74/0x118\n [ 4.503116] driver_probe_device+0x3c/0x154\n [ 4.507303] __device_attach_driver+0xd4/0x160\n [ 4.511750] bus_for_each_drv+0x84/0xe0\n [ 4.515588] __device_attach_async_helper+0xb0/0xdc\n [ 4.520470] async_run_entry_fn+0x30/0xd8\n [ 4.524481] process_one_work+0x210/0x62c\n [ 4.528494] worker_thread+0x1ac/0x340\n [ 4.532245] kthread+0x10c/0x110\n [ 4.535476] ret_from_fork+0x10/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21912",
"url": "https://www.suse.com/security/cve/CVE-2025-21912"
},
{
"category": "external",
"summary": "SUSE Bug 1240584 for CVE-2025-21912",
"url": "https://bugzilla.suse.com/1240584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21912"
},
{
"cve": "CVE-2025-21913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()\n\nXen doesn\u0027t offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results\nin the following warning:\n\n unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0)\n Call Trace:\n xen_read_msr+0x1e/0x30\n amd_get_mmconfig_range+0x2b/0x80\n quirk_amd_mmconfig_area+0x28/0x100\n pnp_fixup_device+0x39/0x50\n __pnp_add_device+0xf/0x150\n pnp_add_device+0x3d/0x100\n pnpacpi_add_device_handler+0x1f9/0x280\n acpi_ns_get_device_callback+0x104/0x1c0\n acpi_ns_walk_namespace+0x1d0/0x260\n acpi_get_devices+0x8a/0xb0\n pnpacpi_init+0x50/0x80\n do_one_initcall+0x46/0x2e0\n kernel_init_freeable+0x1da/0x2f0\n kernel_init+0x16/0x1b0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\n\nbased on quirks for a \"PNP0c01\" device. Treating MMCFG as disabled is the\nright course of action, so no change is needed there.\n\nThis was most likely exposed by fixing the Xen MSR accessors to not be\nsilently-safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21913",
"url": "https://www.suse.com/security/cve/CVE-2025-21913"
},
{
"category": "external",
"summary": "SUSE Bug 1240591 for CVE-2025-21913",
"url": "https://bugzilla.suse.com/1240591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21913"
},
{
"cve": "CVE-2025-21914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: messaging: Free transaction ID in delayed interrupt scenario\n\nIn case of interrupt delay for any reason, slim_do_transfer()\nreturns timeout error but the transaction ID (TID) is not freed.\nThis results into invalid memory access inside\nqcom_slim_ngd_rx_msgq_cb() due to invalid TID.\n\nFix the issue by freeing the TID in slim_do_transfer() before\nreturning timeout error to avoid invalid memory access.\n\nCall trace:\n__memcpy_fromio+0x20/0x190\nqcom_slim_ngd_rx_msgq_cb+0x130/0x290 [slim_qcom_ngd_ctrl]\nvchan_complete+0x2a0/0x4a0\ntasklet_action_common+0x274/0x700\ntasklet_action+0x28/0x3c\n_stext+0x188/0x620\nrun_ksoftirqd+0x34/0x74\nsmpboot_thread_fn+0x1d8/0x464\nkthread+0x178/0x238\nret_from_fork+0x10/0x20\nCode: aa0003e8 91000429 f100044a 3940002b (3800150b)\n---[ end trace 0fe00bec2b975c99 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21914",
"url": "https://www.suse.com/security/cve/CVE-2025-21914"
},
{
"category": "external",
"summary": "SUSE Bug 1240595 for CVE-2025-21914",
"url": "https://bugzilla.suse.com/1240595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21914"
},
{
"cve": "CVE-2025-21915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncdx: Fix possible UAF error in driver_override_show()\n\nFixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c\n\nThis function driver_override_show() is part of DEVICE_ATTR_RW, which\nincludes both driver_override_show() and driver_override_store().\nThese functions can be executed concurrently in sysfs.\n\nThe driver_override_store() function uses driver_set_override() to\nupdate the driver_override value, and driver_set_override() internally\nlocks the device (device_lock(dev)). If driver_override_show() reads\ncdx_dev-\u003edriver_override without locking, it could potentially access\na freed pointer if driver_override_store() frees the string\nconcurrently. This could lead to printing a kernel address, which is a\nsecurity risk since DEVICE_ATTR can be read by all users.\n\nAdditionally, a similar pattern is used in drivers/amba/bus.c, as well\nas many other bus drivers, where device_lock() is taken in the show\nfunction, and it has been working without issues.\n\nThis potential bug was detected by our experimental static analysis\ntool, which analyzes locking APIs and paired functions to identify\ndata races and atomicity violations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21915",
"url": "https://www.suse.com/security/cve/CVE-2025-21915"
},
{
"category": "external",
"summary": "SUSE Bug 1240594 for CVE-2025-21915",
"url": "https://bugzilla.suse.com/1240594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21915"
},
{
"cve": "CVE-2025-21916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: atm: cxacru: fix a flaw in existing endpoint checks\n\nSyzbot once again identified a flaw in usb endpoint checking, see [1].\nThis time the issue stems from a commit authored by me (2eabb655a968\n(\"usb: atm: cxacru: fix endpoint checking in cxacru_bind()\")).\n\nWhile using usb_find_common_endpoints() may usually be enough to\ndiscard devices with wrong endpoints, in this case one needs more\nthan just finding and identifying the sufficient number of endpoints\nof correct types - one needs to check the endpoint\u0027s address as well.\n\nSince cxacru_bind() fills URBs with CXACRU_EP_CMD address in mind,\nswitch the endpoint verification approach to usb_check_XXX_endpoints()\ninstead to fix incomplete ep testing.\n\n[1] Syzbot report:\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 1378 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nRIP: 0010:usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n cxacru_cm+0x3c8/0xe50 drivers/usb/atm/cxacru.c:649\n cxacru_card_status drivers/usb/atm/cxacru.c:760 [inline]\n cxacru_bind+0xcf9/0x1150 drivers/usb/atm/cxacru.c:1223\n usbatm_usb_probe+0x314/0x1d30 drivers/usb/atm/usbatm.c:1058\n cxacru_usb_probe+0x184/0x220 drivers/usb/atm/cxacru.c:1377\n usb_probe_interface+0x641/0xbb0 drivers/usb/core/driver.c:396\n really_probe+0x2b9/0xad0 drivers/base/dd.c:658\n __driver_probe_device+0x1a2/0x390 drivers/base/dd.c:800\n driver_probe_device+0x50/0x430 drivers/base/dd.c:830\n...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21916",
"url": "https://www.suse.com/security/cve/CVE-2025-21916"
},
{
"category": "external",
"summary": "SUSE Bug 1240582 for CVE-2025-21916",
"url": "https://bugzilla.suse.com/1240582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21916"
},
{
"cve": "CVE-2025-21917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Flush the notify_hotplug_work\n\nWhen performing continuous unbind/bind operations on the USB drivers\navailable on the Renesas RZ/G2L SoC, a kernel crash with the message\n\"Unable to handle kernel NULL pointer dereference at virtual address\"\nmay occur. This issue points to the usbhsc_notify_hotplug() function.\n\nFlush the delayed work to avoid its execution when driver resources are\nunavailable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21917",
"url": "https://www.suse.com/security/cve/CVE-2025-21917"
},
{
"category": "external",
"summary": "SUSE Bug 1240596 for CVE-2025-21917",
"url": "https://bugzilla.suse.com/1240596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21917"
},
{
"cve": "CVE-2025-21918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Fix NULL pointer access\n\nResources should be released only after all threads that utilize them\nhave been destroyed.\nThis commit ensures that resources are not released prematurely by waiting\nfor the associated workqueue to complete before deallocating them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21918",
"url": "https://www.suse.com/security/cve/CVE-2025-21918"
},
{
"category": "external",
"summary": "SUSE Bug 1240592 for CVE-2025-21918",
"url": "https://bugzilla.suse.com/1240592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21918"
},
{
"cve": "CVE-2025-21922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: Fix KMSAN uninit-value warning with bpf\n\nSyzbot caught an \"KMSAN: uninit-value\" warning [1], which is caused by the\nppp driver not initializing a 2-byte header when using socket filter.\n\nThe following code can generate a PPP filter BPF program:\n\u0027\u0027\u0027\nstruct bpf_program fp;\npcap_t *handle;\nhandle = pcap_open_dead(DLT_PPP_PPPD, 65535);\npcap_compile(handle, \u0026fp, \"ip and outbound\", 0, 0);\nbpf_dump(\u0026fp, 1);\n\u0027\u0027\u0027\nIts output is:\n\u0027\u0027\u0027\n(000) ldh [2]\n(001) jeq #0x21 jt 2 jf 5\n(002) ldb [0]\n(003) jeq #0x1 jt 4 jf 5\n(004) ret #65535\n(005) ret #0\n\u0027\u0027\u0027\nWen can find similar code at the following link:\nhttps://github.com/ppp-project/ppp/blob/master/pppd/options.c#L1680\nThe maintainer of this code repository is also the original maintainer\nof the ppp driver.\n\nAs you can see the BPF program skips 2 bytes of data and then reads the\n\u0027Protocol\u0027 field to determine if it\u0027s an IP packet. Then it read the first\nbyte of the first 2 bytes to determine the direction.\n\nThe issue is that only the first byte indicating direction is initialized\nin current ppp driver code while the second byte is not initialized.\n\nFor normal BPF programs generated by libpcap, uninitialized data won\u0027t be\nused, so it\u0027s not a problem. However, for carefully crafted BPF programs,\nsuch as those generated by syzkaller [2], which start reading from offset\n0, the uninitialized data will be used and caught by KMSAN.\n\n[1] https://syzkaller.appspot.com/bug?extid=853242d9c9917165d791\n[2] https://syzkaller.appspot.com/text?tag=ReproC\u0026x=11994913980000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21922",
"url": "https://www.suse.com/security/cve/CVE-2025-21922"
},
{
"category": "external",
"summary": "SUSE Bug 1240639 for CVE-2025-21922",
"url": "https://bugzilla.suse.com/1240639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21922"
},
{
"cve": "CVE-2025-21923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-steam: Fix use-after-free when detaching device\n\nWhen a hid-steam device is removed it must clean up the client_hdev used for\nintercepting hidraw access. This can lead to scheduling deferred work to\nreattach the input device. Though the cleanup cancels the deferred work, this\nwas done before the client_hdev itself is cleaned up, so it gets rescheduled.\nThis patch fixes the ordering to make sure the deferred work is properly\ncanceled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21923",
"url": "https://www.suse.com/security/cve/CVE-2025-21923"
},
{
"category": "external",
"summary": "SUSE Bug 1240691 for CVE-2025-21923",
"url": "https://bugzilla.suse.com/1240691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21923"
},
{
"cve": "CVE-2025-21924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error\n\nDuring the initialization of ptp, hclge_ptp_get_cycle might return an error\nand returned directly without unregister clock and free it. To avoid that,\ncall hclge_ptp_destroy_clock to unregist and free clock if\nhclge_ptp_get_cycle failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21924",
"url": "https://www.suse.com/security/cve/CVE-2025-21924"
},
{
"category": "external",
"summary": "SUSE Bug 1240720 for CVE-2025-21924",
"url": "https://bugzilla.suse.com/1240720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21924"
},
{
"cve": "CVE-2025-21927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()\n\nnvme_tcp_recv_pdu() doesn\u0027t check the validity of the header length.\nWhen header digests are enabled, a target might send a packet with an\ninvalid header length (e.g. 255), causing nvme_tcp_verify_hdgst()\nto access memory outside the allocated area and cause memory corruptions\nby overwriting it with the calculated digest.\n\nFix this by rejecting packets with an unexpected header length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21927",
"url": "https://www.suse.com/security/cve/CVE-2025-21927"
},
{
"category": "external",
"summary": "SUSE Bug 1240714 for CVE-2025-21927",
"url": "https://bugzilla.suse.com/1240714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21927"
},
{
"cve": "CVE-2025-21928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()\n\nThe system can experience a random crash a few minutes after the driver is\nremoved. This issue occurs due to improper handling of memory freeing in\nthe ishtp_hid_remove() function.\n\nThe function currently frees the `driver_data` directly within the loop\nthat destroys the HID devices, which can lead to accessing freed memory.\nSpecifically, `hid_destroy_device()` uses `driver_data` when it calls\n`hid_ishtp_set_feature()` to power off the sensor, so freeing\n`driver_data` beforehand can result in accessing invalid memory.\n\nThis patch resolves the issue by storing the `driver_data` in a temporary\nvariable before calling `hid_destroy_device()`, and then freeing the\n`driver_data` after the device is destroyed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21928",
"url": "https://www.suse.com/security/cve/CVE-2025-21928"
},
{
"category": "external",
"summary": "SUSE Bug 1240722 for CVE-2025-21928",
"url": "https://bugzilla.suse.com/1240722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21928"
},
{
"cve": "CVE-2025-21930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t try to talk to a dead firmware\n\nThis fixes:\n\n bad state = 0\n WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi]\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xca/0x1c0\n ? iwl_trans_send_cmd+0xba/0xe0 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n iwl_fw_dbg_clear_monitor_buf+0xd7/0x110 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n _iwl_dbgfs_fw_dbg_clear_write+0xe2/0x120 [iwlmvm 0e8adb18cea92d2c341766bcc10b18699290068a]\n\nAsk whether the firmware is alive before sending a command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21930",
"url": "https://www.suse.com/security/cve/CVE-2025-21930"
},
{
"category": "external",
"summary": "SUSE Bug 1240715 for CVE-2025-21930",
"url": "https://bugzilla.suse.com/1240715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21930"
},
{
"cve": "CVE-2025-21934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: fix an API misues when rio_add_net() fails\n\nrio_add_net() calls device_register() and fails when device_register()\nfails. Thus, put_device() should be used rather than kfree(). Add\n\"mport-\u003enet = NULL;\" to avoid a use after free issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21934",
"url": "https://www.suse.com/security/cve/CVE-2025-21934"
},
{
"category": "external",
"summary": "SUSE Bug 1240708 for CVE-2025-21934",
"url": "https://bugzilla.suse.com/1240708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21934"
},
{
"cve": "CVE-2025-21935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: add check for rio_add_net() in rio_scan_alloc_net()\n\nThe return value of rio_add_net() should be checked. If it fails,\nput_device() should be called to free the memory and give up the reference\ninitialized in rio_add_net().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21935",
"url": "https://www.suse.com/security/cve/CVE-2025-21935"
},
{
"category": "external",
"summary": "SUSE Bug 1240700 for CVE-2025-21935",
"url": "https://bugzilla.suse.com/1240700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21935"
},
{
"cve": "CVE-2025-21936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_device_connected() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21936",
"url": "https://www.suse.com/security/cve/CVE-2025-21936"
},
{
"category": "external",
"summary": "SUSE Bug 1240716 for CVE-2025-21936",
"url": "https://bugzilla.suse.com/1240716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21936"
},
{
"cve": "CVE-2025-21937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_remote_name() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21937",
"url": "https://www.suse.com/security/cve/CVE-2025-21937"
},
{
"category": "external",
"summary": "SUSE Bug 1240643 for CVE-2025-21937",
"url": "https://bugzilla.suse.com/1240643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21937"
},
{
"cve": "CVE-2025-21941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx-\u003eplane_state\nis null. The fix adds a check to ensure \u0027pipe_ctx-\u003eplane_state\u0027 is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21941",
"url": "https://www.suse.com/security/cve/CVE-2025-21941"
},
{
"category": "external",
"summary": "SUSE Bug 1240701 for CVE-2025-21941",
"url": "https://bugzilla.suse.com/1240701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21941"
},
{
"cve": "CVE-2025-21943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: aggregator: protect driver attr handlers against module unload\n\nBoth new_device_store and delete_device_store touch module global\nresources (e.g. gpio_aggregator_lock). To prevent race conditions with\nmodule unload, a reference needs to be held.\n\nAdd try_module_get() in these handlers.\n\nFor new_device_store, this eliminates what appears to be the most dangerous\nscenario: if an id is allocated from gpio_aggregator_idr but\nplatform_device_register has not yet been called or completed, a concurrent\nmodule unload could fail to unregister/delete the device, leaving behind a\ndangling platform device/GPIO forwarder. This can result in various issues.\nThe following simple reproducer demonstrates these problems:\n\n #!/bin/bash\n while :; do\n # note: whether \u0027gpiochip0 0\u0027 exists or not does not matter.\n echo \u0027gpiochip0 0\u0027 \u003e /sys/bus/platform/drivers/gpio-aggregator/new_device\n done \u0026\n while :; do\n modprobe gpio-aggregator\n modprobe -r gpio-aggregator\n done \u0026\n wait\n\n Starting with the following warning, several kinds of warnings will appear\n and the system may become unstable:\n\n ------------[ cut here ]------------\n list_del corruption, ffff888103e2e980-\u003enext is LIST_POISON1 (dead000000000100)\n WARNING: CPU: 1 PID: 1327 at lib/list_debug.c:56 __list_del_entry_valid_or_report+0xa3/0x120\n [...]\n RIP: 0010:__list_del_entry_valid_or_report+0xa3/0x120\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? __warn.cold+0x93/0xf2\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? report_bug+0xe6/0x170\n ? __irq_work_queue_local+0x39/0xe0\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_del_entry_valid_or_report+0xa3/0x120\n gpiod_remove_lookup_table+0x22/0x60\n new_device_store+0x315/0x350 [gpio_aggregator]\n kernfs_fop_write_iter+0x137/0x1f0\n vfs_write+0x262/0x430\n ksys_write+0x60/0xd0\n do_syscall_64+0x6c/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21943",
"url": "https://www.suse.com/security/cve/CVE-2025-21943"
},
{
"category": "external",
"summary": "SUSE Bug 1240647 for CVE-2025-21943",
"url": "https://bugzilla.suse.com/1240647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21943"
},
{
"cve": "CVE-2025-21948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: appleir: Fix potential NULL dereference at raw event handle\n\nSyzkaller reports a NULL pointer dereference issue in input_event().\n\nBUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:68 [inline]\nBUG: KASAN: null-ptr-deref in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: null-ptr-deref in is_event_supported drivers/input/input.c:67 [inline]\nBUG: KASAN: null-ptr-deref in input_event+0x42/0xa0 drivers/input/input.c:395\nRead of size 8 at addr 0000000000000028 by task syz-executor199/2949\n\nCPU: 0 UID: 0 PID: 2949 Comm: syz-executor199 Not tainted 6.13.0-rc4-syzkaller-00076-gf097a36ef88d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n instrument_atomic_read include/linux/instrumented.h:68 [inline]\n _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n is_event_supported drivers/input/input.c:67 [inline]\n input_event+0x42/0xa0 drivers/input/input.c:395\n input_report_key include/linux/input.h:439 [inline]\n key_down drivers/hid/hid-appleir.c:159 [inline]\n appleir_raw_event+0x3e5/0x5e0 drivers/hid/hid-appleir.c:232\n __hid_input_report.constprop.0+0x312/0x440 drivers/hid/hid-core.c:2111\n hid_ctrl+0x49f/0x550 drivers/hid/usbhid/hid-core.c:484\n __usb_hcd_giveback_urb+0x389/0x6e0 drivers/usb/core/hcd.c:1650\n usb_hcd_giveback_urb+0x396/0x450 drivers/usb/core/hcd.c:1734\n dummy_timer+0x17f7/0x3960 drivers/usb/gadget/udc/dummy_hcd.c:1993\n __run_hrtimer kernel/time/hrtimer.c:1739 [inline]\n __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1803\n hrtimer_run_softirq+0x17d/0x350 kernel/time/hrtimer.c:1820\n handle_softirqs+0x206/0x8d0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xfa/0x160 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n __mod_timer+0x8f6/0xdc0 kernel/time/timer.c:1185\n add_timer+0x62/0x90 kernel/time/timer.c:1295\n schedule_timeout+0x11f/0x280 kernel/time/sleep_timeout.c:98\n usbhid_wait_io+0x1c7/0x380 drivers/hid/usbhid/hid-core.c:645\n usbhid_init_reports+0x19f/0x390 drivers/hid/usbhid/hid-core.c:784\n hiddev_ioctl+0x1133/0x15b0 drivers/hid/usbhid/hiddev.c:794\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThis happens due to the malformed report items sent by the emulated device\nwhich results in a report, that has no fields, being added to the report list.\nDue to this appleir_input_configured() is never called, hidinput_connect()\nfails which results in the HID_CLAIMED_INPUT flag is not being set. However,\nit does not make appleir_probe() fail and lets the event callback to be\ncalled without the associated input device.\n\nThus, add a check for the HID_CLAIMED_INPUT flag and leave the event hook\nearly if the driver didn\u0027t claim any input_dev for some reason. Moreover,\nsome other hid drivers accessing input_dev in their event callbacks do have\nsimilar checks, too.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21948",
"url": "https://www.suse.com/security/cve/CVE-2025-21948"
},
{
"category": "external",
"summary": "SUSE Bug 1240703 for CVE-2025-21948",
"url": "https://bugzilla.suse.com/1240703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21948"
},
{
"cve": "CVE-2025-21950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl\n\nIn the \"pmcmd_ioctl\" function, three memory objects allocated by\nkmalloc are initialized by \"hcall_get_cpu_state\", which are then\ncopied to user space. The initializer is indeed implemented in\n\"acrn_hypercall2\" (arch/x86/include/asm/acrn.h). There is a risk of\ninformation leakage due to uninitialized bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21950",
"url": "https://www.suse.com/security/cve/CVE-2025-21950"
},
{
"category": "external",
"summary": "SUSE Bug 1240719 for CVE-2025-21950",
"url": "https://bugzilla.suse.com/1240719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21950"
},
{
"cve": "CVE-2025-21951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock\n\nThere are multiple places from where the recovery work gets scheduled\nasynchronously. Also, there are multiple places where the caller waits\nsynchronously for the recovery to be completed. One such place is during\nthe PM shutdown() callback.\n\nIf the device is not alive during recovery_work, it will try to reset the\ndevice using pci_reset_function(). This function internally will take the\ndevice_lock() first before resetting the device. By this time, if the lock\nhas already been acquired, then recovery_work will get stalled while\nwaiting for the lock. And if the lock was already acquired by the caller\nwhich waits for the recovery_work to be completed, it will lead to\ndeadlock.\n\nThis is what happened on the X1E80100 CRD device when the device died\nbefore shutdown() callback. Driver core calls the driver\u0027s shutdown()\ncallback while holding the device_lock() leading to deadlock.\n\nAnd this deadlock scenario can occur on other paths as well, like during\nthe PM suspend() callback, where the driver core would hold the\ndevice_lock() before calling driver\u0027s suspend() callback. And if the\nrecovery_work was already started, it could lead to deadlock. This is also\nobserved on the X1E80100 CRD.\n\nSo to fix both issues, use pci_try_reset_function() in recovery_work. This\nfunction first checks for the availability of the device_lock() before\ntrying to reset the device. If the lock is available, it will acquire it\nand reset the device. Otherwise, it will return -EAGAIN. If that happens,\nrecovery_work will fail with the error message \"Recovery failed\" as not\nmuch could be done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21951",
"url": "https://www.suse.com/security/cve/CVE-2025-21951"
},
{
"category": "external",
"summary": "SUSE Bug 1240718 for CVE-2025-21951",
"url": "https://bugzilla.suse.com/1240718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21951"
},
{
"cve": "CVE-2025-21953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: cleanup mana struct after debugfs_remove()\n\nWhen on a MANA VM hibernation is triggered, as part of hibernate_snapshot(),\nmana_gd_suspend() and mana_gd_resume() are called. If during this\nmana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs\npointer does not get reinitialized and ends up pointing to older,\ncleaned-up dentry.\nFurther in the hibernation path, as part of power_down(), mana_gd_shutdown()\nis triggered. This call, unaware of the failures in resume, tries to cleanup\nthe already cleaned up mana_port_debugfs value and hits the following bug:\n\n[ 191.359296] mana 7870:00:00.0: Shutdown was called\n[ 191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 191.360584] #PF: supervisor write access in kernel mode\n[ 191.361125] #PF: error_code(0x0002) - not-present page\n[ 191.361727] PGD 1080ea067 P4D 0\n[ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI\n[ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2\n[ 191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\n[ 191.364124] RIP: 0010:down_write+0x19/0x50\n[ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 \u003cf0\u003e 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d\n[ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246\n[ 191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000\n[ 191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098\n[ 191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001\n[ 191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000\n[ 191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020\n[ 191.369549] FS: 00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000\n[ 191.370213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0\n[ 191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 191.372906] Call Trace:\n[ 191.373262] \u003cTASK\u003e\n[ 191.373621] ? show_regs+0x64/0x70\n[ 191.374040] ? __die+0x24/0x70\n[ 191.374468] ? page_fault_oops+0x290/0x5b0\n[ 191.374875] ? do_user_addr_fault+0x448/0x800\n[ 191.375357] ? exc_page_fault+0x7a/0x160\n[ 191.375971] ? asm_exc_page_fault+0x27/0x30\n[ 191.376416] ? down_write+0x19/0x50\n[ 191.376832] ? down_write+0x12/0x50\n[ 191.377232] simple_recursive_removal+0x4a/0x2a0\n[ 191.377679] ? __pfx_remove_one+0x10/0x10\n[ 191.378088] debugfs_remove+0x44/0x70\n[ 191.378530] mana_detach+0x17c/0x4f0\n[ 191.378950] ? __flush_work+0x1e2/0x3b0\n[ 191.379362] ? __cond_resched+0x1a/0x50\n[ 191.379787] mana_remove+0xf2/0x1a0\n[ 191.380193] mana_gd_shutdown+0x3b/0x70\n[ 191.380642] pci_device_shutdown+0x3a/0x80\n[ 191.381063] device_shutdown+0x13e/0x230\n[ 191.381480] kernel_power_off+0x35/0x80\n[ 191.381890] hibernate+0x3c6/0x470\n[ 191.382312] state_store+0xcb/0xd0\n[ 191.382734] kobj_attr_store+0x12/0x30\n[ 191.383211] sysfs_kf_write+0x3e/0x50\n[ 191.383640] kernfs_fop_write_iter+0x140/0x1d0\n[ 191.384106] vfs_write+0x271/0x440\n[ 191.384521] ksys_write+0x72/0xf0\n[ 191.384924] __x64_sys_write+0x19/0x20\n[ 191.385313] x64_sys_call+0x2b0/0x20b0\n[ 191.385736] do_syscall_64+0x79/0x150\n[ 191.386146] ? __mod_memcg_lruvec_state+0xe7/0x240\n[ 191.386676] ? __lruvec_stat_mod_folio+0x79/0xb0\n[ 191.387124] ? __pfx_lru_add+0x10/0x10\n[ 191.387515] ? queued_spin_unlock+0x9/0x10\n[ 191.387937] ? do_anonymous_page+0x33c/0xa00\n[ 191.388374] ? __handle_mm_fault+0xcf3/0x1210\n[ 191.388805] ? __count_memcg_events+0xbe/0x180\n[ 191.389235] ? handle_mm_fault+0xae/0x300\n[ 19\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21953",
"url": "https://www.suse.com/security/cve/CVE-2025-21953"
},
{
"category": "external",
"summary": "SUSE Bug 1240727 for CVE-2025-21953",
"url": "https://bugzilla.suse.com/1240727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21953"
},
{
"cve": "CVE-2025-21956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Assign normalized_pix_clk when color depth = 14\n\n[WHY \u0026 HOW]\nA warning message \"WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397\ncalculate_phy_pix_clks+0xef/0x100 [amdgpu]\" occurs because the\ndisplay_color_depth == COLOR_DEPTH_141414 is not handled. This is\nobserved in Radeon RX 6600 XT.\n\nIt is fixed by assigning pix_clk * (14 * 3) / 24 - same as the rests.\n\nAlso fixes the indentation in get_norm_pix_clk.\n\n(cherry picked from commit 274a87eb389f58eddcbc5659ab0b180b37e92775)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21956",
"url": "https://www.suse.com/security/cve/CVE-2025-21956"
},
{
"category": "external",
"summary": "SUSE Bug 1240739 for CVE-2025-21956",
"url": "https://bugzilla.suse.com/1240739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21956"
},
{
"cve": "CVE-2025-21957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla1280: Fix kernel oops when debug level \u003e 2\n\nA null dereference or oops exception will eventually occur when qla1280.c\ndriver is compiled with DEBUG_QLA1280 enabled and ql_debug_level \u003e 2. I\nthink its clear from the code that the intention here is sg_dma_len(s) not\nlength of sg_next(s) when printing the debug info.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21957",
"url": "https://www.suse.com/security/cve/CVE-2025-21957"
},
{
"category": "external",
"summary": "SUSE Bug 1240742 for CVE-2025-21957",
"url": "https://bugzilla.suse.com/1240742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21957"
},
{
"cve": "CVE-2025-21960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: do not update checksum in bnxt_xdp_build_skb()\n\nThe bnxt_rx_pkt() updates ip_summed value at the end if checksum offload\nis enabled.\nWhen the XDP-MB program is attached and it returns XDP_PASS, the\nbnxt_xdp_build_skb() is called to update skb_shared_info.\nThe main purpose of bnxt_xdp_build_skb() is to update skb_shared_info,\nbut it updates ip_summed value too if checksum offload is enabled.\nThis is actually duplicate work.\n\nWhen the bnxt_rx_pkt() updates ip_summed value, it checks if ip_summed\nis CHECKSUM_NONE or not.\nIt means that ip_summed should be CHECKSUM_NONE at this moment.\nBut ip_summed may already be updated to CHECKSUM_UNNECESSARY in the\nXDP-MB-PASS path.\nSo the by skb_checksum_none_assert() WARNS about it.\n\nThis is duplicate work and updating ip_summed in the\nbnxt_xdp_build_skb() is not needed.\n\nSplat looks like:\nWARNING: CPU: 3 PID: 5782 at ./include/linux/skbuff.h:5155 bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nModules linked in: bnxt_re bnxt_en rdma_ucm rdma_cm iw_cm ib_cm ib_uverbs veth xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_]\nCPU: 3 UID: 0 PID: 5782 Comm: socat Tainted: G W 6.14.0-rc4+ #27\nTainted: [W]=WARN\nHardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\nRIP: 0010:bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nCode: 54 24 0c 4c 89 f1 4c 89 ff c1 ea 1f ff d3 0f 1f 00 49 89 c6 48 85 c0 0f 84 4c e5 ff ff 48 89 c7 e8 ca 3d a0 c8 e9 8f f4 ff ff \u003c0f\u003e 0b f\nRSP: 0018:ffff88881ba09928 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000c7590303 RCX: 0000000000000000\nRDX: 1ffff1104e7d1610 RSI: 0000000000000001 RDI: ffff8881c91300b8\nRBP: ffff88881ba09b28 R08: ffff888273e8b0d0 R09: ffff888273e8b070\nR10: ffff888273e8b010 R11: ffff888278b0f000 R12: ffff888273e8b080\nR13: ffff8881c9130e00 R14: ffff8881505d3800 R15: ffff888273e8b000\nFS: 00007f5a2e7be080(0000) GS:ffff88881ba00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fff2e708ff8 CR3: 000000013e3b0000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? __warn+0xcd/0x2f0\n ? bnxt_rx_pkt+0x479b/0x7610\n ? report_bug+0x326/0x3c0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? bnxt_rx_pkt+0x479b/0x7610\n ? bnxt_rx_pkt+0x3e41/0x7610\n ? __pfx_bnxt_rx_pkt+0x10/0x10\n ? napi_complete_done+0x2cf/0x7d0\n __bnxt_poll_work+0x4e8/0x1220\n ? __pfx___bnxt_poll_work+0x10/0x10\n ? __pfx_mark_lock.part.0+0x10/0x10\n bnxt_poll_p5+0x36a/0xfa0\n ? __pfx_bnxt_poll_p5+0x10/0x10\n __napi_poll.constprop.0+0xa0/0x440\n net_rx_action+0x899/0xd00\n...\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going\nto be able to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21960",
"url": "https://www.suse.com/security/cve/CVE-2025-21960"
},
{
"category": "external",
"summary": "SUSE Bug 1240815 for CVE-2025-21960",
"url": "https://bugzilla.suse.com/1240815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21960"
},
{
"cve": "CVE-2025-21961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix truesize for mb-xdp-pass case\n\nWhen mb-xdp is set and return is XDP_PASS, packet is converted from\nxdp_buff to sk_buff with xdp_update_skb_shared_info() in\nbnxt_xdp_build_skb().\nbnxt_xdp_build_skb() passes incorrect truesize argument to\nxdp_update_skb_shared_info().\nThe truesize is calculated as BNXT_RX_PAGE_SIZE * sinfo-\u003enr_frags but\nthe skb_shared_info was wiped by napi_build_skb() before.\nSo it stores sinfo-\u003enr_frags before bnxt_xdp_build_skb() and use it\ninstead of getting skb_shared_info from xdp_get_shared_info_from_buff().\n\nSplat looks like:\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 0 at net/core/skbuff.c:6072 skb_try_coalesce+0x504/0x590\n Modules linked in: xt_nat xt_tcpudp veth af_packet xt_conntrack nft_chain_nat xt_MASQUERADE nf_conntrack_netlink xfrm_user xt_addrtype nft_coms\n CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.14.0-rc2+ #3\n RIP: 0010:skb_try_coalesce+0x504/0x590\n Code: 4b fd ff ff 49 8b 34 24 40 80 e6 40 0f 84 3d fd ff ff 49 8b 74 24 48 40 f6 c6 01 0f 84 2e fd ff ff 48 8d 4e ff e9 25 fd ff ff \u003c0f\u003e 0b e99\n RSP: 0018:ffffb62c4120caa8 EFLAGS: 00010287\n RAX: 0000000000000003 RBX: ffffb62c4120cb14 RCX: 0000000000000ec0\n RDX: 0000000000001000 RSI: ffffa06e5d7dc000 RDI: 0000000000000003\n RBP: ffffa06e5d7ddec0 R08: ffffa06e6120a800 R09: ffffa06e7a119900\n R10: 0000000000002310 R11: ffffa06e5d7dcec0 R12: ffffe4360575f740\n R13: ffffe43600000000 R14: 0000000000000002 R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffffa0755f700000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f147b76b0f8 CR3: 00000001615d4000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __warn+0x84/0x130\n ? skb_try_coalesce+0x504/0x590\n ? report_bug+0x18a/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_try_coalesce+0x504/0x590\n inet_frag_reasm_finish+0x11f/0x2e0\n ip_defrag+0x37a/0x900\n ip_local_deliver+0x51/0x120\n ip_sublist_rcv_finish+0x64/0x70\n ip_sublist_rcv+0x179/0x210\n ip_list_rcv+0xf9/0x130\n\nHow to reproduce:\n\u003cNode A\u003e\nip link set $interface1 xdp obj xdp_pass.o\nip link set $interface1 mtu 9000 up\nip a a 10.0.0.1/24 dev $interface1\n\u003cNode B\u003e\nip link set $interfac2 mtu 9000 up\nip a a 10.0.0.2/24 dev $interface2\nping 10.0.0.1 -s 65000\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going to be\nable to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21961",
"url": "https://www.suse.com/security/cve/CVE-2025-21961"
},
{
"category": "external",
"summary": "SUSE Bug 1240816 for CVE-2025-21961",
"url": "https://bugzilla.suse.com/1240816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21961"
},
{
"cve": "CVE-2025-21966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-flakey: Fix memory corruption in optional corrupt_bio_byte feature\n\nFix memory corruption due to incorrect parameter being passed to bio_init",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21966",
"url": "https://www.suse.com/security/cve/CVE-2025-21966"
},
{
"category": "external",
"summary": "SUSE Bug 1240779 for CVE-2025-21966",
"url": "https://bugzilla.suse.com/1240779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21966"
},
{
"cve": "CVE-2025-21968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free on hdcp_work\n\n[Why]\nA slab-use-after-free is reported when HDCP is destroyed but the\nproperty_validate_dwork queue is still running.\n\n[How]\nCancel the delayed work when destroying workqueue.\n\n(cherry picked from commit 725a04ba5a95e89c89633d4322430cfbca7ce128)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21968",
"url": "https://www.suse.com/security/cve/CVE-2025-21968"
},
{
"category": "external",
"summary": "SUSE Bug 1240783 for CVE-2025-21968",
"url": "https://bugzilla.suse.com/1240783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21968"
},
{
"cve": "CVE-2025-21969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd\n\nAfter the hci sync command releases l2cap_conn, the hci receive data work\nqueue references the released l2cap_conn when sending to the upper layer.\nAdd hci dev lock to the hci receive data work queue to synchronize the two.\n\n[1]\nBUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\nRead of size 8 at addr ffff8880271a4000 by task kworker/u9:2/5837\n\nCPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:2 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci1 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n l2cap_build_cmd net/bluetooth/l2cap_core.c:2964 [inline]\n l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\n l2cap_sig_send_rej net/bluetooth/l2cap_core.c:5502 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5538 [inline]\n l2cap_recv_frame+0x221f/0x10db0 net/bluetooth/l2cap_core.c:6817\n hci_acldata_packet net/bluetooth/hci_core.c:3797 [inline]\n hci_rx_work+0x508/0xdb0 net/bluetooth/hci_core.c:4040\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 5837:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n l2cap_conn_add+0xa9/0x8e0 net/bluetooth/l2cap_core.c:6860\n l2cap_connect_cfm+0x115/0x1090 net/bluetooth/l2cap_core.c:7239\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_remote_features_evt+0x68e/0xac0 net/bluetooth/hci_event.c:3726\n hci_event_func net/bluetooth/hci_event.c:7473 [inline]\n hci_event_packet+0xac2/0x1540 net/bluetooth/hci_event.c:7525\n hci_rx_work+0x3f3/0xdb0 net/bluetooth/hci_core.c:4035\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nFreed by task 54:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n l2cap_connect_cfm+0xcc/0x1090 net/bluetooth/l2cap_core.c:7235\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_conn_failed+0x287/0x400 net/bluetooth/hci_conn.c:1266\n hci_abort_conn_sync+0x56c/0x11f0 net/bluetooth/hci_sync.c:5603\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21969",
"url": "https://www.suse.com/security/cve/CVE-2025-21969"
},
{
"category": "external",
"summary": "SUSE Bug 1240784 for CVE-2025-21969",
"url": "https://bugzilla.suse.com/1240784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21969"
},
{
"cve": "CVE-2025-21970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Bridge, fix the crash caused by LAG state check\n\nWhen removing LAG device from bridge, NETDEV_CHANGEUPPER event is\ntriggered. Driver finds the lower devices (PFs) to flush all the\noffloaded entries. And mlx5_lag_is_shared_fdb is checked, it returns\nfalse if one of PF is unloaded. In such case,\nmlx5_esw_bridge_lag_rep_get() and its caller return NULL, instead of\nthe alive PF, and the flush is skipped.\n\nBesides, the bridge fdb entry\u0027s lastuse is updated in mlx5 bridge\nevent handler. But this SWITCHDEV_FDB_ADD_TO_BRIDGE event can be\nignored in this case because the upper interface for bond is deleted,\nand the entry will never be aged because lastuse is never updated.\n\nTo make things worse, as the entry is alive, mlx5 bridge workqueue\nkeeps sending that event, which is then handled by kernel bridge\nnotifier. It causes the following crash when accessing the passed bond\nnetdev which is already destroyed.\n\nTo fix this issue, remove such checks. LAG state is already checked in\ncommit 15f8f168952f (\"net/mlx5: Bridge, verify LAG state when adding\nbond to bridge\"), driver still need to skip offload if LAG becomes\ninvalid state after initialization.\n\n Oops: stack segment: 0000 [#1] SMP\n CPU: 3 UID: 0 PID: 23695 Comm: kworker/u40:3 Tainted: G OE 6.11.0_mlnx #1\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: mlx5_bridge_wq mlx5_esw_bridge_update_work [mlx5_core]\n RIP: 0010:br_switchdev_event+0x2c/0x110 [bridge]\n Code: 44 00 00 48 8b 02 48 f7 00 00 02 00 00 74 69 41 54 55 53 48 83 ec 08 48 8b a8 08 01 00 00 48 85 ed 74 4a 48 83 fe 02 48 89 d3 \u003c4c\u003e 8b 65 00 74 23 76 49 48 83 fe 05 74 7e 48 83 fe 06 75 2f 0f b7\n RSP: 0018:ffffc900092cfda0 EFLAGS: 00010297\n RAX: ffff888123bfe000 RBX: ffffc900092cfe08 RCX: 00000000ffffffff\n RDX: ffffc900092cfe08 RSI: 0000000000000001 RDI: ffffffffa0c585f0\n RBP: 6669746f6e690a30 R08: 0000000000000000 R09: ffff888123ae92c8\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888123ae9c60\n R13: 0000000000000001 R14: ffffc900092cfe08 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff88852c980000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f15914c8734 CR3: 0000000002830005 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0x1a/0x60\n ? die+0x38/0x60\n ? do_trap+0x10b/0x120\n ? do_error_trap+0x64/0xa0\n ? exc_stack_segment+0x33/0x50\n ? asm_exc_stack_segment+0x22/0x30\n ? br_switchdev_event+0x2c/0x110 [bridge]\n ? sched_balance_newidle.isra.149+0x248/0x390\n notifier_call_chain+0x4b/0xa0\n atomic_notifier_call_chain+0x16/0x20\n mlx5_esw_bridge_update+0xec/0x170 [mlx5_core]\n mlx5_esw_bridge_update_work+0x19/0x40 [mlx5_core]\n process_scheduled_works+0x81/0x390\n worker_thread+0x106/0x250\n ? bh_worker+0x110/0x110\n kthread+0xb7/0xe0\n ? kthread_park+0x80/0x80\n ret_from_fork+0x2d/0x50\n ? kthread_park+0x80/0x80\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21970",
"url": "https://www.suse.com/security/cve/CVE-2025-21970"
},
{
"category": "external",
"summary": "SUSE Bug 1240819 for CVE-2025-21970",
"url": "https://bugzilla.suse.com/1240819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21970"
},
{
"cve": "CVE-2025-21971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Prevent creation of classes with TC_H_ROOT\n\nThe function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination\ncondition when traversing up the qdisc tree to update parent backlog\ncounters. However, if a class is created with classid TC_H_ROOT, the\ntraversal terminates prematurely at this class instead of reaching the\nactual root qdisc, causing parent statistics to be incorrectly maintained.\nIn case of DRR, this could lead to a crash as reported by Mingi Cho.\n\nPrevent the creation of any Qdisc class with classid TC_H_ROOT\n(0xFFFFFFFF) across all qdisc types, as suggested by Jamal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21971",
"url": "https://www.suse.com/security/cve/CVE-2025-21971"
},
{
"category": "external",
"summary": "SUSE Bug 1240799 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "external",
"summary": "SUSE Bug 1245794 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1245794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "important"
}
],
"title": "CVE-2025-21971"
},
{
"cve": "CVE-2025-21972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: unshare packets when reassembling\n\nEnsure that the frag_list used for reassembly isn\u0027t shared with other\npackets. This avoids incorrect reassembly when packets are cloned, and\nprevents a memory leak due to circular references between fragments and\ntheir skb_shared_info.\n\nThe upcoming MCTP-over-USB driver uses skb_clone which can trigger the\nproblem - other MCTP drivers don\u0027t share SKBs.\n\nA kunit test is added to reproduce the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21972",
"url": "https://www.suse.com/security/cve/CVE-2025-21972"
},
{
"category": "external",
"summary": "SUSE Bug 1240813 for CVE-2025-21972",
"url": "https://bugzilla.suse.com/1240813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21972"
},
{
"cve": "CVE-2025-21975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: handle errors in mlx5_chains_create_table()\n\nIn mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns()\nand mlx5_get_flow_namespace() must be checked to prevent NULL pointer\ndereferences. If either function fails, the function should log error\nmessage with mlx5_core_warn() and return error pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21975",
"url": "https://www.suse.com/security/cve/CVE-2025-21975"
},
{
"category": "external",
"summary": "SUSE Bug 1240812 for CVE-2025-21975",
"url": "https://bugzilla.suse.com/1240812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21975"
},
{
"cve": "CVE-2025-21978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/hyperv: Fix address space leak when Hyper-V DRM device is removed\n\nWhen a Hyper-V DRM device is probed, the driver allocates MMIO space for\nthe vram, and maps it cacheable. If the device removed, or in the error\npath for device probing, the MMIO space is released but no unmap is done.\nConsequently the kernel address space for the mapping is leaked.\n\nFix this by adding iounmap() calls in the device removal path, and in the\nerror path during device probing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21978",
"url": "https://www.suse.com/security/cve/CVE-2025-21978"
},
{
"category": "external",
"summary": "SUSE Bug 1240806 for CVE-2025-21978",
"url": "https://bugzilla.suse.com/1240806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21978"
},
{
"cve": "CVE-2025-21979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: cancel wiphy_work before freeing wiphy\n\nA wiphy_work can be queued from the moment the wiphy is allocated and\ninitialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the\nrdev::wiphy_work is getting queued.\n\nIf wiphy_free is called before the rdev::wiphy_work had a chance to run,\nthe wiphy memory will be freed, and then when it eventally gets to run\nit\u0027ll use invalid memory.\n\nFix this by canceling the work before freeing the wiphy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21979",
"url": "https://www.suse.com/security/cve/CVE-2025-21979"
},
{
"category": "external",
"summary": "SUSE Bug 1240808 for CVE-2025-21979",
"url": "https://bugzilla.suse.com/1240808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21979"
},
{
"cve": "CVE-2025-21981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory leak in aRFS after reset\n\nFix aRFS (accelerated Receive Flow Steering) structures memory leak by\nadding a checker to verify if aRFS memory is already allocated while\nconfiguring VSI. aRFS objects are allocated in two cases:\n- as part of VSI initialization (at probe), and\n- as part of reset handling\n\nHowever, VSI reconfiguration executed during reset involves memory\nallocation one more time, without prior releasing already allocated\nresources. This led to the memory leak with the following signature:\n\n[root@os-delivery ~]# cat /sys/kernel/debug/kmemleak\nunreferenced object 0xff3c1ca7252e6000 (size 8192):\n comm \"kworker/0:0\", pid 8, jiffies 4296833052\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 0):\n [\u003cffffffff991ec485\u003e] __kmalloc_cache_noprof+0x275/0x340\n [\u003cffffffffc0a6e06a\u003e] ice_init_arfs+0x3a/0xe0 [ice]\n [\u003cffffffffc09f1027\u003e] ice_vsi_cfg_def+0x607/0x850 [ice]\n [\u003cffffffffc09f244b\u003e] ice_vsi_setup+0x5b/0x130 [ice]\n [\u003cffffffffc09c2131\u003e] ice_init+0x1c1/0x460 [ice]\n [\u003cffffffffc09c64af\u003e] ice_probe+0x2af/0x520 [ice]\n [\u003cffffffff994fbcd3\u003e] local_pci_probe+0x43/0xa0\n [\u003cffffffff98f07103\u003e] work_for_cpu_fn+0x13/0x20\n [\u003cffffffff98f0b6d9\u003e] process_one_work+0x179/0x390\n [\u003cffffffff98f0c1e9\u003e] worker_thread+0x239/0x340\n [\u003cffffffff98f14abc\u003e] kthread+0xcc/0x100\n [\u003cffffffff98e45a6d\u003e] ret_from_fork+0x2d/0x50\n [\u003cffffffff98e083ba\u003e] ret_from_fork_asm+0x1a/0x30\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21981",
"url": "https://www.suse.com/security/cve/CVE-2025-21981"
},
{
"category": "external",
"summary": "SUSE Bug 1240612 for CVE-2025-21981",
"url": "https://bugzilla.suse.com/1240612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21981"
},
{
"cve": "CVE-2025-21991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes\n\nCurrently, load_microcode_amd() iterates over all NUMA nodes, retrieves their\nCPU masks and unconditionally accesses per-CPU data for the first CPU of each\nmask.\n\nAccording to Documentation/admin-guide/mm/numaperf.rst:\n\n \"Some memory may share the same node as a CPU, and others are provided as\n memory only nodes.\"\n\nTherefore, some node CPU masks may be empty and wouldn\u0027t have a \"first CPU\".\n\nOn a machine with far memory (and therefore CPU-less NUMA nodes):\n- cpumask_of_node(nid) is 0\n- cpumask_first(0) is CONFIG_NR_CPUS\n- cpu_data(CONFIG_NR_CPUS) accesses the cpu_info per-CPU array at an\n index that is 1 out of bounds\n\nThis does not have any security implications since flashing microcode is\na privileged operation but I believe this has reliability implications by\npotentially corrupting memory while flashing a microcode update.\n\nWhen booting with CONFIG_UBSAN_BOUNDS=y on an AMD machine that flashes\na microcode update. I get the following splat:\n\n UBSAN: array-index-out-of-bounds in arch/x86/kernel/cpu/microcode/amd.c:X:Y\n index 512 is out of range for type \u0027unsigned long[512]\u0027\n [...]\n Call Trace:\n dump_stack\n __ubsan_handle_out_of_bounds\n load_microcode_amd\n request_microcode_amd\n reload_store\n kernfs_fop_write_iter\n vfs_write\n ksys_write\n do_syscall_64\n entry_SYSCALL_64_after_hwframe\n\nChange the loop to go over only NUMA nodes which have CPUs before determining\nwhether the first CPU on the respective node needs microcode update.\n\n [ bp: Massage commit message, fix typo. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21991",
"url": "https://www.suse.com/security/cve/CVE-2025-21991"
},
{
"category": "external",
"summary": "SUSE Bug 1240795 for CVE-2025-21991",
"url": "https://bugzilla.suse.com/1240795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21991"
},
{
"cve": "CVE-2025-21992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: ignore non-functional sensor in HP 5MP Camera\n\nThe HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that\nis not actually implemented. Attempting to access this non-functional\nsensor via iio_info causes system hangs as runtime PM tries to wake up\nan unresponsive sensor.\n\n [453] hid-sensor-hub 0003:0408:5473.0003: Report latency attributes: ffffffff:ffffffff\n [453] hid-sensor-hub 0003:0408:5473.0003: common attributes: 5:1, 2:1, 3:1 ffffffff:ffffffff\n\nAdd this device to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21992",
"url": "https://www.suse.com/security/cve/CVE-2025-21992"
},
{
"category": "external",
"summary": "SUSE Bug 1240796 for CVE-2025-21992",
"url": "https://bugzilla.suse.com/1240796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21992"
},
{
"cve": "CVE-2025-21993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21993",
"url": "https://www.suse.com/security/cve/CVE-2025-21993"
},
{
"category": "external",
"summary": "SUSE Bug 1240797 for CVE-2025-21993",
"url": "https://bugzilla.suse.com/1240797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21993"
},
{
"cve": "CVE-2025-21995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Fix fence reference count leak\n\nThe last_scheduled fence leaks when an entity is being killed and adding\nthe cleanup callback fails.\n\nDecrement the reference count of prev when dma_fence_add_callback()\nfails, ensuring proper balance.\n\n[phasta: add git tag info for stable kernel]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21995",
"url": "https://www.suse.com/security/cve/CVE-2025-21995"
},
{
"category": "external",
"summary": "SUSE Bug 1240821 for CVE-2025-21995",
"url": "https://bugzilla.suse.com/1240821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21995"
},
{
"cve": "CVE-2025-21996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()\n\nOn the off chance that command stream passed from userspace via\nioctl() call to radeon_vce_cs_parse() is weirdly crafted and\nfirst command to execute is to encode (case 0x03000001), the function\nin question will attempt to call radeon_vce_cs_reloc() with size\nargument that has not been properly initialized. Specifically, \u0027size\u0027\nwill point to \u0027tmp\u0027 variable before the latter had a chance to be\nassigned any value.\n\nPlay it safe and init \u0027tmp\u0027 with 0, thus ensuring that\nradeon_vce_cs_reloc() will catch an early error in cases like these.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.\n\n(cherry picked from commit 2d52de55f9ee7aaee0e09ac443f77855989c6b68)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21996",
"url": "https://www.suse.com/security/cve/CVE-2025-21996"
},
{
"category": "external",
"summary": "SUSE Bug 1240801 for CVE-2025-21996",
"url": "https://bugzilla.suse.com/1240801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-21996"
},
{
"cve": "CVE-2025-22001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix integer overflow in qaic_validate_req()\n\nThese are u64 variables that come from the user via\nqaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that\nthe math doesn\u0027t have an integer wrapping bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22001",
"url": "https://www.suse.com/security/cve/CVE-2025-22001"
},
{
"category": "external",
"summary": "SUSE Bug 1240873 for CVE-2025-22001",
"url": "https://bugzilla.suse.com/1240873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-22001"
},
{
"cve": "CVE-2025-22003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ucan: fix out of bound read in strscpy() source\n\nCommit 7fdaf8966aae (\"can: ucan: use strscpy() to instead of strncpy()\")\nunintentionally introduced a one byte out of bound read on strscpy()\u0027s\nsource argument (which is kind of ironic knowing that strscpy() is meant\nto be a more secure alternative :)).\n\nLet\u0027s consider below buffers:\n\n dest[len + 1]; /* will be NUL terminated */\n src[len]; /* may not be NUL terminated */\n\nWhen doing:\n\n strncpy(dest, src, len);\n dest[len] = \u0027\\0\u0027;\n\nstrncpy() will read up to len bytes from src.\n\nOn the other hand:\n\n strscpy(dest, src, len + 1);\n\nwill read up to len + 1 bytes from src, that is to say, an out of bound\nread of one byte will occur on src if it is not NUL terminated. Note\nthat the src[len] byte is never copied, but strscpy() still needs to\nread it to check whether a truncation occurred or not.\n\nThis exact pattern happened in ucan.\n\nThe root cause is that the source is not NUL terminated. Instead of\ndoing a copy in a local buffer, directly NUL terminate it as soon as\nusb_control_msg() returns. With this, the local firmware_str[] variable\ncan be removed.\n\nOn top of this do a couple refactors:\n\n - ucan_ctl_payload-\u003eraw is only used for the firmware string, so\n rename it to ucan_ctl_payload-\u003efw_str and change its type from u8 to\n char.\n\n - ucan_device_request_in() is only used to retrieve the firmware\n string, so rename it to ucan_get_fw_str() and refactor it to make it\n directly handle all the string termination logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22003",
"url": "https://www.suse.com/security/cve/CVE-2025-22003"
},
{
"category": "external",
"summary": "SUSE Bug 1240825 for CVE-2025-22003",
"url": "https://bugzilla.suse.com/1240825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-22003"
},
{
"cve": "CVE-2025-22007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix error code in chan_alloc_skb_cb()\n\nThe chan_alloc_skb_cb() function is supposed to return error pointers on\nerror. Returning NULL will lead to a NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22007",
"url": "https://www.suse.com/security/cve/CVE-2025-22007"
},
{
"category": "external",
"summary": "SUSE Bug 1240829 for CVE-2025-22007",
"url": "https://bugzilla.suse.com/1240829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-22007"
},
{
"cve": "CVE-2025-22008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: check that dummy regulator has been probed before using it\n\nDue to asynchronous driver probing there is a chance that the dummy\nregulator hasn\u0027t already been probed when first accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22008",
"url": "https://www.suse.com/security/cve/CVE-2025-22008"
},
{
"category": "external",
"summary": "SUSE Bug 1240942 for CVE-2025-22008",
"url": "https://bugzilla.suse.com/1240942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-22008"
},
{
"cve": "CVE-2025-22009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: dummy: force synchronous probing\n\nSometimes I get a NULL pointer dereference at boot time in kobject_get()\nwith the following call stack:\n\nanatop_regulator_probe()\n devm_regulator_register()\n regulator_register()\n regulator_resolve_supply()\n kobject_get()\n\nBy placing some extra BUG_ON() statements I could verify that this is\nraised because probing of the \u0027dummy\u0027 regulator driver is not completed\n(\u0027dummy_regulator_rdev\u0027 is still NULL).\n\nIn the JTAG debugger I can see that dummy_regulator_probe() and\nanatop_regulator_probe() can be run by different kernel threads\n(kworker/u4:*). I haven\u0027t further investigated whether this can be\nchanged or if there are other possibilities to force synchronization\nbetween these two probe routines. On the other hand I don\u0027t expect much\nboot time penalty by probing the \u0027dummy\u0027 regulator synchronously.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22009",
"url": "https://www.suse.com/security/cve/CVE-2025-22009"
},
{
"category": "external",
"summary": "SUSE Bug 1240940 for CVE-2025-22009",
"url": "https://bugzilla.suse.com/1240940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-22009"
},
{
"cve": "CVE-2025-22010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup during bt pages loop\n\nDriver runs a for-loop when allocating bt pages and mapping them with\nbuffer pages. When a large buffer (e.g. MR over 100GB) is being allocated,\nit may require a considerable loop count. This will lead to soft lockup:\n\n watchdog: BUG: soft lockup - CPU#27 stuck for 22s!\n ...\n Call trace:\n hem_list_alloc_mid_bt+0x124/0x394 [hns_roce_hw_v2]\n hns_roce_hem_list_request+0xf8/0x160 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x2e4/0x360 [hns_roce_hw_v2]\n alloc_mr_pbl+0xd4/0x17c [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0xf8/0x190 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x118/0x290\n\n watchdog: BUG: soft lockup - CPU#35 stuck for 23s!\n ...\n Call trace:\n hns_roce_hem_list_find_mtt+0x7c/0xb0 [hns_roce_hw_v2]\n mtr_map_bufs+0xc4/0x204 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x31c/0x3c4 [hns_roce_hw_v2]\n alloc_mr_pbl+0xb0/0x160 [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0x108/0x1c0 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x120/0x2bc\n\nAdd a cond_resched() to fix soft lockup during these loops. In order not\nto affect the allocation performance of normal-size buffer, set the loop\ncount of a 100GB MR as the threshold to call cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22010",
"url": "https://www.suse.com/security/cve/CVE-2025-22010"
},
{
"category": "external",
"summary": "SUSE Bug 1240943 for CVE-2025-22010",
"url": "https://bugzilla.suse.com/1240943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-22010"
},
{
"cve": "CVE-2025-22013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state\n\nThere are several problems with the way hyp code lazily saves the host\u0027s\nFPSIMD/SVE state, including:\n\n* Host SVE being discarded unexpectedly due to inconsistent\n configuration of TIF_SVE and CPACR_ELx.ZEN. This has been seen to\n result in QEMU crashes where SVE is used by memmove(), as reported by\n Eric Auger:\n\n https://issues.redhat.com/browse/RHEL-68997\n\n* Host SVE state is discarded *after* modification by ptrace, which was an\n unintentional ptrace ABI change introduced with lazy discarding of SVE state.\n\n* The host FPMR value can be discarded when running a non-protected VM,\n where FPMR support is not exposed to a VM, and that VM uses\n FPSIMD/SVE. In these cases the hyp code does not save the host\u0027s FPMR\n before unbinding the host\u0027s FPSIMD/SVE/SME state, leaving a stale\n value in memory.\n\nAvoid these by eagerly saving and \"flushing\" the host\u0027s FPSIMD/SVE/SME\nstate when loading a vCPU such that KVM does not need to save any of the\nhost\u0027s FPSIMD/SVE/SME state. For clarity, fpsimd_kvm_prepare() is\nremoved and the necessary call to fpsimd_save_and_flush_cpu_state() is\nplaced in kvm_arch_vcpu_load_fp(). As \u0027fpsimd_state\u0027 and \u0027fpmr_ptr\u0027\nshould not be used, they are set to NULL; all uses of these will be\nremoved in subsequent patches.\n\nHistorical problems go back at least as far as v5.17, e.g. erroneous\nassumptions about TIF_SVE being clear in commit:\n\n 8383741ab2e773a9 (\"KVM: arm64: Get rid of host SVE tracking/saving\")\n\n... and so this eager save+flush probably needs to be backported to ALL\nstable trees.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22013",
"url": "https://www.suse.com/security/cve/CVE-2025-22013"
},
{
"category": "external",
"summary": "SUSE Bug 1240938 for CVE-2025-22013",
"url": "https://bugzilla.suse.com/1240938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-22013"
},
{
"cve": "CVE-2025-22014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pdr: Fix the potential deadlock\n\nWhen some client process A call pdr_add_lookup() to add the look up for\nthe service and does schedule locator work, later a process B got a new\nserver packet indicating locator is up and call pdr_locator_new_server()\nwhich eventually sets pdr-\u003elocator_init_complete to true which process A\nsees and takes list lock and queries domain list but it will timeout due\nto deadlock as the response will queued to the same qmi-\u003ewq and it is\nordered workqueue and process B is not able to complete new server\nrequest work due to deadlock on list lock.\n\nFix it by removing the unnecessary list iteration as the list iteration\nis already being done inside locator work, so avoid it here and just\ncall schedule_work() here.\n\n Process A Process B\n\n process_scheduled_works()\npdr_add_lookup() qmi_data_ready_work()\n process_scheduled_works() pdr_locator_new_server()\n pdr-\u003elocator_init_complete=true;\n pdr_locator_work()\n mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_locate_service() mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_get_domain_list()\n pr_err(\"PDR: %s get domain list\n txn wait failed: %d\\n\",\n req-\u003eservice_name,\n ret);\n\nTimeout error log due to deadlock:\n\n\"\n PDR: tms/servreg get domain list txn wait failed: -110\n PDR: service lookup for msm/adsp/sensor_pd:tms/servreg failed: -110\n\"\n\nThanks to Bjorn and Johan for letting me know that this commit also fixes\nan audio regression when using the in-kernel pd-mapper as that makes it\neasier to hit this race. [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22014",
"url": "https://www.suse.com/security/cve/CVE-2025-22014"
},
{
"category": "external",
"summary": "SUSE Bug 1240937 for CVE-2025-22014",
"url": "https://bugzilla.suse.com/1240937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-22014"
},
{
"cve": "CVE-2025-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2312"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host\u0027s Kerberos credentials cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2312",
"url": "https://www.suse.com/security/cve/CVE-2025-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1239680 for CVE-2025-2312",
"url": "https://bugzilla.suse.com/1239680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.ppc64le",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-devel-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.1:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.1:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.1:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.1:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:30:40Z",
"details": "moderate"
}
],
"title": "CVE-2025-2312"
}
]
}
SUSE-SU-2025:1180-1
Vulnerability from csaf_suse - Published: 2025-04-09 07:02 - Updated: 2025-04-09 07:02Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56638: kABI fix for 'netfilter: nft_inner: incorrect percpu area handling under softirq' (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
The following non-security bugs were fixed:
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acpi: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- acpi: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- alsa: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- alsa: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- alsa: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- alsa: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- alsa: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- alsa: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Always honor no_shutup_pins (git-fixes).
- alsa: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- alsa: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- alsa: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- alsa: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- alsa: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- alsa: hda/realtek: update ALC222 depop optimize (stable-fixes).
- alsa: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- alsa: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- alsa: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- alsa: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- alsa: usx2y: validate nrpacks module parameter on probe (git-fixes).
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- asoc: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- asoc: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- asoc: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- asoc: cs35l41: check the return value from spi_setup() (git-fixes).
- asoc: ops: Consistently treat platform_max as control value (git-fixes).
- asoc: rt722-sdca: add missing readable registers (git-fixes).
- asoc: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- asoc: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- asoc: tas2764: Fix power control mask (stable-fixes).
- asoc: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- asoc: tas2770: Fix volume scale (stable-fixes).
- asoc: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix 'Full Going True' macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - Fix spelling mistake 'Invalide' -> 'Invalid' (jsc#PED-12416).
- crypto: qat - Fix typo 'accelaration' (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- documentation: qat: fix auto_reset attribute details (git-fixes).
- documentation: qat: fix auto_reset section (git-fixes).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake 'gettin' -> 'getting' (git-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- hid: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- hid: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- hid: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- hid: Enable playstation driver independently of sony driver (git-fixes).
- hid: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- hid: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- hid: hid-steam: Fix use-after-free when detaching device (git-fixes).
- hid: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- hid: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- hid: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- hid: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- hid: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- hid: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- hid: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- ib/mad: Check available slots before posting receive WRs (git-fixes)
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- init: add initramfs_internal.h (bsc#1232848).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- input: ads7846 - fix gpiod allocation (git-fixes).
- input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- input: iqs7222 - preserve system status register (git-fixes).
- input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- input: xpad - add multiple supported devices (stable-fixes).
- input: xpad - add support for TECNO Pocket Go (stable-fixes).
- input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- input: xpad - rename QH controller to Legion Go S (stable-fixes).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: '__ALIGN_KERNEL' redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649). Refresh: - patches.suse/nvme-fc-use-ctrl-state-getter.patch
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).
- padata: fix sysfs store callback check (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- pci: Avoid reset when disabled via sysfs (git-fixes).
- pci: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- pci: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- pci: brcmstb: Fix potential premature regulator disabling (git-fixes).
- pci: brcmstb: Set generation limit before PCIe link up (git-fixes).
- pci: brcmstb: Use internal register to change link capability (git-fixes).
- pci: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- pci: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- pci: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- pci: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- pci: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- pci: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- pci/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- pci/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- pci/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- pci/DOE: Support discovery version 2 (bsc#1237853)
- pci/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- pm: sleep: Adjust check before setting power.must_resume (git-fixes).
- pm: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powerpc: Stop using no_llseek (bsc#1239573).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). Replace our patch with the upstream version.
- rdma/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- rdma/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- rdma/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- rdma/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- rdma/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- rdma/hns: Fix missing xa_destroy() (git-fixes)
- rdma/hns: Fix soft lockup during bt pages loop (git-fixes)
- rdma/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- rdma/hns: Fix wrong value of max_sge_rd (git-fixes)
- rdma/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- rdma/mlx5: Fix cache entry update on dereg error (git-fixes)
- rdma/mlx5: Fix calculation of total invalidated pages (git-fixes)
- rdma/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- rdma/mlx5: Fix MR cache initialization error flow (git-fixes)
- rdma/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- rdma/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- reapply 'wifi: ath11k: restore country code during resume' (bsc#1207948).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- revert 'dm: requeue IO if mapping table not yet available' (git-fixes).
- revert 'drivers/card_reader/rtsx_usb: Restore interrupt based detection' (git-fixes).
- revert 'leds-pca955x: Remove the unused function pca95xx_num_led_regs()' (stable-fixes).
- revert 'wifi: ath11k: restore country code during resume' (bsc#1207948).
- revert 'wifi: ath11k: support hibernation' (bsc#1207948).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- sunrpc: convert RPC_TASK_* constants to enum (git-fixes).
- sunrpc: Handle -ETIMEDOUT return from tlshd (git-fixes).
- sunrpc: Prevent looping due to rpc_signal_task() races (git-fixes).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- usb: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- usb: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- usb: serial: option: match on interface class for Telit FN990B (stable-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle 'nosmt' correctly (git-fixes).
- x86/microcode: Handle 'offline' CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
Patchnames
SUSE-2025-1180,SUSE-SLE-Module-Basesystem-15-SP6-2025-1180,SUSE-SLE-Module-Development-Tools-15-SP6-2025-1180,SUSE-SLE-Module-Legacy-15-SP6-2025-1180,SUSE-SLE-Module-Live-Patching-15-SP6-2025-1180,SUSE-SLE-Product-HA-15-SP6-2025-1180,SUSE-SLE-Product-WE-15-SP6-2025-1180,openSUSE-SLE-15.6-2025-1180
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n \n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56638: kABI fix for \u0027netfilter: nft_inner: incorrect percpu area handling under softirq\u0027 (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n\nThe following non-security bugs were fixed:\n\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acpi: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- acpi: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- af_unix: Annotate data-race of sk-\u003esk_state in unix_stream_read_skb() (bsc#1239435).\n- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- alsa: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- alsa: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).\n- alsa: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).\n- alsa: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).\n- alsa: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- alsa: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).\n- alsa: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- alsa: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).\n- alsa: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).\n- alsa: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- alsa: hda/realtek: update ALC222 depop optimize (stable-fixes).\n- alsa: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- alsa: seq: Avoid module auto-load handling at event delivery (stable-fixes).\n- alsa: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- alsa: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- alsa: usx2y: validate nrpacks module parameter on probe (git-fixes).\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- asoc: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- asoc: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- asoc: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- asoc: cs35l41: check the return value from spi_setup() (git-fixes).\n- asoc: ops: Consistently treat platform_max as control value (git-fixes).\n- asoc: rt722-sdca: add missing readable registers (git-fixes).\n- asoc: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- asoc: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- asoc: tas2764: Fix power control mask (stable-fixes).\n- asoc: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- asoc: tas2770: Fix volume scale (stable-fixes).\n- asoc: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- block: cleanup and fix batch completion adding conditions (git-fixes).\n- block: do not revert iter for -EIOCBQUEUED (git-fixes).\n- bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).\n- bpf: Fix a verifier verbose message (git-fixes).\n- bpf: prevent r10 register from being marked as precise (git-fixes).\n- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).\n- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdx: Fix possible UAF error in driver_override_show() (git-fixes).\n- char: misc: deallocate static minor in error path (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)\n- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)\n- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)\n- cpufreq/cppc: Move and rename (bsc#1237856)\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \u0027Full Going True\u0027 macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \u0027Invalide\u0027 -\u003e \u0027Invalid\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo \u0027accelaration\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes). \n- dm: Fix typo in error message (git-fixes).\n- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).\n- documentation: qat: fix auto_reset attribute details (git-fixes).\n- documentation: qat: fix auto_reset section (git-fixes).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).\n- drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Fix HPD after gpu reset (stable-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \u0027gettin\u0027 -\u003e \u0027getting\u0027 (git-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Remove async regmap writes (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).\n- gpio: rcar: Fix missing of_node_put() call (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- hid: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- hid: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- hid: appleir: Fix potential NULL dereference at raw event handle (git-fixes).\n- hid: Enable playstation driver independently of sony driver (git-fixes).\n- hid: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).\n- hid: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- hid: hid-steam: Fix use-after-free when detaching device (git-fixes).\n- hid: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).\n- hid: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- hid: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- hid: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).\n- hid: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- hid: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- hid: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).\n- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).\n- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).\n- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- ib/mad: Check available slots before posting receive WRs (git-fixes)\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).\n- iio: dac: ad3552r: clear reset status flag (git-fixes).\n- iio: filter: admv8818: Force initialization of SDO (git-fixes).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- init: add initramfs_internal.h (bsc#1232848).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- input: ads7846 - fix gpiod allocation (git-fixes).\n- input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- input: iqs7222 - preserve system status register (git-fixes).\n- input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- input: xpad - add multiple supported devices (stable-fixes).\n- input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).\n- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).\n- l2tp: fix lockdep splat (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- memblock tests: fix warning: \u0027__ALIGN_KERNEL\u0027 redefined (git-fixes). \n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- net l2tp: drop flow hash on forward (git-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- nfsd: clear acl_access/acl_default after releasing them (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649). Refresh: - patches.suse/nvme-fc-use-ctrl-state-getter.patch\n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- orangefs: fix a oob in orangefs_debug_write (git-fixes).\n- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).\n- padata: fix sysfs store callback check (git-fixes).\n- partitions: mac: fix handling of bogus partition table (git-fixes).\n- pci: Avoid reset when disabled via sysfs (git-fixes).\n- pci: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- pci: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- pci: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- pci: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- pci: brcmstb: Use internal register to change link capability (git-fixes).\n- pci: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- pci: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- pci: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- pci: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- pci: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- pci: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- pci/ACS: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- pci/ASPM: Fix link state exit during switch upstream function removal (git-fixes).\n- pci/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)\n- pci/DOE: Support discovery version 2 (bsc#1237853)\n- pci/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- pm: sleep: Adjust check before setting power.must_resume (git-fixes).\n- pm: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).\n- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).\n- rapidio: fix an API misues when rio_add_net() fails (git-fixes).\n- ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). Replace our patch with the upstream version.\n- rdma/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- rdma/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- rdma/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- rdma/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- rdma/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- rdma/hns: Fix missing xa_destroy() (git-fixes)\n- rdma/hns: Fix soft lockup during bt pages loop (git-fixes)\n- rdma/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- rdma/hns: Fix wrong value of max_sge_rd (git-fixes)\n- rdma/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- rdma/mlx5: Fix cache entry update on dereg error (git-fixes)\n- rdma/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- rdma/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- rdma/mlx5: Fix MR cache initialization error flow (git-fixes)\n- rdma/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- rdma/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- reapply \u0027wifi: ath11k: restore country code during resume\u0027 (bsc#1207948).\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- revert \u0027dm: requeue IO if mapping table not yet available\u0027 (git-fixes).\n- revert \u0027drivers/card_reader/rtsx_usb: Restore interrupt based detection\u0027 (git-fixes).\n- revert \u0027leds-pca955x: Remove the unused function pca95xx_num_led_regs()\u0027 (stable-fixes).\n- revert \u0027wifi: ath11k: restore country code during resume\u0027 (bsc#1207948).\n- revert \u0027wifi: ath11k: support hibernation\u0027 (bsc#1207948).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) \n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).\n- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).\n- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).\n- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- sunrpc: convert RPC_TASK_* constants to enum (git-fixes).\n- sunrpc: Handle -ETIMEDOUT return from tlshd (git-fixes).\n- sunrpc: Prevent looping due to rpc_signal_task() races (git-fixes).\n- sunrpc: suppress warnings for unused procfs functions (git-fixes).\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tcp: Update window clamping condition (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes). \n- tools: move alignment-related macros to new \u0026lt;linux/align.h\u003e (git-fixes).\n- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).\n- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).\n- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).\n- usb: gadget: Fix setting self-powered state on suspend (git-fixes).\n- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).\n- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).\n- usb: hub: lack of clearing xHC resources (git-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: renesas_usbhs: Call clk_put() (git-fixes).\n- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).\n- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).\n- usb: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- usb: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- usb: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- usb: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).\n- usb: typec: ucsi: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \u0027nosmt\u0027 correctly (git-fixes).\n- x86/microcode: Handle \u0027offline\u0027 CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1180,SUSE-SLE-Module-Basesystem-15-SP6-2025-1180,SUSE-SLE-Module-Development-Tools-15-SP6-2025-1180,SUSE-SLE-Module-Legacy-15-SP6-2025-1180,SUSE-SLE-Module-Live-Patching-15-SP6-2025-1180,SUSE-SLE-Product-HA-15-SP6-2025-1180,SUSE-SLE-Product-WE-15-SP6-2025-1180,openSUSE-SLE-15.6-2025-1180",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1180-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1180-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251180-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1180-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020675.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215211",
"url": "https://bugzilla.suse.com/1215211"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1221651",
"url": "https://bugzilla.suse.com/1221651"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1223047",
"url": "https://bugzilla.suse.com/1223047"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224610",
"url": "https://bugzilla.suse.com/1224610"
},
{
"category": "self",
"summary": "SUSE Bug 1225533",
"url": "https://bugzilla.suse.com/1225533"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1228653",
"url": "https://bugzilla.suse.com/1228653"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1229361",
"url": "https://bugzilla.suse.com/1229361"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230728",
"url": "https://bugzilla.suse.com/1230728"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1230832",
"url": "https://bugzilla.suse.com/1230832"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231432",
"url": "https://bugzilla.suse.com/1231432"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232421",
"url": "https://bugzilla.suse.com/1232421"
},
{
"category": "self",
"summary": "SUSE Bug 1232743",
"url": "https://bugzilla.suse.com/1232743"
},
{
"category": "self",
"summary": "SUSE Bug 1232812",
"url": "https://bugzilla.suse.com/1232812"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1233033",
"url": "https://bugzilla.suse.com/1233033"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233259",
"url": "https://bugzilla.suse.com/1233259"
},
{
"category": "self",
"summary": "SUSE Bug 1233260",
"url": "https://bugzilla.suse.com/1233260"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233749",
"url": "https://bugzilla.suse.com/1233749"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235698",
"url": "https://bugzilla.suse.com/1235698"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235761",
"url": "https://bugzilla.suse.com/1235761"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236099",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236692",
"url": "https://bugzilla.suse.com/1236692"
},
{
"category": "self",
"summary": "SUSE Bug 1237029",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237558",
"url": "https://bugzilla.suse.com/1237558"
},
{
"category": "self",
"summary": "SUSE Bug 1237562",
"url": "https://bugzilla.suse.com/1237562"
},
{
"category": "self",
"summary": "SUSE Bug 1237565",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "self",
"summary": "SUSE Bug 1237571",
"url": "https://bugzilla.suse.com/1237571"
},
{
"category": "self",
"summary": "SUSE Bug 1237853",
"url": "https://bugzilla.suse.com/1237853"
},
{
"category": "self",
"summary": "SUSE Bug 1237856",
"url": "https://bugzilla.suse.com/1237856"
},
{
"category": "self",
"summary": "SUSE Bug 1237873",
"url": "https://bugzilla.suse.com/1237873"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237876",
"url": "https://bugzilla.suse.com/1237876"
},
{
"category": "self",
"summary": "SUSE Bug 1237877",
"url": "https://bugzilla.suse.com/1237877"
},
{
"category": "self",
"summary": "SUSE Bug 1237881",
"url": "https://bugzilla.suse.com/1237881"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237890",
"url": "https://bugzilla.suse.com/1237890"
},
{
"category": "self",
"summary": "SUSE Bug 1237894",
"url": "https://bugzilla.suse.com/1237894"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237900",
"url": "https://bugzilla.suse.com/1237900"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1237907",
"url": "https://bugzilla.suse.com/1237907"
},
{
"category": "self",
"summary": "SUSE Bug 1237911",
"url": "https://bugzilla.suse.com/1237911"
},
{
"category": "self",
"summary": "SUSE Bug 1237912",
"url": "https://bugzilla.suse.com/1237912"
},
{
"category": "self",
"summary": "SUSE Bug 1237950",
"url": "https://bugzilla.suse.com/1237950"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238474",
"url": "https://bugzilla.suse.com/1238474"
},
{
"category": "self",
"summary": "SUSE Bug 1238475",
"url": "https://bugzilla.suse.com/1238475"
},
{
"category": "self",
"summary": "SUSE Bug 1238479",
"url": "https://bugzilla.suse.com/1238479"
},
{
"category": "self",
"summary": "SUSE Bug 1238494",
"url": "https://bugzilla.suse.com/1238494"
},
{
"category": "self",
"summary": "SUSE Bug 1238496",
"url": "https://bugzilla.suse.com/1238496"
},
{
"category": "self",
"summary": "SUSE Bug 1238497",
"url": "https://bugzilla.suse.com/1238497"
},
{
"category": "self",
"summary": "SUSE Bug 1238500",
"url": "https://bugzilla.suse.com/1238500"
},
{
"category": "self",
"summary": "SUSE Bug 1238501",
"url": "https://bugzilla.suse.com/1238501"
},
{
"category": "self",
"summary": "SUSE Bug 1238502",
"url": "https://bugzilla.suse.com/1238502"
},
{
"category": "self",
"summary": "SUSE Bug 1238503",
"url": "https://bugzilla.suse.com/1238503"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238507",
"url": "https://bugzilla.suse.com/1238507"
},
{
"category": "self",
"summary": "SUSE Bug 1238510",
"url": "https://bugzilla.suse.com/1238510"
},
{
"category": "self",
"summary": "SUSE Bug 1238511",
"url": "https://bugzilla.suse.com/1238511"
},
{
"category": "self",
"summary": "SUSE Bug 1238512",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "self",
"summary": "SUSE Bug 1238521",
"url": "https://bugzilla.suse.com/1238521"
},
{
"category": "self",
"summary": "SUSE Bug 1238523",
"url": "https://bugzilla.suse.com/1238523"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238529",
"url": "https://bugzilla.suse.com/1238529"
},
{
"category": "self",
"summary": "SUSE Bug 1238531",
"url": "https://bugzilla.suse.com/1238531"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238715",
"url": "https://bugzilla.suse.com/1238715"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238734",
"url": "https://bugzilla.suse.com/1238734"
},
{
"category": "self",
"summary": "SUSE Bug 1238735",
"url": "https://bugzilla.suse.com/1238735"
},
{
"category": "self",
"summary": "SUSE Bug 1238736",
"url": "https://bugzilla.suse.com/1238736"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238747",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238757",
"url": "https://bugzilla.suse.com/1238757"
},
{
"category": "self",
"summary": "SUSE Bug 1238760",
"url": "https://bugzilla.suse.com/1238760"
},
{
"category": "self",
"summary": "SUSE Bug 1238762",
"url": "https://bugzilla.suse.com/1238762"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238767",
"url": "https://bugzilla.suse.com/1238767"
},
{
"category": "self",
"summary": "SUSE Bug 1238768",
"url": "https://bugzilla.suse.com/1238768"
},
{
"category": "self",
"summary": "SUSE Bug 1238771",
"url": "https://bugzilla.suse.com/1238771"
},
{
"category": "self",
"summary": "SUSE Bug 1238772",
"url": "https://bugzilla.suse.com/1238772"
},
{
"category": "self",
"summary": "SUSE Bug 1238773",
"url": "https://bugzilla.suse.com/1238773"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238781",
"url": "https://bugzilla.suse.com/1238781"
},
{
"category": "self",
"summary": "SUSE Bug 1238785",
"url": "https://bugzilla.suse.com/1238785"
},
{
"category": "self",
"summary": "SUSE Bug 1238864",
"url": "https://bugzilla.suse.com/1238864"
},
{
"category": "self",
"summary": "SUSE Bug 1238865",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1238903",
"url": "https://bugzilla.suse.com/1238903"
},
{
"category": "self",
"summary": "SUSE Bug 1238904",
"url": "https://bugzilla.suse.com/1238904"
},
{
"category": "self",
"summary": "SUSE Bug 1238905",
"url": "https://bugzilla.suse.com/1238905"
},
{
"category": "self",
"summary": "SUSE Bug 1238909",
"url": "https://bugzilla.suse.com/1238909"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238917",
"url": "https://bugzilla.suse.com/1238917"
},
{
"category": "self",
"summary": "SUSE Bug 1238958",
"url": "https://bugzilla.suse.com/1238958"
},
{
"category": "self",
"summary": "SUSE Bug 1238959",
"url": "https://bugzilla.suse.com/1238959"
},
{
"category": "self",
"summary": "SUSE Bug 1238963",
"url": "https://bugzilla.suse.com/1238963"
},
{
"category": "self",
"summary": "SUSE Bug 1238964",
"url": "https://bugzilla.suse.com/1238964"
},
{
"category": "self",
"summary": "SUSE Bug 1238969",
"url": "https://bugzilla.suse.com/1238969"
},
{
"category": "self",
"summary": "SUSE Bug 1238971",
"url": "https://bugzilla.suse.com/1238971"
},
{
"category": "self",
"summary": "SUSE Bug 1238973",
"url": "https://bugzilla.suse.com/1238973"
},
{
"category": "self",
"summary": "SUSE Bug 1238975",
"url": "https://bugzilla.suse.com/1238975"
},
{
"category": "self",
"summary": "SUSE Bug 1238978",
"url": "https://bugzilla.suse.com/1238978"
},
{
"category": "self",
"summary": "SUSE Bug 1238979",
"url": "https://bugzilla.suse.com/1238979"
},
{
"category": "self",
"summary": "SUSE Bug 1238981",
"url": "https://bugzilla.suse.com/1238981"
},
{
"category": "self",
"summary": "SUSE Bug 1238984",
"url": "https://bugzilla.suse.com/1238984"
},
{
"category": "self",
"summary": "SUSE Bug 1238986",
"url": "https://bugzilla.suse.com/1238986"
},
{
"category": "self",
"summary": "SUSE Bug 1238993",
"url": "https://bugzilla.suse.com/1238993"
},
{
"category": "self",
"summary": "SUSE Bug 1238994",
"url": "https://bugzilla.suse.com/1238994"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239027",
"url": "https://bugzilla.suse.com/1239027"
},
{
"category": "self",
"summary": "SUSE Bug 1239029",
"url": "https://bugzilla.suse.com/1239029"
},
{
"category": "self",
"summary": "SUSE Bug 1239030",
"url": "https://bugzilla.suse.com/1239030"
},
{
"category": "self",
"summary": "SUSE Bug 1239033",
"url": "https://bugzilla.suse.com/1239033"
},
{
"category": "self",
"summary": "SUSE Bug 1239034",
"url": "https://bugzilla.suse.com/1239034"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239037",
"url": "https://bugzilla.suse.com/1239037"
},
{
"category": "self",
"summary": "SUSE Bug 1239038",
"url": "https://bugzilla.suse.com/1239038"
},
{
"category": "self",
"summary": "SUSE Bug 1239039",
"url": "https://bugzilla.suse.com/1239039"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239065",
"url": "https://bugzilla.suse.com/1239065"
},
{
"category": "self",
"summary": "SUSE Bug 1239068",
"url": "https://bugzilla.suse.com/1239068"
},
{
"category": "self",
"summary": "SUSE Bug 1239073",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "self",
"summary": "SUSE Bug 1239076",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "self",
"summary": "SUSE Bug 1239080",
"url": "https://bugzilla.suse.com/1239080"
},
{
"category": "self",
"summary": "SUSE Bug 1239085",
"url": "https://bugzilla.suse.com/1239085"
},
{
"category": "self",
"summary": "SUSE Bug 1239087",
"url": "https://bugzilla.suse.com/1239087"
},
{
"category": "self",
"summary": "SUSE Bug 1239095",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "self",
"summary": "SUSE Bug 1239104",
"url": "https://bugzilla.suse.com/1239104"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239109",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "self",
"summary": "SUSE Bug 1239112",
"url": "https://bugzilla.suse.com/1239112"
},
{
"category": "self",
"summary": "SUSE Bug 1239114",
"url": "https://bugzilla.suse.com/1239114"
},
{
"category": "self",
"summary": "SUSE Bug 1239115",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239167",
"url": "https://bugzilla.suse.com/1239167"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239435",
"url": "https://bugzilla.suse.com/1239435"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239615",
"url": "https://bugzilla.suse.com/1239615"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52831 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52926 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26873 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46736 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58079 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21631 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21704 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21708 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21731 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21733 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21736 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21745 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21784 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21828 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-04-09T07:02:27Z",
"generator": {
"date": "2025-04-09T07:02:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1180-1",
"initial_release_date": "2025-04-09T07:02:27Z",
"revision_history": [
{
"date": "2025-04-09T07:02:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product_id": "cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product_id": "dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product_id": "dlm-kmp-default-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-allwinner-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-altera-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-altera-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-amazon-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-amd-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-amd-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-amlogic-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-apm-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-apm-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apple-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-apple-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-apple-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-arm-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-arm-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-broadcom-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-cavium-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-exynos-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-freescale-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-hisilicon-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-lg-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-lg-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-marvell-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-mediatek-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-nvidia-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-qcom-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-renesas-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-rockchip-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-socionext-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-sprd-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"product_id": "dtb-xilinx-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product_id": "gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-64kb-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-default-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-default-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"product_id": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"product_id": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-default-devel-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-default-extra-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-default-optional-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"product_id": "kernel-obs-build-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"product_id": "kernel-obs-qa-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.47.1.aarch64",
"product": {
"name": "kernel-syms-6.4.0-150600.23.47.1.aarch64",
"product_id": "kernel-syms-6.4.0-150600.23.47.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product_id": "kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product_id": "ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"product_id": "reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-150600.23.47.2.noarch",
"product": {
"name": "kernel-devel-6.4.0-150600.23.47.2.noarch",
"product_id": "kernel-devel-6.4.0-150600.23.47.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-6.4.0-150600.23.47.1.noarch",
"product": {
"name": "kernel-docs-6.4.0-150600.23.47.1.noarch",
"product_id": "kernel-docs-6.4.0-150600.23.47.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"product": {
"name": "kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"product_id": "kernel-docs-html-6.4.0-150600.23.47.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-150600.23.47.2.noarch",
"product": {
"name": "kernel-macros-6.4.0-150600.23.47.2.noarch",
"product_id": "kernel-macros-6.4.0-150600.23.47.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-150600.23.47.2.noarch",
"product": {
"name": "kernel-source-6.4.0-150600.23.47.2.noarch",
"product_id": "kernel-source-6.4.0-150600.23.47.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"product": {
"name": "kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"product_id": "kernel-source-vanilla-6.4.0-150600.23.47.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product_id": "dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-debug-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-default-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-default-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"product_id": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"product_id": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-default-devel-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-default-extra-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-default-optional-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"product_id": "kernel-obs-build-6.4.0-150600.23.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"product_id": "kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"product": {
"name": "kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"product_id": "kernel-syms-6.4.0-150600.23.47.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"product_id": "dlm-kmp-default-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "kernel-default-6.4.0-150600.23.47.2.s390x",
"product_id": "kernel-default-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"product_id": "kernel-default-devel-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"product_id": "kernel-default-extra-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"product_id": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"product_id": "kernel-default-optional-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"product_id": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"product_id": "kernel-obs-build-6.4.0-150600.23.47.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"product_id": "kernel-obs-qa-6.4.0-150600.23.47.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.47.1.s390x",
"product": {
"name": "kernel-syms-6.4.0-150600.23.47.1.s390x",
"product_id": "kernel-syms-6.4.0-150600.23.47.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"product_id": "kernel-zfcpdump-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product_id": "cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product_id": "dlm-kmp-default-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product_id": "gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-debug-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-debug-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-debug-devel-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-default-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-default-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"product_id": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"product_id": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-default-devel-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-default-extra-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-default-optional-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-default-vdso-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"product_id": "kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"product": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"product_id": "kernel-obs-build-6.4.0-150600.23.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"product": {
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"product_id": "kernel-obs-qa-6.4.0-150600.23.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150600.23.47.1.x86_64",
"product": {
"name": "kernel-syms-6.4.0-150600.23.47.1.x86_64",
"product_id": "kernel-syms-6.4.0-150600.23.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product_id": "kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product_id": "ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"product_id": "reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150600.23.47.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.47.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.47.2.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150600.23.47.2.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch"
},
"product_reference": "kernel-devel-6.4.0-150600.23.47.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150600.23.47.2.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch"
},
"product_reference": "kernel-macros-6.4.0-150600.23.47.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150600.23.47.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150600.23.47.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150600.23.47.2.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch"
},
"product_reference": "kernel-source-6.4.0-150600.23.47.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.47.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.47.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.47.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150600.23.47.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.47.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.47.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP6",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.47.2.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP6",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-allwinner-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-altera-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-altera-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amazon-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amd-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-amd-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-amlogic-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-apm-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-apm-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-apple-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-apple-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-arm-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-arm-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-broadcom-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-cavium-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-exynos-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-freescale-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-hisilicon-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-lg-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-lg-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-marvell-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-mediatek-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-nvidia-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-qcom-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-renesas-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-rockchip-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-socionext-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-sprd-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dtb-xilinx-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-debug-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64"
},
"product_reference": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le"
},
"product_reference": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64"
},
"product_reference": "kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-optional-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-vdso-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150600.23.47.2.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch"
},
"product_reference": "kernel-devel-6.4.0-150600.23.47.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150600.23.47.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150600.23.47.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-6.4.0-150600.23.47.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch"
},
"product_reference": "kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150600.23.47.2.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch"
},
"product_reference": "kernel-macros-6.4.0-150600.23.47.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150600.23.47.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-6.4.0-150600.23.47.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64"
},
"product_reference": "kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150600.23.47.2.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch"
},
"product_reference": "kernel-source-6.4.0-150600.23.47.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-6.4.0-150600.23.47.2.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch"
},
"product_reference": "kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.47.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.47.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.47.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.47.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150600.23.47.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150600.23.47.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150600.23.47.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52831",
"url": "https://www.suse.com/security/cve/CVE-2023-52831"
},
{
"category": "external",
"summary": "SUSE Bug 1225533 for CVE-2023-52831",
"url": "https://bugzilla.suse.com/1225533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIORING_OP_READ did not correctly consume the provided buffer list when\nread i/o returned \u003c 0 (except for -EAGAIN and -EIOCBQUEUED return).\nThis can lead to a potential use-after-free when the completion via\nio_rw_done runs at separate context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52926",
"url": "https://www.suse.com/security/cve/CVE-2023-52926"
},
{
"category": "external",
"summary": "SUSE Bug 1237565 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "external",
"summary": "SUSE Bug 1237567 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-26634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26634",
"url": "https://www.suse.com/security/cve/CVE-2024-26634"
},
{
"category": "external",
"summary": "SUSE Bug 1221651 for CVE-2024-26634",
"url": "https://bugzilla.suse.com/1221651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix a deadlock issue related to automatic dump\n\nIf we issue a disabling PHY command, the device attached with it will go\noffline, if a 2 bit ECC error occurs at the same time, a hung task may be\nfound:\n\n[ 4613.652388] INFO: task kworker/u256:0:165233 blocked for more than 120 seconds.\n[ 4613.666297] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.674809] task:kworker/u256:0 state:D stack: 0 pid:165233 ppid: 2 flags:0x00000208\n[ 4613.683959] Workqueue: 0000:74:02.0_disco_q sas_revalidate_domain [libsas]\n[ 4613.691518] Call trace:\n[ 4613.694678] __switch_to+0xf8/0x17c\n[ 4613.698872] __schedule+0x660/0xee0\n[ 4613.703063] schedule+0xac/0x240\n[ 4613.706994] schedule_timeout+0x500/0x610\n[ 4613.711705] __down+0x128/0x36c\n[ 4613.715548] down+0x240/0x2d0\n[ 4613.719221] hisi_sas_internal_abort_timeout+0x1bc/0x260 [hisi_sas_main]\n[ 4613.726618] sas_execute_internal_abort+0x144/0x310 [libsas]\n[ 4613.732976] sas_execute_internal_abort_dev+0x44/0x60 [libsas]\n[ 4613.739504] hisi_sas_internal_task_abort_dev.isra.0+0xbc/0x1b0 [hisi_sas_main]\n[ 4613.747499] hisi_sas_dev_gone+0x174/0x250 [hisi_sas_main]\n[ 4613.753682] sas_notify_lldd_dev_gone+0xec/0x2e0 [libsas]\n[ 4613.759781] sas_unregister_common_dev+0x4c/0x7a0 [libsas]\n[ 4613.765962] sas_destruct_devices+0xb8/0x120 [libsas]\n[ 4613.771709] sas_do_revalidate_domain.constprop.0+0x1b8/0x31c [libsas]\n[ 4613.778930] sas_revalidate_domain+0x60/0xa4 [libsas]\n[ 4613.784716] process_one_work+0x248/0x950\n[ 4613.789424] worker_thread+0x318/0x934\n[ 4613.793878] kthread+0x190/0x200\n[ 4613.797810] ret_from_fork+0x10/0x18\n[ 4613.802121] INFO: task kworker/u256:4:316722 blocked for more than 120 seconds.\n[ 4613.816026] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.824538] task:kworker/u256:4 state:D stack: 0 pid:316722 ppid: 2 flags:0x00000208\n[ 4613.833670] Workqueue: 0000:74:02.0 hisi_sas_rst_work_handler [hisi_sas_main]\n[ 4613.841491] Call trace:\n[ 4613.844647] __switch_to+0xf8/0x17c\n[ 4613.848852] __schedule+0x660/0xee0\n[ 4613.853052] schedule+0xac/0x240\n[ 4613.856984] schedule_timeout+0x500/0x610\n[ 4613.861695] __down+0x128/0x36c\n[ 4613.865542] down+0x240/0x2d0\n[ 4613.869216] hisi_sas_controller_prereset+0x58/0x1fc [hisi_sas_main]\n[ 4613.876324] hisi_sas_rst_work_handler+0x40/0x8c [hisi_sas_main]\n[ 4613.883019] process_one_work+0x248/0x950\n[ 4613.887732] worker_thread+0x318/0x934\n[ 4613.892204] kthread+0x190/0x200\n[ 4613.896118] ret_from_fork+0x10/0x18\n[ 4613.900423] INFO: task kworker/u256:1:348985 blocked for more than 121 seconds.\n[ 4613.914341] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.922852] task:kworker/u256:1 state:D stack: 0 pid:348985 ppid: 2 flags:0x00000208\n[ 4613.931984] Workqueue: 0000:74:02.0_event_q sas_port_event_worker [libsas]\n[ 4613.939549] Call trace:\n[ 4613.942702] __switch_to+0xf8/0x17c\n[ 4613.946892] __schedule+0x660/0xee0\n[ 4613.951083] schedule+0xac/0x240\n[ 4613.955015] schedule_timeout+0x500/0x610\n[ 4613.959725] wait_for_common+0x200/0x610\n[ 4613.964349] wait_for_completion+0x3c/0x5c\n[ 4613.969146] flush_workqueue+0x198/0x790\n[ 4613.973776] sas_porte_broadcast_rcvd+0x1e8/0x320 [libsas]\n[ 4613.979960] sas_port_event_worker+0x54/0xa0 [libsas]\n[ 4613.985708] process_one_work+0x248/0x950\n[ 4613.990420] worker_thread+0x318/0x934\n[ 4613.994868] kthread+0x190/0x200\n[ 4613.998800] ret_from_fork+0x10/0x18\n\nThis is because when the device goes offline, we obtain the hisi_hba\nsemaphore and send the ABORT_DEV command to the device. However, the\ninternal abort timed out due to the 2 bit ECC error and triggers automatic\ndump. In addition, since the hisi_hba semaphore has been obtained, the dump\ncannot be executed and the controller cannot be reset.\n\nTherefore, the deadlocks occur on the following circular dependencies\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26873",
"url": "https://www.suse.com/security/cve/CVE-2024-26873"
},
{
"category": "external",
"summary": "SUSE Bug 1223047 for CVE-2024-26873",
"url": "https://bugzilla.suse.com/1223047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-35826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix page refcounts for unaligned buffers in __bio_release_pages()\n\nFix an incorrect number of pages being released for buffers that do not\nstart at the beginning of a page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35826",
"url": "https://www.suse.com/security/cve/CVE-2024-35826"
},
{
"category": "external",
"summary": "SUSE Bug 1224610 for CVE-2024-35826",
"url": "https://bugzilla.suse.com/1224610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix validation of block size\n\nBlock size should be between 512 and PAGE_SIZE and be a power of 2. The current\ncheck does not validate this, so update the check.\n\nWithout this patch, null_blk would Oops due to a null pointer deref when\nloaded with bs=1536 [1].\n\n\n[axboe: remove unnecessary braces and != 0 check]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41077",
"url": "https://www.suse.com/security/cve/CVE-2024-41077"
},
{
"category": "external",
"summary": "SUSE Bug 1228653 for CVE-2024-41077",
"url": "https://bugzilla.suse.com/1228653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41149",
"url": "https://www.suse.com/security/cve/CVE-2024-41149"
},
{
"category": "external",
"summary": "SUSE Bug 1235698 for CVE-2024-41149",
"url": "https://bugzilla.suse.com/1235698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n fs/smb/client/cifsfs.c:1981 init_cifs()\n error: we previously assumed \u0027serverclose_wq\u0027 could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42307",
"url": "https://www.suse.com/security/cve/CVE-2024-42307"
},
{
"category": "external",
"summary": "SUSE Bug 1229361 for CVE-2024-42307",
"url": "https://bugzilla.suse.com/1229361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-46736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46736",
"url": "https://www.suse.com/security/cve/CVE-2024-46736"
},
{
"category": "external",
"summary": "SUSE Bug 1230728 for CVE-2024-46736",
"url": "https://bugzilla.suse.com/1230728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n CIFS: Attempting to mount //w22-fs0/scratch\n run fstests generic/013 at 2024-09-02 19:48:59\n ==================================================================\n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n 04/01/2014\n Workqueue: cifsoplockd cifs_oplock_break [cifs]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? detach_if_pending+0xab/0x200\n print_report+0x156/0x4d9\n ? detach_if_pending+0xab/0x200\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? detach_if_pending+0xab/0x200\n kasan_report+0xda/0x110\n ? detach_if_pending+0xab/0x200\n detach_if_pending+0xab/0x200\n timer_delete+0x96/0xe0\n ? __pfx_timer_delete+0x10/0x10\n ? rcu_is_watching+0x20/0x50\n try_to_grab_pending+0x46/0x3b0\n __cancel_work+0x89/0x1b0\n ? __pfx___cancel_work+0x10/0x10\n ? kasan_save_track+0x14/0x30\n cifs_close_deferred_file+0x110/0x2c0 [cifs]\n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n ? __pfx_down_read+0x10/0x10\n cifs_oplock_break+0x4c1/0xa50 [cifs]\n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n ? lock_is_held_type+0x85/0xf0\n ? mark_held_locks+0x1a/0x90\n process_one_work+0x4c6/0x9f0\n ? find_held_lock+0x8a/0xa0\n ? __pfx_process_one_work+0x10/0x10\n ? lock_acquired+0x220/0x550\n ? __list_add_valid_or_report+0x37/0x100\n worker_thread+0x2e4/0x570\n ? __kthread_parkme+0xd1/0xf0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x17f/0x1c0\n ? kthread+0xda/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 1118:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n cifs_atomic_open+0x467/0x770 [cifs]\n lookup_open.isra.0+0x665/0x8b0\n path_openat+0x4c3/0x1380\n do_filp_open+0x167/0x270\n do_sys_openat2+0x129/0x160\n __x64_sys_creat+0xad/0xe0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 83:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n poison_slab_object+0xe9/0x160\n __kasan_slab_free+0x32/0x50\n kfree+0xf2/0x300\n process_one_work+0x4c6/0x9f0\n worker_thread+0x2e4/0x570\n kthread+0x17f/0x1c0\n ret_from_fork+0x31/0x60\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x30/0x50\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x29/0xe0\n __queue_work+0x5ea/0x760\n queue_work_on+0x6d/0x90\n _cifsFileInfo_put+0x3f6/0x770 [cifs]\n smb2_compound_op+0x911/0x3940 [cifs]\n smb2_set_path_size+0x228/0x270 [cifs]\n cifs_set_file_size+0x197/0x460 [cifs]\n cifs_setattr+0xd9c/0x14b0 [cifs]\n notify_change+0x4e3/0x740\n do_truncate+0xfa/0x180\n vfs_truncate+0x195/0x200\n __x64_sys_truncate+0x109/0x150\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46796",
"url": "https://www.suse.com/security/cve/CVE-2024-46796"
},
{
"category": "external",
"summary": "SUSE Bug 1230832 for CVE-2024-46796",
"url": "https://bugzilla.suse.com/1230832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session-\u003etunnel is non-NULL. However, session-\u003etunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession-\u003etunnel is non-NULL when the tunnel refcount hasn\u0027t been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession-\u003etunnel to get the tunnel\u0027s encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session-\u003etunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn\u0027t yet have session-\u003etunnel set. Add a check for\nthis case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49940",
"url": "https://www.suse.com/security/cve/CVE-2024-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1232812 for CVE-2024-49940",
"url": "https://bugzilla.suse.com/1232812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n\u0027ea is initialized to NULL\u0027 -\u003e \u0027first successful memory allocation for\nea\u0027 -\u003e \u0027something failed, goto sea_exit\u0027 -\u003e \u0027first memory release for ea\u0027\n-\u003e \u0027goto replay_again\u0027 -\u003e \u0027second goto sea_exit before allocate memory\nfor ea\u0027 -\u003e \u0027second memory release for ea resulted in double free\u0027.\n\nRe-initialie \u0027ea\u0027 to NULL near to the replay_again label, it can fix this\ndouble free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50152",
"url": "https://www.suse.com/security/cve/CVE-2024-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1233033 for CVE-2024-50152",
"url": "https://bugzilla.suse.com/1233033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-52559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52559",
"url": "https://www.suse.com/security/cve/CVE-2024-52559"
},
{
"category": "external",
"summary": "SUSE Bug 1238507 for CVE-2024-52559",
"url": "https://bugzilla.suse.com/1238507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core-indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a \u0027possible circular locking dependency detected\u0027 warning\n CPU0 CPU1\n ---- ----\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n\nFix this by temporarily releasing the reset_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57807",
"url": "https://www.suse.com/security/cve/CVE-2024-57807"
},
{
"category": "external",
"summary": "SUSE Bug 1235761 for CVE-2024-57807",
"url": "https://bugzilla.suse.com/1235761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread\n\nsyzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1]\n\nIf dvb-\u003emux is not initialized successfully by vidtv_mux_init() in the\nvidtv_start_streaming(), it will trigger null pointer dereference about mux\nin vidtv_mux_stop_thread().\n\nAdjust the timing of streaming initialization and check it before\nstopping it.\n\n[1]\nKASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]\nCPU: 0 UID: 0 PID: 5842 Comm: syz-executor248 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:vidtv_mux_stop_thread+0x26/0x80 drivers/media/test-drivers/vidtv/vidtv_mux.c:471\nCode: 90 90 90 90 66 0f 1f 00 55 53 48 89 fb e8 82 2e c8 f9 48 8d bb 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 02 7e 3b 0f b6 ab 28 01 00 00 31 ff 89 ee e8\nRSP: 0018:ffffc90003f2faa8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87cfb125\nRDX: 0000000000000025 RSI: ffffffff87d120ce RDI: 0000000000000128\nRBP: ffff888029b8d220 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000003 R12: ffff888029b8d188\nR13: ffffffff8f590aa0 R14: ffffc9000581c5c8 R15: ffff888029a17710\nFS: 00007f7eef5156c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7eef5e635c CR3: 0000000076ca6000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vidtv_stop_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:209 [inline]\n vidtv_stop_feed+0x151/0x250 drivers/media/test-drivers/vidtv/vidtv_bridge.c:252\n dmx_section_feed_stop_filtering+0x90/0x160 drivers/media/dvb-core/dvb_demux.c:1000\n dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270 drivers/media/dvb-core/dmxdev.c:486\n dvb_dmxdev_filter_stop+0x22a/0x3a0 drivers/media/dvb-core/dmxdev.c:559\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3f8/0xb60 fs/file_table.c:450\n task_work_run+0x14e/0x250 kernel/task_work.c:239\n get_signal+0x1d3/0x2610 kernel/signal.c:2790\n arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218\n do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57834",
"url": "https://www.suse.com/security/cve/CVE-2024-57834"
},
{
"category": "external",
"summary": "SUSE Bug 1238993 for CVE-2024-57834",
"url": "https://bugzilla.suse.com/1238993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user. It comes from\nprocess_responses(). On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug. Use size_add() to prevent this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57973",
"url": "https://www.suse.com/security/cve/CVE-2024-57973"
},
{
"category": "external",
"summary": "SUSE Bug 1238531 for CVE-2024-57973",
"url": "https://bugzilla.suse.com/1238531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Fix potential error pointer dereference in detach_pm()\n\nThe proble is on the first line:\n\n\tif (jpeg-\u003epd_dev[i] \u0026\u0026 !pm_runtime_suspended(jpeg-\u003epd_dev[i]))\n\nIf jpeg-\u003epd_dev[i] is an error pointer, then passing it to\npm_runtime_suspended() will lead to an Oops. The other conditions\ncheck for both error pointers and NULL, but it would be more clear to\nuse the IS_ERR_OR_NULL() check for that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57978",
"url": "https://www.suse.com/security/cve/CVE-2024-57978"
},
{
"category": "external",
"summary": "SUSE Bug 1238523 for CVE-2024-57978",
"url": "https://bugzilla.suse.com/1238523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: Fix a use-after-free\n\nOn a board running ntpd and gpsd, I\u0027m seeing a consistent use-after-free\nin sys_exit() from gpsd when rebooting:\n\n pps pps1: removed\n ------------[ cut here ]------------\n kobject: \u0027(null)\u0027 (00000000db4bec24): is not initialized, yet kobject_put() is being called.\n WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150\n CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1\n Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : kobject_put+0x120/0x150\n lr : kobject_put+0x120/0x150\n sp : ffffffc0803d3ae0\n x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001\n x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440\n x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600\n x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20\n x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n kobject_put+0x120/0x150\n cdev_put+0x20/0x3c\n __fput+0x2c4/0x2d8\n ____fput+0x1c/0x38\n task_work_run+0x70/0xfc\n do_exit+0x2a0/0x924\n do_group_exit+0x34/0x90\n get_signal+0x7fc/0x8c0\n do_signal+0x128/0x13b4\n do_notify_resume+0xdc/0x160\n el0_svc+0xd4/0xf8\n el0t_64_sync_handler+0x140/0x14c\n el0t_64_sync+0x190/0x194\n ---[ end trace 0000000000000000 ]---\n\n...followed by more symptoms of corruption, with similar stacks:\n\n refcount_t: underflow; use-after-free.\n kernel BUG at lib/list_debug.c:62!\n Kernel panic - not syncing: Oops - BUG: Fatal exception\n\nThis happens because pps_device_destruct() frees the pps_device with the\nembedded cdev immediately after calling cdev_del(), but, as the comment\nabove cdev_del() notes, fops for previously opened cdevs are still\ncallable even after cdev_del() returns. I think this bug has always\nbeen there: I can\u0027t explain why it suddenly started happening every time\nI reboot this particular board.\n\nIn commit d953e0e837e6 (\"pps: Fix a use-after free bug when\nunregistering a source.\"), George Spelvin suggested removing the\nembedded cdev. That seems like the simplest way to fix this, so I\u0027ve\nimplemented his suggestion, using __register_chrdev() with pps_idr\nbecoming the source of truth for which minor corresponds to which\ndevice.\n\nBut now that pps_idr defines userspace visibility instead of cdev_add(),\nwe need to be sure the pps-\u003edev refcount can\u0027t reach zero while\nuserspace can still find it again. So, the idr_remove() call moves to\npps_unregister_cdev(), and pps_idr now holds a reference to pps-\u003edev.\n\n pps_core: source serial1 got cdev (251:1)\n \u003c...\u003e\n pps pps1: removed\n pps_core: unregistering pps1\n pps_core: deallocating pps1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57979",
"url": "https://www.suse.com/security/cve/CVE-2024-57979"
},
{
"category": "external",
"summary": "SUSE Bug 1238521 for CVE-2024-57979",
"url": "https://bugzilla.suse.com/1238521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57980",
"url": "https://www.suse.com/security/cve/CVE-2024-57980"
},
{
"category": "external",
"summary": "SUSE Bug 1237911 for CVE-2024-57980",
"url": "https://bugzilla.suse.com/1237911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57981",
"url": "https://www.suse.com/security/cve/CVE-2024-57981"
},
{
"category": "external",
"summary": "SUSE Bug 1237912 for CVE-2024-57981",
"url": "https://bugzilla.suse.com/1237912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Fix assumption that Resolution Multipliers must be in Logical Collections\n\nA report in 2019 by the syzbot fuzzer was found to be connected to two\nerrors in the HID core associated with Resolution Multipliers. One of\nthe errors was fixed by commit ea427a222d8b (\"HID: core: Fix deadloop\nin hid_apply_multiplier.\"), but the other has not been fixed.\n\nThis error arises because hid_apply_multipler() assumes that every\nResolution Multiplier control is contained in a Logical Collection,\ni.e., there\u0027s no way the routine can ever set multiplier_collection to\nNULL. This is in spite of the fact that the function starts with a\nbig comment saying:\n\n\t * \"The Resolution Multiplier control must be contained in the same\n\t * Logical Collection as the control(s) to which it is to be applied.\n\t ...\n\t * If no Logical Collection is\n\t * defined, the Resolution Multiplier is associated with all\n\t * controls in the report.\"\n\t * HID Usage Table, v1.12, Section 4.3.1, p30\n\t *\n\t * Thus, search from the current collection upwards until we find a\n\t * logical collection...\n\nThe comment and the code overlook the possibility that none of the\ncollections found may be a Logical Collection.\n\nThe fix is to set the multiplier_collection pointer to NULL if the\ncollection found isn\u0027t a Logical Collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57986",
"url": "https://www.suse.com/security/cve/CVE-2024-57986"
},
{
"category": "external",
"summary": "SUSE Bug 1237907 for CVE-2024-57986",
"url": "https://bugzilla.suse.com/1237907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: fix off by one in mt7925_load_clc()\n\nThis comparison should be \u003e= instead of \u003e to prevent an out of bounds\nread and write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57990",
"url": "https://www.suse.com/security/cve/CVE-2024-57990"
},
{
"category": "external",
"summary": "SUSE Bug 1237900 for CVE-2024-57990",
"url": "https://bugzilla.suse.com/1237900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check\n\nsyzbot has found a type mismatch between a USB pipe and the transfer\nendpoint, which is triggered by the hid-thrustmaster driver[1].\nThere is a number of similar, already fixed issues [2].\nIn this case as in others, implementing check for endpoint type fixes the issue.\n\n[1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470\n[2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57993",
"url": "https://www.suse.com/security/cve/CVE-2024-57993"
},
{
"category": "external",
"summary": "SUSE Bug 1237894 for CVE-2024-57993",
"url": "https://bugzilla.suse.com/1237894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wcn36xx: fix channel survey memory allocation size\n\nKASAN reported a memory allocation issue in wcn-\u003echan_survey\ndue to incorrect size calculation.\nThis commit uses kcalloc to allocate memory for wcn-\u003echan_survey,\nensuring proper initialization and preventing the use of uninitialized\nvalues when there are no frames on the channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57997",
"url": "https://www.suse.com/security/cve/CVE-2024-57997"
},
{
"category": "external",
"summary": "SUSE Bug 1238529 for CVE-2024-57997",
"url": "https://bugzilla.suse.com/1238529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58002",
"url": "https://www.suse.com/security/cve/CVE-2024-58002"
},
{
"category": "external",
"summary": "SUSE Bug 1238503 for CVE-2024-58002",
"url": "https://bugzilla.suse.com/1238503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58005",
"url": "https://www.suse.com/security/cve/CVE-2024-58005"
},
{
"category": "external",
"summary": "SUSE Bug 1237873 for CVE-2024-58005",
"url": "https://bugzilla.suse.com/1237873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()\n\nIn commit 4284c88fff0e (\"PCI: designware-ep: Allow pci_epc_set_bar() update\ninbound map address\") set_bar() was modified to support dynamically\nchanging the backing physical address of a BAR that was already configured.\n\nThis means that set_bar() can be called twice, without ever calling\nclear_bar() (as calling clear_bar() would clear the BAR\u0027s PCI address\nassigned by the host).\n\nThis can only be done if the new BAR size/flags does not differ from the\nexisting BAR configuration. Add these missing checks.\n\nIf we allow set_bar() to set e.g. a new BAR size that differs from the\nexisting BAR size, the new address translation range will be smaller than\nthe BAR size already determined by the host, which would mean that a read\npast the new BAR size would pass the iATU untranslated, which could allow\nthe host to read memory not belonging to the new struct pci_epf_bar.\n\nWhile at it, add comments which clarifies the support for dynamically\nchanging the physical address of a BAR. (Which was also missing.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58006",
"url": "https://www.suse.com/security/cve/CVE-2024-58006"
},
{
"category": "external",
"summary": "SUSE Bug 1238772 for CVE-2024-58006",
"url": "https://bugzilla.suse.com/1238772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It\u0027s always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it\u0027s\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58007",
"url": "https://www.suse.com/security/cve/CVE-2024-58007"
},
{
"category": "external",
"summary": "SUSE Bug 1238511 for CVE-2024-58007",
"url": "https://bugzilla.suse.com/1238511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58009",
"url": "https://www.suse.com/security/cve/CVE-2024-58009"
},
{
"category": "external",
"summary": "SUSE Bug 1238760 for CVE-2024-58009",
"url": "https://bugzilla.suse.com/1238760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58011",
"url": "https://www.suse.com/security/cve/CVE-2024-58011"
},
{
"category": "external",
"summary": "SUSE Bug 1239080 for CVE-2024-58011",
"url": "https://bugzilla.suse.com/1239080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params\n\nEach cpu DAI should associate with a widget. However, the topology might\nnot create the right number of DAI widgets for aggregated amps. And it\nwill cause NULL pointer deference.\nCheck that the DAI widget associated with the CPU DAI is valid to prevent\nNULL pointer deference due to missing DAI widgets in topologies with\naggregated amps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58012",
"url": "https://www.suse.com/security/cve/CVE-2024-58012"
},
{
"category": "external",
"summary": "SUSE Bug 1239104 for CVE-2024-58012",
"url": "https://bugzilla.suse.com/1239104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58013",
"url": "https://www.suse.com/security/cve/CVE-2024-58013"
},
{
"category": "external",
"summary": "SUSE Bug 1239095 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "external",
"summary": "SUSE Bug 1239096 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58014",
"url": "https://www.suse.com/security/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "SUSE Bug 1239109 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "external",
"summary": "SUSE Bug 1239110 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58017",
"url": "https://www.suse.com/security/cve/CVE-2024-58017"
},
{
"category": "external",
"summary": "SUSE Bug 1239112 for CVE-2024-58017",
"url": "https://bugzilla.suse.com/1239112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()\n\nAs of_find_node_by_name() release the reference of the argument device\nnode, tegra_emc_find_node_by_ram_code() releases some device nodes while\nstill in use, resulting in possible UAFs. According to the bindings and\nthe in-tree DTS files, the \"emc-tables\" node is always device\u0027s child\nnode with the property \"nvidia,use-ram-code\", and the \"lpddr2\" node is a\nchild of the \"emc-tables\" node. Thus utilize the\nfor_each_child_of_node() macro and of_get_child_by_name() instead of\nof_find_node_by_name() to simplify the code.\n\nThis bug was found by an experimental verification tool that I am\ndeveloping.\n\n[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58034",
"url": "https://www.suse.com/security/cve/CVE-2024-58034"
},
{
"category": "external",
"summary": "SUSE Bug 1238773 for CVE-2024-58034",
"url": "https://bugzilla.suse.com/1238773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: ipmb: Add check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this\nreturned value is not checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58051",
"url": "https://www.suse.com/security/cve/CVE-2024-58051"
},
{
"category": "external",
"summary": "SUSE Bug 1238963 for CVE-2024-58051",
"url": "https://bugzilla.suse.com/1238963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58052",
"url": "https://www.suse.com/security/cve/CVE-2024-58052"
},
{
"category": "external",
"summary": "SUSE Bug 1238986 for CVE-2024-58052",
"url": "https://bugzilla.suse.com/1238986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: max96712: fix kernel oops when removing module\n\nThe following kernel oops is thrown when trying to remove the max96712\nmodule:\n\nUnable to handle kernel paging request at virtual address 00007375746174db\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000\n[00007375746174db] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan\n snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2\n imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev\n snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils\n max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse\n [last unloaded: imx8_isi]\nCPU: 0 UID: 0 PID: 754 Comm: rmmod\n\t Tainted: G C 6.12.0-rc6-06364-g327fec852c31 #17\nTainted: [C]=CRAP\nHardware name: NXP i.MX95 19X19 board (DT)\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : led_put+0x1c/0x40\nlr : v4l2_subdev_put_privacy_led+0x48/0x58\nsp : ffff80008699bbb0\nx29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000\nx26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8\nx20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000\nx11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010\nx8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\nx5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1\nx2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473\nCall trace:\n led_put+0x1c/0x40\n v4l2_subdev_put_privacy_led+0x48/0x58\n v4l2_async_unregister_subdev+0x2c/0x1a4\n max96712_remove+0x1c/0x38 [max96712]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x4c/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n max96712_i2c_driver_exit+0x18/0x1d0 [max96712]\n __arm64_sys_delete_module+0x1a4/0x290\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xd8\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\nCode: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400)\n---[ end trace 0000000000000000 ]---\n\nThis happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata()\nis called again and the data is overwritten to point to sd, instead of\npriv. So, in remove(), the wrong pointer is passed to\nv4l2_async_unregister_subdev(), leading to a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58054",
"url": "https://www.suse.com/security/cve/CVE-2024-58054"
},
{
"category": "external",
"summary": "SUSE Bug 1238975 for CVE-2024-58054",
"url": "https://bugzilla.suse.com/1238975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don\u0027t free command immediately\n\nDon\u0027t prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58055",
"url": "https://www.suse.com/security/cve/CVE-2024-58055"
},
{
"category": "external",
"summary": "SUSE Bug 1238959 for CVE-2024-58055",
"url": "https://bugzilla.suse.com/1238959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been initialized to 0.\nida_free() is called reporting a warning:\n[ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[ 4.188854] ida_free called for id=0 which is not allocated.\n[ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[ 4.231481] Hardware name: STM32 (Device Tree Support)\n[ 4.236627] Workqueue: events_unbound deferred_probe_work_func\n[ 4.242504] Call trace:\n[ 4.242522] unwind_backtrace from show_stack+0x10/0x14\n[ 4.250218] show_stack from dump_stack_lvl+0x50/0x64\n[ 4.255274] dump_stack_lvl from __warn+0x80/0x12c\n[ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188\n[ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164\n[ 4.270565] ida_free from rproc_type_release+0x38/0x60\n[ 4.275832] rproc_type_release from device_release+0x30/0xa0\n[ 4.281601] device_release from kobject_put+0xc4/0x294\n[ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c\n[ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58056",
"url": "https://www.suse.com/security/cve/CVE-2024-58056"
},
{
"category": "external",
"summary": "SUSE Bug 1238981 for CVE-2024-58056",
"url": "https://bugzilla.suse.com/1238981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert workqueues to unbound\n\nWhen a workqueue is created with `WQ_UNBOUND`, its work items are\nserved by special worker-pools, whose host workers are not bound to\nany specific CPU. In the default configuration (i.e. when\n`queue_delayed_work` and friends do not specify which CPU to run the\nwork item on), `WQ_UNBOUND` allows the work item to be executed on any\nCPU in the same node of the CPU it was enqueued on. While this\nsolution potentially sacrifices locality, it avoids contention with\nother processes that might dominate the CPU time of the processor the\nwork item was scheduled on.\n\nThis is not just a theoretical problem: in a particular scenario\nmisconfigured process was hogging most of the time from CPU0, leaving\nless than 0.5% of its CPU time to the kworker. The IDPF workqueues\nthat were using the kworker on CPU0 suffered large completion delays\nas a result, causing performance degradation, timeouts and eventual\nsystem crash.\n\n\n* I have also run a manual test to gauge the performance\n improvement. The test consists of an antagonist process\n (`./stress --cpu 2`) consuming as much of CPU 0 as possible. This\n process is run under `taskset 01` to bind it to CPU0, and its\n priority is changed with `chrt -pQ 9900 10000 ${pid}` and\n `renice -n -20 ${pid}` after start.\n\n Then, the IDPF driver is forced to prefer CPU0 by editing all calls\n to `queue_delayed_work`, `mod_delayed_work`, etc... to use CPU 0.\n\n Finally, `ktraces` for the workqueue events are collected.\n\n Without the current patch, the antagonist process can force\n arbitrary delays between `workqueue_queue_work` and\n `workqueue_execute_start`, that in my tests were as high as\n `30ms`. With the current patch applied, the workqueue can be\n migrated to another unloaded CPU in the same node, and, keeping\n everything else equal, the maximum delay I could see was `6us`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58057",
"url": "https://www.suse.com/security/cve/CVE-2024-58057"
},
{
"category": "external",
"summary": "SUSE Bug 1238969 for CVE-2024-58057",
"url": "https://bugzilla.suse.com/1238969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58058",
"url": "https://www.suse.com/security/cve/CVE-2024-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1238979 for CVE-2024-58058",
"url": "https://bugzilla.suse.com/1238979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58061",
"url": "https://www.suse.com/security/cve/CVE-2024-58061"
},
{
"category": "external",
"summary": "SUSE Bug 1238973 for CVE-2024-58061",
"url": "https://bugzilla.suse.com/1238973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58063",
"url": "https://www.suse.com/security/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "SUSE Bug 1238984 for CVE-2024-58063",
"url": "https://bugzilla.suse.com/1238984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read\n\nThe nvmem interface supports variable buffer sizes, while the regmap\ninterface operates with fixed-size storage. If an nvmem client uses a\nbuffer size less than 4 bytes, regmap_read will write out of bounds\nas it expects the buffer to point at an unsigned int.\n\nFix this by using an intermediary unsigned int to hold the value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58069",
"url": "https://www.suse.com/security/cve/CVE-2024-58069"
},
{
"category": "external",
"summary": "SUSE Bug 1238978 for CVE-2024-58069",
"url": "https://bugzilla.suse.com/1238978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58072",
"url": "https://www.suse.com/security/cve/CVE-2024-58072"
},
{
"category": "external",
"summary": "SUSE Bug 1238964 for CVE-2024-58072",
"url": "https://bugzilla.suse.com/1238964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58076",
"url": "https://www.suse.com/security/cve/CVE-2024-58076"
},
{
"category": "external",
"summary": "SUSE Bug 1239037 for CVE-2024-58076",
"url": "https://bugzilla.suse.com/1239037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n\u003e \u003e WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n\u003e \u003e ida_free called for id=127 which is not allocated.\n\u003e \u003e \u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\n...\n\u003e \u003e [\u003c60941eb4\u003e] ida_free+0x3e0/0x41f\n\u003e \u003e [\u003c605ac993\u003e] misc_minor_free+0x3e/0xbc\n\u003e \u003e [\u003c605acb82\u003e] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58078",
"url": "https://www.suse.com/security/cve/CVE-2024-58078"
},
{
"category": "external",
"summary": "SUSE Bug 1239034 for CVE-2024-58078",
"url": "https://bugzilla.suse.com/1239034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58079",
"url": "https://www.suse.com/security/cve/CVE-2024-58079"
},
{
"category": "external",
"summary": "SUSE Bug 1239029 for CVE-2024-58079",
"url": "https://bugzilla.suse.com/1239029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58080",
"url": "https://www.suse.com/security/cve/CVE-2024-58080"
},
{
"category": "external",
"summary": "SUSE Bug 1239027 for CVE-2024-58080",
"url": "https://bugzilla.suse.com/1239027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don\u0027t emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58085",
"url": "https://www.suse.com/security/cve/CVE-2024-58085"
},
{
"category": "external",
"summary": "SUSE Bug 1239085 for CVE-2024-58085",
"url": "https://bugzilla.suse.com/1239085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58086",
"url": "https://www.suse.com/security/cve/CVE-2024-58086"
},
{
"category": "external",
"summary": "SUSE Bug 1239038 for CVE-2024-58086",
"url": "https://bugzilla.suse.com/1239038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2025-21631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix waker_bfqq UAF after bfq_split_bfqq()\n\nOur syzkaller report a following UAF for v6.6:\n\nBUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\nRead of size 8 at addr ffff8881b57147d8 by task fsstress/232726\n\nCPU: 2 PID: 232726 Comm: fsstress Not tainted 6.6.0-g3629d1885222 #39\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\n print_report+0x3e/0x70 mm/kasan/report.c:475\n kasan_report+0xb8/0xf0 mm/kasan/report.c:588\n hlist_add_head include/linux/list.h:1023 [inline]\n bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh+0x15e/0x2e0 fs/ext4/super.c:230\n __read_extent_tree_block+0x304/0x6f0 fs/ext4/extents.c:567\n ext4_find_extent+0x479/0xd20 fs/ext4/extents.c:947\n ext4_ext_map_blocks+0x1a3/0x2680 fs/ext4/extents.c:4182\n ext4_map_blocks+0x929/0x15a0 fs/ext4/inode.c:660\n ext4_iomap_begin_report+0x298/0x480 fs/ext4/inode.c:3569\n iomap_iter+0x3dd/0x1010 fs/iomap/iter.c:91\n iomap_fiemap+0x1f4/0x360 fs/iomap/fiemap.c:80\n ext4_fiemap+0x181/0x210 fs/ext4/extents.c:5051\n ioctl_fiemap.isra.0+0x1b4/0x290 fs/ioctl.c:220\n do_vfs_ioctl+0x31c/0x11a0 fs/ioctl.c:811\n __do_sys_ioctl fs/ioctl.c:869 [inline]\n __se_sys_ioctl+0xae/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nAllocated by task 232719:\n kasan_save_stack+0x22/0x50 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:768 [inline]\n slab_alloc_node mm/slub.c:3492 [inline]\n kmem_cache_alloc_node+0x1b8/0x6f0 mm/slub.c:3537\n bfq_get_queue+0x215/0x1f00 block/bfq-iosched.c:5869\n bfq_get_bfqq_handle_split+0x167/0x5f0 block/bfq-iosched.c:6776\n bfq_init_rq+0x13a4/0x17a0 block/bfq-iosched.c:6938\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh_nowait+0x15a/0x240 fs/ext4/super.c:217\n ext4_read_bh_lock+0xac/0xd0 fs/ext4/super.c:242\n ext4_bread_batch+0x268/0x500 fs/ext4/inode.c:958\n __ext4_find_entry+0x448/0x10f0 fs/ext4/namei.c:1671\n ext4_lookup_entry fs/ext4/namei.c:1774 [inline]\n ext4_lookup.part.0+0x359/0x6f0 fs/ext4/namei.c:1842\n ext4_lookup+0x72/0x90 fs/ext4/namei.c:1839\n __lookup_slow+0x257/0x480 fs/namei.c:1696\n lookup_slow fs/namei.c:1713 [inline]\n walk_component+0x454/0x5c0 fs/namei.c:2004\n link_path_walk.part.0+0x773/0xda0 fs/namei.c:2331\n link_path_walk fs/namei.c:3826 [inline]\n path_openat+0x1b9/0x520 fs/namei.c:3826\n do_filp_open+0x1b7/0x400 fs/namei.c:3857\n do_sys_openat2+0x5dc/0x6e0 fs/open.c:1428\n do_sys_open fs/open.c:1443 [inline]\n __do_sys_openat fs/open.c:1459 [inline]\n __se_sys_openat fs/open.c:1454 [inline]\n __x64_sys_openat+0x148/0x200 fs/open.c:1454\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_6\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21631",
"url": "https://www.suse.com/security/cve/CVE-2025-21631"
},
{
"category": "external",
"summary": "SUSE Bug 1236099 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "external",
"summary": "SUSE Bug 1236100 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram-\u003etable without\nsetting it NULL. Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21671",
"url": "https://www.suse.com/security/cve/CVE-2025-21671"
},
{
"category": "external",
"summary": "SUSE Bug 1236692 for CVE-2025-21671",
"url": "https://bugzilla.suse.com/1236692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that\u0027s discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21693",
"url": "https://www.suse.com/security/cve/CVE-2025-21693"
},
{
"category": "external",
"summary": "SUSE Bug 1237029 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "external",
"summary": "SUSE Bug 1237047 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdc-acm: Check control transfer buffer size before access\n\nIf the first fragment is shorter than struct usb_cdc_notification, we can\u0027t\ncalculate an expected_size. Log an error and discard the notification\ninstead of reading lengths from memory outside the received data, which can\nlead to memory corruption when the expected_size decreases between\nfragments, causing `expected_size - acm-\u003enb_index` to wrap.\n\nThis issue has been present since the beginning of git history; however,\nit only leads to memory corruption since commit ea2583529cd1\n(\"cdc-acm: reassemble fragmented notifications\").\n\nA mitigating factor is that acm_ctrl_irq() can only execute after userspace\nhas opened /dev/ttyACM*; but if ModemManager is running, ModemManager will\ndo that automatically depending on the USB device\u0027s vendor/product IDs and\nits other interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21704",
"url": "https://www.suse.com/security/cve/CVE-2025-21704"
},
{
"category": "external",
"summary": "SUSE Bug 1237571 for CVE-2025-21704",
"url": "https://bugzilla.suse.com/1237571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: enable basic endpoint checking\n\nSyzkaller reports [1] encountering a common issue of utilizing a wrong\nusb endpoint type during URB submitting stage. This, in turn, triggers\na warning shown below.\n\nFor now, enable simple endpoint checking (specifically, bulk and\ninterrupt eps, testing control one is not essential) to mitigate\nthe issue with a view to do other related cosmetic changes later,\nif they are necessary.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 1 PID: 2586 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 driv\u003e\nModules linked in:\nCPU: 1 UID: 0 PID: 2586 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00069-gfc88bb11617\u003e\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nCode: 84 3c 02 00 00 e8 05 e4 fc fc 4c 89 ef e8 fd 25 d7 fe 45 89 e0 89 e9 4c 89 f2 48 8\u003e\nRSP: 0018:ffffc9000441f740 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888112487a00 RCX: ffffffff811a99a9\nRDX: ffff88810df6ba80 RSI: ffffffff811a99b6 RDI: 0000000000000001\nRBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff8881023bf0a8 R14: ffff888112452a20 R15: ffff888112487a7c\nFS: 00007fc04eea5740(0000) GS:ffff8881f6300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0a1de9f870 CR3: 000000010dbd0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rtl8150_open+0x300/0xe30 drivers/net/usb/rtl8150.c:733\n __dev_open+0x2d4/0x4e0 net/core/dev.c:1474\n __dev_change_flags+0x561/0x720 net/core/dev.c:8838\n dev_change_flags+0x8f/0x160 net/core/dev.c:8910\n devinet_ioctl+0x127a/0x1f10 net/ipv4/devinet.c:1177\n inet_ioctl+0x3aa/0x3f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x116/0x280 net/socket.c:1222\n sock_ioctl+0x22e/0x6c0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fc04ef73d49\n...\n\nThis change has not been tested on real hardware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21708",
"url": "https://www.suse.com/security/cve/CVE-2025-21708"
},
{
"category": "external",
"summary": "SUSE Bug 1239087 for CVE-2025-21708",
"url": "https://bugzilla.suse.com/1239087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rose: prevent integer overflows in rose_setsockopt()\n\nIn case of possible unpredictably large arguments passed to\nrose_setsockopt() and multiplied by extra values on top of that,\ninteger overflows may occur.\n\nDo the safest minimum and fix these issues by checking the\ncontents of \u0027opt\u0027 and returning -EINVAL if they are too large. Also,\nswitch to unsigned int and remove useless check for negative \u0027opt\u0027\nin ROSE_IDLE case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21711",
"url": "https://www.suse.com/security/cve/CVE-2025-21711"
},
{
"category": "external",
"summary": "SUSE Bug 1239114 for CVE-2025-21711",
"url": "https://bugzilla.suse.com/1239114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP use after free\n\nPrevent double queueing of implicit ODP mr destroy work by using\n__xa_cmpxchg() to make sure this is the only time we are destroying this\nspecific mr.\n\nWithout this change, we could try to invalidate this mr twice, which in\nturn could result in queuing a MR work destroy twice, and eventually the\nsecond work could execute after the MR was freed due to the first work,\ncausing a user after free and trace below.\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 2 PID: 12178 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x130\n Modules linked in: bonding ib_ipoib vfio_pci ip_gre geneve nf_tables ip6_gre gre ip6_tunnel tunnel6 ipip tunnel4 ib_umad rdma_ucm mlx5_vfio_pci vfio_pci_core vfio_iommu_type1 mlx5_ib vfio ib_uverbs mlx5_core iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\n CPU: 2 PID: 12178 Comm: kworker/u20:5 Not tainted 6.5.0-rc1_net_next_mlx5_58c644e #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events_unbound free_implicit_child_mr_work [mlx5_ib]\n RIP: 0010:refcount_warn_saturate+0x12b/0x130\n Code: 48 c7 c7 38 95 2a 82 c6 05 bc c6 fe 00 01 e8 0c 66 aa ff 0f 0b 5b c3 48 c7 c7 e0 94 2a 82 c6 05 a7 c6 fe 00 01 e8 f5 65 aa ff \u003c0f\u003e 0b 5b c3 90 8b 07 3d 00 00 00 c0 74 12 83 f8 01 74 13 8d 50 ff\n RSP: 0018:ffff8881008e3e40 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000027\n RDX: ffff88852c91b5c8 RSI: 0000000000000001 RDI: ffff88852c91b5c0\n RBP: ffff8881dacd4e00 R08: 00000000ffffffff R09: 0000000000000019\n R10: 000000000000072e R11: 0000000063666572 R12: ffff88812bfd9e00\n R13: ffff8881c792d200 R14: ffff88810011c005 R15: ffff8881002099c0\n FS: 0000000000000000(0000) GS:ffff88852c900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5694b5e000 CR3: 00000001153f6003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0x12b/0x130\n free_implicit_child_mr_work+0x180/0x1b0 [mlx5_ib]\n process_one_work+0x1cc/0x3c0\n worker_thread+0x218/0x3c0\n kthread+0xc6/0xf0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21714",
"url": "https://www.suse.com/security/cve/CVE-2025-21714"
},
{
"category": "external",
"summary": "SUSE Bug 1237890 for CVE-2025-21714",
"url": "https://bugzilla.suse.com/1237890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21718",
"url": "https://www.suse.com/security/cve/CVE-2025-21718"
},
{
"category": "external",
"summary": "SUSE Bug 1239073 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "external",
"summary": "SUSE Bug 1239074 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239074"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix possible crash when setting up bsg fails\n\nIf bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.\nConsequently, in mpi3mr_bsg_exit(), the condition \"if(!mrioc-\u003ebsg_queue)\"\nwill not be satisfied, preventing execution from entering\nbsg_remove_queue(), which could lead to the following crash:\n\nBUG: kernel NULL pointer dereference, address: 000000000000041c\nCall Trace:\n \u003cTASK\u003e\n mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr]\n mpi3mr_remove+0x6f/0x340 [mpi3mr]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x19d/0x220\n unbind_store+0xa4/0xb0\n kernfs_fop_write_iter+0x11f/0x200\n vfs_write+0x1fc/0x3e0\n ksys_write+0x67/0xe0\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0xe2",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21723",
"url": "https://www.suse.com/security/cve/CVE-2025-21723"
},
{
"category": "external",
"summary": "SUSE Bug 1238864 for CVE-2025-21723",
"url": "https://bugzilla.suse.com/1238864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: avoid UAF for reorder_work\n\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\n\ncrypto_request\t\t\tcrypto_request\t\tcrypto_del_alg\npadata_do_serial\n ...\n padata_reorder\n // processes all remaining\n // requests then breaks\n while (1) {\n if (!padata)\n break;\n ...\n }\n\n\t\t\t\tpadata_do_serial\n\t\t\t\t // new request added\n\t\t\t\t list_add\n // sees the new request\n queue_work(reorder_work)\n\t\t\t\t padata_reorder\n\t\t\t\t queue_work_on(squeue-\u003ework)\n...\n\n\t\t\t\t\u003ckworker context\u003e\n\t\t\t\tpadata_serial_worker\n\t\t\t\t// completes new request,\n\t\t\t\t// no more outstanding\n\t\t\t\t// requests\n\n\t\t\t\t\t\t\tcrypto_del_alg\n\t\t\t\t\t\t\t // free pd\n\n\u003ckworker context\u003e\ninvoke_padata_reorder\n // UAF of pd\n\nTo avoid UAF for \u0027reorder_work\u0027, get \u0027pd\u0027 ref before put \u0027reorder_work\u0027\ninto the \u0027serial_wq\u0027 and put \u0027pd\u0027 ref until the \u0027serial_wq\u0027 finish.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21726",
"url": "https://www.suse.com/security/cve/CVE-2025-21726"
},
{
"category": "external",
"summary": "SUSE Bug 1238865 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "external",
"summary": "SUSE Bug 1240837 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1240837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf \u0027mdelay(10)\u0027 is added before calling \u0027padata_find_next\u0027 in the\n\u0027padata_reorder\u0027 function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(\u0026pd-\u003erefcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps-\u003epd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in \u0027while\u0027, if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n\u0027padata_find_next\u0027, which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in \u0027padata_free_shell\u0027 wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21727",
"url": "https://www.suse.com/security/cve/CVE-2025-21727"
},
{
"category": "external",
"summary": "SUSE Bug 1237876 for CVE-2025-21727",
"url": "https://bugzilla.suse.com/1237876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd-\u003erecv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -\u003e succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -\u003e succeed\n nbd_reconnect_socket\n queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -\u003e nbd_config is freed\n atomic_dec(\u0026config-\u003erecv_threads)\n -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21731",
"url": "https://www.suse.com/security/cve/CVE-2025-21731"
},
{
"category": "external",
"summary": "SUSE Bug 1237881 for CVE-2025-21731",
"url": "https://bugzilla.suse.com/1237881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error\n\nThis patch addresses a race condition for an ODP MR that can result in a\nCQE with an error on the UMR QP.\n\nDuring the __mlx5_ib_dereg_mr() flow, the following sequence of calls\noccurs:\n\nmlx5_revoke_mr()\n mlx5r_umr_revoke_mr()\n mlx5r_umr_post_send_wait()\n\nAt this point, the lkey is freed from the hardware\u0027s perspective.\n\nHowever, concurrently, mlx5_ib_invalidate_range() might be triggered by\nanother task attempting to invalidate a range for the same freed lkey.\n\nThis task will:\n - Acquire the umem_odp-\u003eumem_mutex lock.\n - Call mlx5r_umr_update_xlt() on the UMR QP.\n - Since the lkey has already been freed, this can lead to a CQE error,\n causing the UMR QP to enter an error state [1].\n\nTo resolve this race condition, the umem_odp-\u003eumem_mutex lock is now also\nacquired as part of the mlx5_revoke_mr() scope. Upon successful revoke,\nwe set umem_odp-\u003eprivate which points to that MR to NULL, preventing any\nfurther invalidation attempts on its lkey.\n\n[1] From dmesg:\n\n infiniband rocep8s0f0: dump_cqe:277:(pid 0): WC error: 6, Message: memory bind operation error\n cqe_dump: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000030: 00 00 00 00 08 00 78 06 25 00 11 b9 00 0e dd d2\n\n WARNING: CPU: 15 PID: 1506 at drivers/infiniband/hw/mlx5/umr.c:394 mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n Modules linked in: ip6table_mangle ip6table_natip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\n CPU: 15 UID: 0 PID: 1506 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1626\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n [..]\n Call Trace:\n \u003cTASK\u003e\n mlx5r_umr_update_xlt+0x23c/0x3e0 [mlx5_ib]\n mlx5_ib_invalidate_range+0x2e1/0x330 [mlx5_ib]\n __mmu_notifier_invalidate_range_start+0x1e1/0x240\n zap_page_range_single+0xf1/0x1a0\n madvise_vma_behavior+0x677/0x6e0\n do_madvise+0x1a2/0x4b0\n __x64_sys_madvise+0x25/0x30\n do_syscall_64+0x6b/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21732",
"url": "https://www.suse.com/security/cve/CVE-2025-21732"
},
{
"category": "external",
"summary": "SUSE Bug 1237877 for CVE-2025-21732",
"url": "https://bugzilla.suse.com/1237877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Fix resetting of tracepoints\n\nIf a timerlat tracer is started with the osnoise option OSNOISE_WORKLOAD\ndisabled, but then that option is enabled and timerlat is removed, the\ntracepoints that were enabled on timerlat registration do not get\ndisabled. If the option is disabled again and timelat is started, then it\ntriggers a warning in the tracepoint code due to registering the\ntracepoint again without ever disabling it.\n\nDo not use the same user space defined options to know to disable the\ntracepoints when timerlat is removed. Instead, set a global flag when it\nis enabled and use that flag to know to disable the events.\n\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n ~# echo OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo nop \u003e /sys/kernel/tracing/current_tracer\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n\nTriggers:\n\n ------------[ cut here ]------------\n WARNING: CPU: 6 PID: 1337 at kernel/tracepoint.c:294 tracepoint_add_func+0x3b6/0x3f0\n Modules linked in:\n CPU: 6 UID: 0 PID: 1337 Comm: rtla Not tainted 6.13.0-rc4-test-00018-ga867c441128e-dirty #73\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:tracepoint_add_func+0x3b6/0x3f0\n Code: 48 8b 53 28 48 8b 73 20 4c 89 04 24 e8 23 59 11 00 4c 8b 04 24 e9 36 fe ff ff 0f 0b b8 ea ff ff ff 45 84 e4 0f 84 68 fe ff ff \u003c0f\u003e 0b e9 61 fe ff ff 48 8b 7b 18 48 85 ff 0f 84 4f ff ff ff 49 8b\n RSP: 0018:ffffb9b003a87ca0 EFLAGS: 00010202\n RAX: 00000000ffffffef RBX: ffffffff92f30860 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9bf59e91ccd0 RDI: ffffffff913b6410\n RBP: 000000000000000a R08: 00000000000005c7 R09: 0000000000000002\n R10: ffffb9b003a87ce0 R11: 0000000000000002 R12: 0000000000000001\n R13: ffffb9b003a87ce0 R14: ffffffffffffffef R15: 0000000000000008\n FS: 00007fce81209240(0000) GS:ffff9bf6fdd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055e99b728000 CR3: 00000001277c0002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ? __warn.cold+0xb7/0x14d\n ? tracepoint_add_func+0x3b6/0x3f0\n ? report_bug+0xea/0x170\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? tracepoint_add_func+0x3b6/0x3f0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n tracepoint_probe_register+0x78/0xb0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n osnoise_workload_start+0x2b5/0x370\n timerlat_tracer_init+0x76/0x1b0\n tracing_set_tracer+0x244/0x400\n tracing_set_trace_write+0xa0/0xe0\n vfs_write+0xfc/0x570\n ? do_sys_openat2+0x9c/0xe0\n ksys_write+0x72/0xf0\n do_syscall_64+0x79/0x1c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21733",
"url": "https://www.suse.com/security/cve/CVE-2025-21733"
},
{
"category": "external",
"summary": "SUSE Bug 1238494 for CVE-2025-21733",
"url": "https://bugzilla.suse.com/1238494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21734",
"url": "https://www.suse.com/security/cve/CVE-2025-21734"
},
{
"category": "external",
"summary": "SUSE Bug 1238734 for CVE-2025-21734",
"url": "https://bugzilla.suse.com/1238734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21735",
"url": "https://www.suse.com/security/cve/CVE-2025-21735"
},
{
"category": "external",
"summary": "SUSE Bug 1238497 for CVE-2025-21735",
"url": "https://bugzilla.suse.com/1238497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix possible int overflows in nilfs_fiemap()\n\nSince nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result\nby being prepared to go through potentially maxblocks == INT_MAX blocks,\nthe value in n may experience an overflow caused by left shift of blkbits.\n\nWhile it is extremely unlikely to occur, play it safe and cast right hand\nexpression to wider type to mitigate the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with static analysis\ntool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21736",
"url": "https://www.suse.com/security/cve/CVE-2025-21736"
},
{
"category": "external",
"summary": "SUSE Bug 1238715 for CVE-2025-21736",
"url": "https://bugzilla.suse.com/1238715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21738",
"url": "https://www.suse.com/security/cve/CVE-2025-21738"
},
{
"category": "external",
"summary": "SUSE Bug 1238917 for CVE-2025-21738",
"url": "https://bugzilla.suse.com/1238917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21741",
"url": "https://www.suse.com/security/cve/CVE-2025-21741"
},
{
"category": "external",
"summary": "SUSE Bug 1238767 for CVE-2025-21741",
"url": "https://bugzilla.suse.com/1238767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21742",
"url": "https://www.suse.com/security/cve/CVE-2025-21742"
},
{
"category": "external",
"summary": "SUSE Bug 1238771 for CVE-2025-21742",
"url": "https://bugzilla.suse.com/1238771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix possible overflow in DPE length check\n\nOriginally, it was possible for the DPE length check to overflow if\nwDatagramIndex + wDatagramLength \u003e U16_MAX. This could lead to an OoB\nread.\n\nMove the wDatagramIndex term to the other side of the inequality.\n\nAn existing condition ensures that wDatagramIndex \u003c urb-\u003eactual_length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21743",
"url": "https://www.suse.com/security/cve/CVE-2025-21743"
},
{
"category": "external",
"summary": "SUSE Bug 1238781 for CVE-2025-21743",
"url": "https://bugzilla.suse.com/1238781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr-\u003eif2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp-\u003endev-\u003estats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21744",
"url": "https://www.suse.com/security/cve/CVE-2025-21744"
},
{
"category": "external",
"summary": "SUSE Bug 1238903 for CVE-2025-21744",
"url": "https://bugzilla.suse.com/1238903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21745",
"url": "https://www.suse.com/security/cve/CVE-2025-21745"
},
{
"category": "external",
"summary": "SUSE Bug 1238785 for CVE-2025-21745",
"url": "https://bugzilla.suse.com/1238785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21749",
"url": "https://www.suse.com/security/cve/CVE-2025-21749"
},
{
"category": "external",
"summary": "SUSE Bug 1238904 for CVE-2025-21749",
"url": "https://bugzilla.suse.com/1238904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "low"
}
],
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS: 00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21750",
"url": "https://www.suse.com/security/cve/CVE-2025-21750"
},
{
"category": "external",
"summary": "SUSE Bug 1238905 for CVE-2025-21750",
"url": "https://bugzilla.suse.com/1238905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn\u0027t cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n ASSERT(!(flags \u0026 ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n FAULT_INJECTION: forcing a failure.\n name failslab, interval 1, probability 0, space 0, times 1\n CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n fail_dump lib/fault-inject.c:53 [inline]\n should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n should_failslab+0xac/0x100 mm/failslab.c:46\n slab_pre_alloc_hook mm/slub.c:4072 [inline]\n slab_alloc_node mm/slub.c:4148 [inline]\n __do_kmalloc_node mm/slub.c:4297 [inline]\n __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_pwritev fs/read_write.c:1146 [inline]\n __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f1281f85d29\n RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n \u003c/TASK\u003e\n BTRFS error (device loop0 state A): Transaction aborted (error -12)\n BTRFS: error (device loop0 state A\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21754",
"url": "https://www.suse.com/security/cve/CVE-2025-21754"
},
{
"category": "external",
"summary": "SUSE Bug 1238496 for CVE-2025-21754",
"url": "https://bugzilla.suse.com/1238496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial\n\nThe driver assumed that es58x_dev-\u003eudev-\u003eserial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev-\u003eudev-\u003eserial before accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21773",
"url": "https://www.suse.com/security/cve/CVE-2025-21773"
},
{
"category": "external",
"summary": "SUSE Bug 1238762 for CVE-2025-21773",
"url": "https://bugzilla.suse.com/1238762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21775",
"url": "https://www.suse.com/security/cve/CVE-2025-21775"
},
{
"category": "external",
"summary": "SUSE Bug 1238501 for CVE-2025-21775",
"url": "https://bugzilla.suse.com/1238501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: hub: Ignore non-compliant devices with too many configs or interfaces\n\nRobert Morris created a test program which can cause\nusb_hub_to_struct_hub() to dereference a NULL or inappropriate\npointer:\n\nOops: general protection fault, probably for non-canonical address\n0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI\nCPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14\nHardware name: FreeBSD BHYVE/BHYVE, BIOS 14.0 10/17/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_hub_adjust_deviceremovable+0x78/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x31/0x80\n ? exc_general_protection+0x1b4/0x3c0\n ? asm_exc_general_protection+0x26/0x30\n ? usb_hub_adjust_deviceremovable+0x78/0x110\n hub_probe+0x7c7/0xab0\n usb_probe_interface+0x14b/0x350\n really_probe+0xd0/0x2d0\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x6e/0x110\n driver_probe_device+0x1a/0x90\n __device_attach_driver+0x7e/0xc0\n bus_for_each_drv+0x7f/0xd0\n __device_attach+0xaa/0x1a0\n bus_probe_device+0x8b/0xa0\n device_add+0x62e/0x810\n usb_set_configuration+0x65d/0x990\n usb_generic_driver_probe+0x4b/0x70\n usb_probe_device+0x36/0xd0\n\nThe cause of this error is that the device has two interfaces, and the\nhub driver binds to interface 1 instead of interface 0, which is where\nusb_hub_to_struct_hub() looks.\n\nWe can prevent the problem from occurring by refusing to accept hub\ndevices that violate the USB spec by having more than one\nconfiguration or interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21776",
"url": "https://www.suse.com/security/cve/CVE-2025-21776"
},
{
"category": "external",
"summary": "SUSE Bug 1238909 for CVE-2025-21776",
"url": "https://bugzilla.suse.com/1238909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21779",
"url": "https://www.suse.com/security/cve/CVE-2025-21779"
},
{
"category": "external",
"summary": "SUSE Bug 1238768 for CVE-2025-21779",
"url": "https://bugzilla.suse.com/1238768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21780",
"url": "https://www.suse.com/security/cve/CVE-2025-21780"
},
{
"category": "external",
"summary": "SUSE Bug 1239115 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "external",
"summary": "SUSE Bug 1239116 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn\u0027t a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh-\u003ebat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21781",
"url": "https://www.suse.com/security/cve/CVE-2025-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1238735 for CVE-2025-21781",
"url": "https://bugzilla.suse.com/1238735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21784",
"url": "https://www.suse.com/security/cve/CVE-2025-21784"
},
{
"category": "external",
"summary": "SUSE Bug 1238510 for CVE-2025-21784",
"url": "https://bugzilla.suse.com/1238510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21785",
"url": "https://www.suse.com/security/cve/CVE-2025-21785"
},
{
"category": "external",
"summary": "SUSE Bug 1238747 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "external",
"summary": "SUSE Bug 1240745 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1240745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21793",
"url": "https://www.suse.com/security/cve/CVE-2025-21793"
},
{
"category": "external",
"summary": "SUSE Bug 1238500 for CVE-2025-21793",
"url": "https://bugzilla.suse.com/1238500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()\n\nSyzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from\nhid-thrustmaster driver. This array is passed to usb_check_int_endpoints\nfunction from usb.c core driver, which executes a for loop that iterates\nover the elements of the passed array. Not finding a null element at the end of\nthe array, it tries to read the next, non-existent element, crashing the kernel.\n\nTo fix this, a 0 element was added at the end of the array to break the for\nloop.\n\n[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21794",
"url": "https://www.suse.com/security/cve/CVE-2025-21794"
},
{
"category": "external",
"summary": "SUSE Bug 1238502 for CVE-2025-21794",
"url": "https://bugzilla.suse.com/1238502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n $ cat /proc/iomem\n 30000000-37ffffff :\n 38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n $ cat /proc/iomem\n 30000000-37ffffff : memory2\n 38000000-3fffffff : memory3\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21804",
"url": "https://www.suse.com/security/cve/CVE-2025-21804"
},
{
"category": "external",
"summary": "SUSE Bug 1238736 for CVE-2025-21804",
"url": "https://bugzilla.suse.com/1238736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: class: Fix wild pointer dereferences in API class_dev_iter_next()\n\nThere are a potential wild pointer dereferences issue regarding APIs\nclass_dev_iter_(init|next|exit)(), as explained by below typical usage:\n\n// All members of @iter are wild pointers.\nstruct class_dev_iter iter;\n\n// class_dev_iter_init(@iter, @class, ...) checks parameter @class for\n// potential class_to_subsys() error, and it returns void type and does\n// not initialize its output parameter @iter, so caller can not detect\n// the error and continues to invoke class_dev_iter_next(@iter) even if\n// @iter still contains wild pointers.\nclass_dev_iter_init(\u0026iter, ...);\n\n// Dereference these wild pointers in @iter here once suffer the error.\nwhile (dev = class_dev_iter_next(\u0026iter)) { ... };\n\n// Also dereference these wild pointers here.\nclass_dev_iter_exit(\u0026iter);\n\nActually, all callers of these APIs have such usage pattern in kernel tree.\nFix by:\n- Initialize output parameter @iter by memset() in class_dev_iter_init()\n and give callers prompt by pr_crit() for the error.\n- Check if @iter is valid in class_dev_iter_next().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21810",
"url": "https://www.suse.com/security/cve/CVE-2025-21810"
},
{
"category": "external",
"summary": "SUSE Bug 1238757 for CVE-2025-21810",
"url": "https://bugzilla.suse.com/1238757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/compaction: fix UBSAN shift-out-of-bounds warning\n\nsyzkaller reported a UBSAN shift-out-of-bounds warning of (1UL \u003c\u003c order)\nin isolate_freepages_block(). The bogus compound_order can be any value\nbecause it is union with flags. Add back the MAX_PAGE_ORDER check to fix\nthe warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21815",
"url": "https://www.suse.com/security/cve/CVE-2025-21815"
},
{
"category": "external",
"summary": "SUSE Bug 1238474 for CVE-2025-21815",
"url": "https://bugzilla.suse.com/1238474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/display: Use HW lock mgr for PSR1\"\n\nThis reverts commit\na2b5a9956269 (\"drm/amd/display: Use HW lock mgr for PSR1\")\n\nBecause it may cause system hang while connect with two edp panel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21819",
"url": "https://www.suse.com/security/cve/CVE-2025-21819"
},
{
"category": "external",
"summary": "SUSE Bug 1238994 for CVE-2025-21819",
"url": "https://bugzilla.suse.com/1238994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port-\u003esysrq)\n uart_port_lock(port)\n uart_handle_break()\n port-\u003esysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port-\u003esysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port-\u003esysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21820",
"url": "https://www.suse.com/security/cve/CVE-2025-21820"
},
{
"category": "external",
"summary": "SUSE Bug 1238479 for CVE-2025-21820",
"url": "https://bugzilla.suse.com/1238479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21823",
"url": "https://www.suse.com/security/cve/CVE-2025-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1238475 for CVE-2025-21823",
"url": "https://bugzilla.suse.com/1238475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Cancel the running bpf_timer through kworker for PREEMPT_RT\n\nDuring the update procedure, when overwrite element in a pre-allocated\nhtab, the freeing of old_element is protected by the bucket lock. The\nreason why the bucket lock is necessary is that the old_element has\nalready been stashed in htab-\u003eextra_elems after alloc_htab_elem()\nreturns. If freeing the old_element after the bucket lock is unlocked,\nthe stashed element may be reused by concurrent update procedure and the\nfreeing of old_element will run concurrently with the reuse of the\nold_element. However, the invocation of check_and_free_fields() may\nacquire a spin-lock which violates the lockdep rule because its caller\nhas already held a raw-spin-lock (bucket lock). The following warning\nwill be reported when such race happens:\n\n BUG: scheduling while atomic: test_progs/676/0x00000003\n 3 locks held by test_progs/676:\n #0: ffffffff864b0240 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830\n #1: ffff88810e961188 (\u0026htab-\u003elockdep_key){....}-{2:2}, at: htab_map_update_elem+0x306/0x1500\n #2: ffff8881f4eac1b8 (\u0026base-\u003esoftirq_expiry_lock){....}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0\n Modules linked in: bpf_testmod(O)\n Preemption disabled at:\n [\u003cffffffff817837a3\u003e] htab_map_update_elem+0x293/0x1500\n CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G ... 6.12.0+ #11\n Tainted: [W]=WARN, [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n __schedule_bug+0x120/0x170\n __schedule+0x300c/0x4800\n schedule_rtlock+0x37/0x60\n rtlock_slowlock_locked+0x6d9/0x54c0\n rt_spin_lock+0x168/0x230\n hrtimer_cancel_wait_running+0xe9/0x1b0\n hrtimer_cancel+0x24/0x30\n bpf_timer_delete_work+0x1d/0x40\n bpf_timer_cancel_and_free+0x5e/0x80\n bpf_obj_free_fields+0x262/0x4a0\n check_and_free_fields+0x1d0/0x280\n htab_map_update_elem+0x7fc/0x1500\n bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43\n bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e\n bpf_prog_test_run_syscall+0x322/0x830\n __sys_bpf+0x135d/0x3ca0\n __x64_sys_bpf+0x75/0xb0\n x64_sys_call+0x1b5/0xa10\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n ...\n \u003c/TASK\u003e\n\nIt seems feasible to break the reuse and refill of per-cpu extra_elems\ninto two independent parts: reuse the per-cpu extra_elems with bucket\nlock being held and refill the old_element as per-cpu extra_elems after\nthe bucket lock is unlocked. However, it will make the concurrent\noverwrite procedures on the same CPU return unexpected -E2BIG error when\nthe map is full.\n\nTherefore, the patch fixes the lock problem by breaking the cancelling\nof bpf_timer into two steps for PREEMPT_RT:\n1) use hrtimer_try_to_cancel() and check its return value\n2) if the timer is running, use hrtimer_cancel() through a kworker to\n cancel it again\nConsidering that the current implementation of hrtimer_cancel() will try\nto acquire a being held softirq_expiry_lock when the current timer is\nrunning, these steps above are reasonable. However, it also has\ndownside. When the timer is running, the cancelling of the timer is\ndelayed when releasing the last map uref. The delay is also fixable\n(e.g., break the cancelling of bpf timer into two parts: one part in\nlocked scope, another one in unlocked scope), it can be revised later if\nnecessary.\n\nIt is a bit hard to decide the right fix tag. One reason is that the\nproblem depends on PREEMPT_RT which is enabled in v6.12. Considering the\nsoftirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced\nin v5.15, the bpf_timer commit is used in the fixes tag and an extra\ndepends-on tag is added to state the dependency on PREEMPT_RT.\n\nDepends-on: v6.12+ with PREEMPT_RT enabled",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21825",
"url": "https://www.suse.com/security/cve/CVE-2025-21825"
},
{
"category": "external",
"summary": "SUSE Bug 1238971 for CVE-2025-21825",
"url": "https://bugzilla.suse.com/1238971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t flush non-uploaded STAs\n\nIf STA state is pre-moved to AUTHORIZED (such as in IBSS\nscenarios) and insertion fails, the station is freed.\nIn this case, the driver never knew about the station,\nso trying to flush it is unexpected and may crash.\n\nCheck if the sta was uploaded to the driver before and\nfix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21828",
"url": "https://www.suse.com/security/cve/CVE-2025-21828"
},
{
"category": "external",
"summary": "SUSE Bug 1238958 for CVE-2025-21828",
"url": "https://bugzilla.suse.com/1238958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n \u003cTASK\u003e\n ? show_regs.cold+0x1a/0x1f\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __warn+0x84/0xd0\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? report_bug+0x105/0x180\n ? handle_bug+0x46/0x80\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n ib_destroy_qp_user+0x118/0x190 [ib_core]\n rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n process_one_work+0x21d/0x3f0\n worker_thread+0x4a/0x3c0\n ? process_one_work+0x3f0/0x3f0\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21829",
"url": "https://www.suse.com/security/cve/CVE-2025-21829"
},
{
"category": "external",
"summary": "SUSE Bug 1239030 for CVE-2025-21829",
"url": "https://bugzilla.suse.com/1239030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21830",
"url": "https://www.suse.com/security/cve/CVE-2025-21830"
},
{
"category": "external",
"summary": "SUSE Bug 1239033 for CVE-2025-21830",
"url": "https://bugzilla.suse.com/1239033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won\u0027t be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21831",
"url": "https://www.suse.com/security/cve/CVE-2025-21831"
},
{
"category": "external",
"summary": "SUSE Bug 1239039 for CVE-2025-21831",
"url": "https://bugzilla.suse.com/1239039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21835",
"url": "https://www.suse.com/security/cve/CVE-2025-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1239068 for CVE-2025-21835",
"url": "https://bugzilla.suse.com/1239068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget-\u003ework\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(\u0026gadget-\u003ework)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21838",
"url": "https://www.suse.com/security/cve/CVE-2025-21838"
},
{
"category": "external",
"summary": "SUSE Bug 1239065 for CVE-2025-21838",
"url": "https://bugzilla.suse.com/1239065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_23_47-default-1-150600.13.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-source-6.4.0-150600.23.47.2.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:cluster-md-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:dlm-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:dtb-allwinner-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-altera-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amazon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-amlogic-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-apple-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-arm-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-broadcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-cavium-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-exynos-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-freescale-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-hisilicon-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-lg-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-marvell-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-mediatek-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-nvidia-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-qcom-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-renesas-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-rockchip-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-socionext-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-sprd-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:dtb-xilinx-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:gfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-64kb-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-debug-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-debug-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.aarch64",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-base-rebuild-6.4.0-150600.23.47.2.150600.12.20.2.x86_64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-extra-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-livepatch-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kernel-default-optional-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-default-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-docs-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-docs-html-6.4.0-150600.23.47.1.noarch",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kernel-kvmsmall-devel-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-kvmsmall-vdso-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:kernel-macros-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-build-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-obs-qa-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-source-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-source-vanilla-6.4.0-150600.23.47.2.noarch",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.ppc64le",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.s390x",
"openSUSE Leap 15.6:kernel-syms-6.4.0-150600.23.47.1.x86_64",
"openSUSE Leap 15.6:kernel-zfcpdump-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:kselftests-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:ocfs2-kmp-default-6.4.0-150600.23.47.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-64kb-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.ppc64le",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.s390x",
"openSUSE Leap 15.6:reiserfs-kmp-default-6.4.0-150600.23.47.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-09T07:02:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
}
]
}
SUSE-SU-2025:01600-1
Vulnerability from csaf_suse - Published: 2025-05-20 11:49 - Updated: 2025-05-20 11:49Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-47659: drm/plane: Move range check for format_count earlier (bsc#1237839).
- CVE-2022-49044: dm integrity: fix memory corruption when tag_size is less than digest size (bsc#1237840).
- CVE-2022-49055: drm/amdkfd: Check for potential null return of kmalloc_array() (bsc#1237868).
- CVE-2022-49060: net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() (bsc#1237845).
- CVE-2022-49086: net: openvswitch: fix leak of nested actions (bsc#1238037).
- CVE-2022-49111: Bluetooth: Fix use after free in hci_send_acl (bsc#1237984).
- CVE-2022-49118: scsi: hisi_sas: Free irq vectors in order for v3 HW (bsc#1237979).
- CVE-2022-49121: scsi: pm8001: Fix tag leaks on error (bsc#1237926).
- CVE-2022-49137: drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (bsc#1238155).
- CVE-2022-49175: PM: core: keep irq flags in device_pm_check_callbacks() (bsc#1238099).
- CVE-2022-49176: bfq: fix use-after-free in bfq_dispatch_request (bsc#1238097).
- CVE-2022-49179: block, bfq: do not move oom_bfqq (bsc#1238092).
- CVE-2022-49188: remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (bsc#1238138).
- CVE-2022-49197: af_netlink: Fix shift out of bounds in group mask calculation (bsc#1238455).
- CVE-2022-49205: bpf, sockmap: Fix double uncharge the mem of sk_msg (bsc#1238335).
- CVE-2022-49232: drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (bsc#1238139).
- CVE-2022-49290: mac80211: fix potential double free on mesh join (bsc#1238156).
- CVE-2022-49305: drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (bsc#1238645).
- CVE-2022-49325: tcp: add accessors to read/set tp->snd_cwnd (bsc#1238398).
- CVE-2022-49335: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (bsc#1238377).
- CVE-2022-49351: net: altera: Fix refcount leak in altera_tse_mdio_create (bsc#1237939).
- CVE-2022-49385: driver: base: fix UAF when driver_attach failed (bsc#1237951).
- CVE-2022-49390: macsec: fix UAF bug for real_dev (bsc#1238233).
- CVE-2022-49411: bfq: Make sure bfqg for which we are queueing requests is online (bsc#1238307).
- CVE-2022-49442: drivers/base/node.c: fix compaction sysfs file leak (bsc#1238243).
- CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).
- CVE-2022-49478: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (bsc#1238000).
- CVE-2022-49489: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (bsc#1238244).
- CVE-2022-49504: scsi: lpfc: Inhibit aborts if external loopback plug is inserted (bsc#1238835).
- CVE-2022-49521: scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() (bsc#1238938).
- CVE-2022-49525: media: cx25821: Fix the warning when removing the module (bsc#1238022).
- CVE-2022-49534: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT (bsc#1238893).
- CVE-2022-49535: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI (bsc#1238937).
- CVE-2022-49536: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock (bsc#1238838).
- CVE-2022-49537: scsi: lpfc: Fix call trace observed during I/O with CMF enabled (bsc#1238930).
- CVE-2022-49542: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() (bsc#1238722).
- CVE-2022-49561: netfilter: conntrack: re-fetch conntrack after insertion (bsc#1238537).
- CVE-2022-49590: igmp: Fix data-races around sysctl_igmp_llm_reports (bsc#1238844).
- CVE-2022-49658: bpf, selftests: Add verifier test case for imm=0,umin=0,umax=1 scalar (bsc#1238803).
- CVE-2022-49668: PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (bsc#1237957).
- CVE-2022-49693: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (bsc#1237954).
- CVE-2022-49725: i40e: Fix call trace in setup_tx_descriptors (bsc#1238016).
- CVE-2022-49728: kABI workaround for changeing the variable length type to size_t (bsc#1239111).
- CVE-2022-49730: scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted (bsc#1239070).
- CVE-2022-49749: i2c: designware: use casting of u64 in clock multiplication to avoid overflow (bsc#1240243).
- CVE-2022-49753: dmaengine: Fix double increment of client_count in dma_chan_get() (bsc#1240250).
- CVE-2023-53023: net: nfc: Fix use-after-free in local_cleanup() (bsc#1240309).
- CVE-2023-53032: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function (bsc#1240270).
- CVE-2024-49994: block: fix integer overflow in BLKSECDISCARD (bsc#1237757).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50272: filemap: Fix bounds checking in filemap_read() (bsc#1233461 bsc#1234209).
- CVE-2024-52559: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (bsc#1238507).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56590: skbuff: introduce skb_pull_data (bsc#1235038).
- CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-57980: media: uvcvideo: Fix double free in error path (bsc#1237911).
- CVE-2024-57981: usb: xhci: Fix NULL pointer dereference on certain command aborts (bsc#1237912).
- CVE-2024-58005: tpm: Change to kvalloc() in eventlog/acpi.c (bsc#1237873).
- CVE-2024-58009: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (bsc#1238760).
- CVE-2024-58017: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950 bsc#1239112).
- CVE-2024-58063: wifi: rtlwifi: fix memory leaks and invalid access at probe error path (bsc#1238984).
- CVE-2024-58093: PCI/ASPM: Fix link state exit during switch upstream function removal (bsc#1241347).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21735: NFC: nci: Add bounds checking in nci_hci_create_pipe() (bsc#1238497).
- CVE-2025-21750: wifi: brcmfmac: Check the return value of of_property_read_string_index() (bsc#1238905).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).
- CVE-2025-21779: KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (bsc#1238768).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21909: wifi: nl80211: reject cooked mode if it is set along with other flags (bsc#1240590).
- CVE-2025-21910: wifi: cfg80211: regulatory: improve invalid hints checking (bsc#1240583).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21927: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (bsc#1240714).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21941: drm/amd/display: Fix null check for pipe_ctx->plane_state in (bsc#1240701).
- CVE-2025-21948: HID: appleir: Fix potential NULL dereference at raw event handle (bsc#1240703).
- CVE-2025-21956: drm/amd/display: Assign normalized_pix_clk when color depth = 14 (bsc#1240739).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21976: fbdev: hyperv_fb: Allow graceful removal of framebuffer (bsc#1241145).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22008: regulator: check that dummy regulator has been probed before using it (bsc#1240942).
- CVE-2025-22010: RDMA/hns: Fix soft lockup during bt pages loop (bsc#1240943).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22086: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (bsc#1241458).
- CVE-2025-23131: dlm: prevent NPD when writing a positive value to event_done (bsc#1241601).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
The following non-security bugs were fixed:
- Revert 'ipv6: Fix signed integer overflow in __ip6_append_data'
- Revert 'kABI workaround for changeing the variable length type to size_t'
- audit: Send netlink ACK before setting connection in auditd_set (bsc#1231450).
- brcmfmac: of: Use devm_kstrdup for board_type & check for errors (bsc#1238905)
- brcmfmac: of: remove redundant variable len (bsc#1238905)
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- fbdev: hyperv_fb: Simplify hvfb_putmem (git-fixes).
- net: Fix data-races around weight_p and dev_weight_[rt]x_bias (bsc#1238746)
- remoteproc: qcom_q6v5_mss: Extract mba/mpss from memory-region (bsc#1238138)
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- wifi: brcmfmac: use strreplace() in brcmf_of_probe() (bsc#1238905)
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
Patchnames
SUSE-2025-1600,SUSE-SLE-Live-Patching-12-SP5-2025-1600,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1600,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1600
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2021-47659: drm/plane: Move range check for format_count earlier (bsc#1237839).\n- CVE-2022-49044: dm integrity: fix memory corruption when tag_size is less than digest size (bsc#1237840).\n- CVE-2022-49055: drm/amdkfd: Check for potential null return of kmalloc_array() (bsc#1237868).\n- CVE-2022-49060: net/smc: Fix NULL pointer dereference in smc_pnet_find_ib() (bsc#1237845).\n- CVE-2022-49086: net: openvswitch: fix leak of nested actions (bsc#1238037).\n- CVE-2022-49111: Bluetooth: Fix use after free in hci_send_acl (bsc#1237984).\n- CVE-2022-49118: scsi: hisi_sas: Free irq vectors in order for v3 HW (bsc#1237979).\n- CVE-2022-49121: scsi: pm8001: Fix tag leaks on error (bsc#1237926).\n- CVE-2022-49137: drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj (bsc#1238155).\n- CVE-2022-49175: PM: core: keep irq flags in device_pm_check_callbacks() (bsc#1238099).\n- CVE-2022-49176: bfq: fix use-after-free in bfq_dispatch_request (bsc#1238097).\n- CVE-2022-49179: block, bfq: do not move oom_bfqq (bsc#1238092).\n- CVE-2022-49188: remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (bsc#1238138).\n- CVE-2022-49197: af_netlink: Fix shift out of bounds in group mask calculation (bsc#1238455).\n- CVE-2022-49205: bpf, sockmap: Fix double uncharge the mem of sk_msg (bsc#1238335).\n- CVE-2022-49232: drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (bsc#1238139).\n- CVE-2022-49290: mac80211: fix potential double free on mesh join (bsc#1238156).\n- CVE-2022-49305: drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (bsc#1238645).\n- CVE-2022-49325: tcp: add accessors to read/set tp-\u003esnd_cwnd (bsc#1238398).\n- CVE-2022-49335: drm/amdgpu/cs: make commands with 0 chunks illegal behaviour (bsc#1238377).\n- CVE-2022-49351: net: altera: Fix refcount leak in altera_tse_mdio_create (bsc#1237939).\n- CVE-2022-49385: driver: base: fix UAF when driver_attach failed (bsc#1237951).\n- CVE-2022-49390: macsec: fix UAF bug for real_dev (bsc#1238233).\n- CVE-2022-49411: bfq: Make sure bfqg for which we are queueing requests is online (bsc#1238307).\n- CVE-2022-49442: drivers/base/node.c: fix compaction sysfs file leak (bsc#1238243).\n- CVE-2022-49465: blk-throttle: Set BIO_THROTTLED when bio has been throttled (bsc#1238919).\n- CVE-2022-49478: media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (bsc#1238000).\n- CVE-2022-49489: drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (bsc#1238244).\n- CVE-2022-49504: scsi: lpfc: Inhibit aborts if external loopback plug is inserted (bsc#1238835).\n- CVE-2022-49521: scsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp() (bsc#1238938).\n- CVE-2022-49525: media: cx25821: Fix the warning when removing the module (bsc#1238022).\n- CVE-2022-49534: scsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT (bsc#1238893).\n- CVE-2022-49535: scsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI (bsc#1238937).\n- CVE-2022-49536: scsi: lpfc: Fix SCSI I/O completion and abort handler deadlock (bsc#1238838).\n- CVE-2022-49537: scsi: lpfc: Fix call trace observed during I/O with CMF enabled (bsc#1238930).\n- CVE-2022-49542: scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() (bsc#1238722).\n- CVE-2022-49561: netfilter: conntrack: re-fetch conntrack after insertion (bsc#1238537).\n- CVE-2022-49590: igmp: Fix data-races around sysctl_igmp_llm_reports (bsc#1238844).\n- CVE-2022-49658: bpf, selftests: Add verifier test case for imm=0,umin=0,umax=1 scalar (bsc#1238803).\n- CVE-2022-49668: PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events (bsc#1237957).\n- CVE-2022-49693: drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (bsc#1237954).\n- CVE-2022-49725: i40e: Fix call trace in setup_tx_descriptors (bsc#1238016).\n- CVE-2022-49728: kABI workaround for changeing the variable length type to size_t (bsc#1239111).\n- CVE-2022-49730: scsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted (bsc#1239070).\n- CVE-2022-49749: i2c: designware: use casting of u64 in clock multiplication to avoid overflow (bsc#1240243).\n- CVE-2022-49753: dmaengine: Fix double increment of client_count in dma_chan_get() (bsc#1240250).\n- CVE-2023-53023: net: nfc: Fix use-after-free in local_cleanup() (bsc#1240309).\n- CVE-2023-53032: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function (bsc#1240270).\n- CVE-2024-49994: block: fix integer overflow in BLKSECDISCARD (bsc#1237757).\n- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).\n- CVE-2024-50272: filemap: Fix bounds checking in filemap_read() (bsc#1233461 bsc#1234209).\n- CVE-2024-52559: drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (bsc#1238507).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56590: skbuff: introduce skb_pull_data (bsc#1235038).\n- CVE-2024-56641: net/smc: initialize close_work early to avoid warning (bsc#1235526).\n- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).\n- CVE-2024-57980: media: uvcvideo: Fix double free in error path (bsc#1237911).\n- CVE-2024-57981: usb: xhci: Fix NULL pointer dereference on certain command aborts (bsc#1237912).\n- CVE-2024-58005: tpm: Change to kvalloc() in eventlog/acpi.c (bsc#1237873).\n- CVE-2024-58009: Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (bsc#1238760).\n- CVE-2024-58017: printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950 bsc#1239112).\n- CVE-2024-58063: wifi: rtlwifi: fix memory leaks and invalid access at probe error path (bsc#1238984).\n- CVE-2024-58093: PCI/ASPM: Fix link state exit during switch upstream function removal (bsc#1241347).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21735: NFC: nci: Add bounds checking in nci_hci_create_pipe() (bsc#1238497).\n- CVE-2025-21750: wifi: brcmfmac: Check the return value of of_property_read_string_index() (bsc#1238905).\n- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).\n- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).\n- CVE-2025-21772: partitions: mac: fix handling of bogus partition table (bsc#1238911).\n- CVE-2025-21779: KVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel (bsc#1238768).\n- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).\n- CVE-2025-21909: wifi: nl80211: reject cooked mode if it is set along with other flags (bsc#1240590).\n- CVE-2025-21910: wifi: cfg80211: regulatory: improve invalid hints checking (bsc#1240583).\n- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).\n- CVE-2025-21927: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (bsc#1240714).\n- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).\n- CVE-2025-21941: drm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in (bsc#1240701).\n- CVE-2025-21948: HID: appleir: Fix potential NULL dereference at raw event handle (bsc#1240703).\n- CVE-2025-21956: drm/amd/display: Assign normalized_pix_clk when color depth = 14 (bsc#1240739).\n- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level \u003e 2 (bsc#1240742).\n- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).\n- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).\n- CVE-2025-21976: fbdev: hyperv_fb: Allow graceful removal of framebuffer (bsc#1241145).\n- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).\n- CVE-2025-22008: regulator: check that dummy regulator has been probed before using it (bsc#1240942).\n- CVE-2025-22010: RDMA/hns: Fix soft lockup during bt pages loop (bsc#1240943).\n- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).\n- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).\n- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).\n- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).\n- CVE-2025-22086: RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (bsc#1241458).\n- CVE-2025-23131: dlm: prevent NPD when writing a positive value to event_done (bsc#1241601).\n- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).\n\nThe following non-security bugs were fixed:\n\n- Revert \u0027ipv6: Fix signed integer overflow in __ip6_append_data\u0027\n- Revert \u0027kABI workaround for changeing the variable length type to size_t\u0027\n- audit: Send netlink ACK before setting connection in auditd_set (bsc#1231450).\n- brcmfmac: of: Use devm_kstrdup for board_type \u0026 check for errors (bsc#1238905)\n- brcmfmac: of: remove redundant variable len (bsc#1238905)\n- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).\n- fbdev: hyperv_fb: Simplify hvfb_putmem (git-fixes).\n- net: Fix data-races around weight_p and dev_weight_[rt]x_bias (bsc#1238746)\n- remoteproc: qcom_q6v5_mss: Extract mba/mpss from memory-region (bsc#1238138)\n- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).\n- tpm: tis: Double the timeout B to 4s (bsc#1235870).\n- wifi: brcmfmac: use strreplace() in brcmf_of_probe() (bsc#1238905)\n- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).\n- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).\n- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1600,SUSE-SLE-Live-Patching-12-SP5-2025-1600,SUSE-SLE-SERVER-12-SP5-LTSS-2025-1600,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-1600",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01600-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01600-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501600-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01600-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-May/039257.html"
},
{
"category": "self",
"summary": "SUSE Bug 1205495",
"url": "https://bugzilla.suse.com/1205495"
},
{
"category": "self",
"summary": "SUSE Bug 1230764",
"url": "https://bugzilla.suse.com/1230764"
},
{
"category": "self",
"summary": "SUSE Bug 1231103",
"url": "https://bugzilla.suse.com/1231103"
},
{
"category": "self",
"summary": "SUSE Bug 1231450",
"url": "https://bugzilla.suse.com/1231450"
},
{
"category": "self",
"summary": "SUSE Bug 1231910",
"url": "https://bugzilla.suse.com/1231910"
},
{
"category": "self",
"summary": "SUSE Bug 1233461",
"url": "https://bugzilla.suse.com/1233461"
},
{
"category": "self",
"summary": "SUSE Bug 1234209",
"url": "https://bugzilla.suse.com/1234209"
},
{
"category": "self",
"summary": "SUSE Bug 1235038",
"url": "https://bugzilla.suse.com/1235038"
},
{
"category": "self",
"summary": "SUSE Bug 1235526",
"url": "https://bugzilla.suse.com/1235526"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1236086",
"url": "https://bugzilla.suse.com/1236086"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1237757",
"url": "https://bugzilla.suse.com/1237757"
},
{
"category": "self",
"summary": "SUSE Bug 1237839",
"url": "https://bugzilla.suse.com/1237839"
},
{
"category": "self",
"summary": "SUSE Bug 1237840",
"url": "https://bugzilla.suse.com/1237840"
},
{
"category": "self",
"summary": "SUSE Bug 1237845",
"url": "https://bugzilla.suse.com/1237845"
},
{
"category": "self",
"summary": "SUSE Bug 1237868",
"url": "https://bugzilla.suse.com/1237868"
},
{
"category": "self",
"summary": "SUSE Bug 1237873",
"url": "https://bugzilla.suse.com/1237873"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237911",
"url": "https://bugzilla.suse.com/1237911"
},
{
"category": "self",
"summary": "SUSE Bug 1237912",
"url": "https://bugzilla.suse.com/1237912"
},
{
"category": "self",
"summary": "SUSE Bug 1237926",
"url": "https://bugzilla.suse.com/1237926"
},
{
"category": "self",
"summary": "SUSE Bug 1237939",
"url": "https://bugzilla.suse.com/1237939"
},
{
"category": "self",
"summary": "SUSE Bug 1237950",
"url": "https://bugzilla.suse.com/1237950"
},
{
"category": "self",
"summary": "SUSE Bug 1237951",
"url": "https://bugzilla.suse.com/1237951"
},
{
"category": "self",
"summary": "SUSE Bug 1237954",
"url": "https://bugzilla.suse.com/1237954"
},
{
"category": "self",
"summary": "SUSE Bug 1237957",
"url": "https://bugzilla.suse.com/1237957"
},
{
"category": "self",
"summary": "SUSE Bug 1237979",
"url": "https://bugzilla.suse.com/1237979"
},
{
"category": "self",
"summary": "SUSE Bug 1237984",
"url": "https://bugzilla.suse.com/1237984"
},
{
"category": "self",
"summary": "SUSE Bug 1238000",
"url": "https://bugzilla.suse.com/1238000"
},
{
"category": "self",
"summary": "SUSE Bug 1238016",
"url": "https://bugzilla.suse.com/1238016"
},
{
"category": "self",
"summary": "SUSE Bug 1238022",
"url": "https://bugzilla.suse.com/1238022"
},
{
"category": "self",
"summary": "SUSE Bug 1238037",
"url": "https://bugzilla.suse.com/1238037"
},
{
"category": "self",
"summary": "SUSE Bug 1238092",
"url": "https://bugzilla.suse.com/1238092"
},
{
"category": "self",
"summary": "SUSE Bug 1238093",
"url": "https://bugzilla.suse.com/1238093"
},
{
"category": "self",
"summary": "SUSE Bug 1238097",
"url": "https://bugzilla.suse.com/1238097"
},
{
"category": "self",
"summary": "SUSE Bug 1238099",
"url": "https://bugzilla.suse.com/1238099"
},
{
"category": "self",
"summary": "SUSE Bug 1238138",
"url": "https://bugzilla.suse.com/1238138"
},
{
"category": "self",
"summary": "SUSE Bug 1238139",
"url": "https://bugzilla.suse.com/1238139"
},
{
"category": "self",
"summary": "SUSE Bug 1238155",
"url": "https://bugzilla.suse.com/1238155"
},
{
"category": "self",
"summary": "SUSE Bug 1238156",
"url": "https://bugzilla.suse.com/1238156"
},
{
"category": "self",
"summary": "SUSE Bug 1238233",
"url": "https://bugzilla.suse.com/1238233"
},
{
"category": "self",
"summary": "SUSE Bug 1238243",
"url": "https://bugzilla.suse.com/1238243"
},
{
"category": "self",
"summary": "SUSE Bug 1238244",
"url": "https://bugzilla.suse.com/1238244"
},
{
"category": "self",
"summary": "SUSE Bug 1238307",
"url": "https://bugzilla.suse.com/1238307"
},
{
"category": "self",
"summary": "SUSE Bug 1238335",
"url": "https://bugzilla.suse.com/1238335"
},
{
"category": "self",
"summary": "SUSE Bug 1238377",
"url": "https://bugzilla.suse.com/1238377"
},
{
"category": "self",
"summary": "SUSE Bug 1238398",
"url": "https://bugzilla.suse.com/1238398"
},
{
"category": "self",
"summary": "SUSE Bug 1238455",
"url": "https://bugzilla.suse.com/1238455"
},
{
"category": "self",
"summary": "SUSE Bug 1238497",
"url": "https://bugzilla.suse.com/1238497"
},
{
"category": "self",
"summary": "SUSE Bug 1238507",
"url": "https://bugzilla.suse.com/1238507"
},
{
"category": "self",
"summary": "SUSE Bug 1238537",
"url": "https://bugzilla.suse.com/1238537"
},
{
"category": "self",
"summary": "SUSE Bug 1238645",
"url": "https://bugzilla.suse.com/1238645"
},
{
"category": "self",
"summary": "SUSE Bug 1238714",
"url": "https://bugzilla.suse.com/1238714"
},
{
"category": "self",
"summary": "SUSE Bug 1238722",
"url": "https://bugzilla.suse.com/1238722"
},
{
"category": "self",
"summary": "SUSE Bug 1238737",
"url": "https://bugzilla.suse.com/1238737"
},
{
"category": "self",
"summary": "SUSE Bug 1238746",
"url": "https://bugzilla.suse.com/1238746"
},
{
"category": "self",
"summary": "SUSE Bug 1238760",
"url": "https://bugzilla.suse.com/1238760"
},
{
"category": "self",
"summary": "SUSE Bug 1238768",
"url": "https://bugzilla.suse.com/1238768"
},
{
"category": "self",
"summary": "SUSE Bug 1238803",
"url": "https://bugzilla.suse.com/1238803"
},
{
"category": "self",
"summary": "SUSE Bug 1238835",
"url": "https://bugzilla.suse.com/1238835"
},
{
"category": "self",
"summary": "SUSE Bug 1238838",
"url": "https://bugzilla.suse.com/1238838"
},
{
"category": "self",
"summary": "SUSE Bug 1238844",
"url": "https://bugzilla.suse.com/1238844"
},
{
"category": "self",
"summary": "SUSE Bug 1238893",
"url": "https://bugzilla.suse.com/1238893"
},
{
"category": "self",
"summary": "SUSE Bug 1238905",
"url": "https://bugzilla.suse.com/1238905"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238919",
"url": "https://bugzilla.suse.com/1238919"
},
{
"category": "self",
"summary": "SUSE Bug 1238930",
"url": "https://bugzilla.suse.com/1238930"
},
{
"category": "self",
"summary": "SUSE Bug 1238937",
"url": "https://bugzilla.suse.com/1238937"
},
{
"category": "self",
"summary": "SUSE Bug 1238938",
"url": "https://bugzilla.suse.com/1238938"
},
{
"category": "self",
"summary": "SUSE Bug 1238984",
"url": "https://bugzilla.suse.com/1238984"
},
{
"category": "self",
"summary": "SUSE Bug 1239070",
"url": "https://bugzilla.suse.com/1239070"
},
{
"category": "self",
"summary": "SUSE Bug 1239111",
"url": "https://bugzilla.suse.com/1239111"
},
{
"category": "self",
"summary": "SUSE Bug 1239112",
"url": "https://bugzilla.suse.com/1239112"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1240185",
"url": "https://bugzilla.suse.com/1240185"
},
{
"category": "self",
"summary": "SUSE Bug 1240243",
"url": "https://bugzilla.suse.com/1240243"
},
{
"category": "self",
"summary": "SUSE Bug 1240250",
"url": "https://bugzilla.suse.com/1240250"
},
{
"category": "self",
"summary": "SUSE Bug 1240270",
"url": "https://bugzilla.suse.com/1240270"
},
{
"category": "self",
"summary": "SUSE Bug 1240309",
"url": "https://bugzilla.suse.com/1240309"
},
{
"category": "self",
"summary": "SUSE Bug 1240583",
"url": "https://bugzilla.suse.com/1240583"
},
{
"category": "self",
"summary": "SUSE Bug 1240590",
"url": "https://bugzilla.suse.com/1240590"
},
{
"category": "self",
"summary": "SUSE Bug 1240701",
"url": "https://bugzilla.suse.com/1240701"
},
{
"category": "self",
"summary": "SUSE Bug 1240703",
"url": "https://bugzilla.suse.com/1240703"
},
{
"category": "self",
"summary": "SUSE Bug 1240709",
"url": "https://bugzilla.suse.com/1240709"
},
{
"category": "self",
"summary": "SUSE Bug 1240712",
"url": "https://bugzilla.suse.com/1240712"
},
{
"category": "self",
"summary": "SUSE Bug 1240714",
"url": "https://bugzilla.suse.com/1240714"
},
{
"category": "self",
"summary": "SUSE Bug 1240717",
"url": "https://bugzilla.suse.com/1240717"
},
{
"category": "self",
"summary": "SUSE Bug 1240739",
"url": "https://bugzilla.suse.com/1240739"
},
{
"category": "self",
"summary": "SUSE Bug 1240740",
"url": "https://bugzilla.suse.com/1240740"
},
{
"category": "self",
"summary": "SUSE Bug 1240742",
"url": "https://bugzilla.suse.com/1240742"
},
{
"category": "self",
"summary": "SUSE Bug 1240835",
"url": "https://bugzilla.suse.com/1240835"
},
{
"category": "self",
"summary": "SUSE Bug 1240942",
"url": "https://bugzilla.suse.com/1240942"
},
{
"category": "self",
"summary": "SUSE Bug 1240943",
"url": "https://bugzilla.suse.com/1240943"
},
{
"category": "self",
"summary": "SUSE Bug 1241145",
"url": "https://bugzilla.suse.com/1241145"
},
{
"category": "self",
"summary": "SUSE Bug 1241266",
"url": "https://bugzilla.suse.com/1241266"
},
{
"category": "self",
"summary": "SUSE Bug 1241347",
"url": "https://bugzilla.suse.com/1241347"
},
{
"category": "self",
"summary": "SUSE Bug 1241371",
"url": "https://bugzilla.suse.com/1241371"
},
{
"category": "self",
"summary": "SUSE Bug 1241373",
"url": "https://bugzilla.suse.com/1241373"
},
{
"category": "self",
"summary": "SUSE Bug 1241404",
"url": "https://bugzilla.suse.com/1241404"
},
{
"category": "self",
"summary": "SUSE Bug 1241405",
"url": "https://bugzilla.suse.com/1241405"
},
{
"category": "self",
"summary": "SUSE Bug 1241408",
"url": "https://bugzilla.suse.com/1241408"
},
{
"category": "self",
"summary": "SUSE Bug 1241458",
"url": "https://bugzilla.suse.com/1241458"
},
{
"category": "self",
"summary": "SUSE Bug 1241526",
"url": "https://bugzilla.suse.com/1241526"
},
{
"category": "self",
"summary": "SUSE Bug 1241601",
"url": "https://bugzilla.suse.com/1241601"
},
{
"category": "self",
"summary": "SUSE Bug 1241640",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-36789 page",
"url": "https://www.suse.com/security/cve/CVE-2020-36789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47659 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47668 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47669 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49044 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49055 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49060 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49086 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49111 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49118 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49121 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49137 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49171 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49175 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49175/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49176 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49179 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49179/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49188 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49188/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49197 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49205 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49232 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49290 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49305 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49305/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49325 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49335 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49335/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49351 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49385 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49390 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49411 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49442 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49442/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49465 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49478 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49489 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49504 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49521 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49521/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49525 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49525/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49534 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49534/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49535 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49535/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49536 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49536/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49537 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49537/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49542 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49561 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49561/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49590 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49658 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49668 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49693 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49725 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49728 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49730 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49749 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-49753 page",
"url": "https://www.suse.com/security/cve/CVE-2022-49753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53023 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53032 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46763 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50272 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50272/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56590 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58093 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21806 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21910 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21926 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21941 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21956 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21964 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21976 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22008 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22055 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23131 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37785/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-05-20T11:49:32Z",
"generator": {
"date": "2025-05-20T11:49:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01600-1",
"initial_release_date": "2025-05-20T11:49:32Z",
"revision_history": [
{
"date": "2025-05-20T11:49:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"product_id": "cluster-md-kmp-default-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.258.1.aarch64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.258.1.aarch64",
"product_id": "dlm-kmp-default-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"product_id": "gfs2-kmp-default-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-default-4.12.14-122.258.1.aarch64",
"product_id": "kernel-default-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-default-base-4.12.14-122.258.1.aarch64",
"product_id": "kernel-default-base-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-default-devel-4.12.14-122.258.1.aarch64",
"product_id": "kernel-default-devel-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-default-extra-4.12.14-122.258.1.aarch64",
"product_id": "kernel-default-extra-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.258.1.aarch64",
"product_id": "kernel-default-kgraft-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-obs-build-4.12.14-122.258.1.aarch64",
"product_id": "kernel-obs-build-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.258.1.aarch64",
"product_id": "kernel-obs-qa-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-syms-4.12.14-122.258.1.aarch64",
"product_id": "kernel-syms-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-vanilla-4.12.14-122.258.1.aarch64",
"product_id": "kernel-vanilla-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.258.1.aarch64",
"product_id": "kernel-vanilla-base-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.258.1.aarch64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.258.1.aarch64",
"product_id": "kernel-vanilla-devel-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.258.1.aarch64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.258.1.aarch64",
"product_id": "kselftests-kmp-default-4.12.14-122.258.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"product_id": "ocfs2-kmp-default-4.12.14-122.258.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-122.258.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-122.258.1.noarch",
"product_id": "kernel-devel-4.12.14-122.258.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-122.258.2.noarch",
"product": {
"name": "kernel-docs-4.12.14-122.258.2.noarch",
"product_id": "kernel-docs-4.12.14-122.258.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-122.258.2.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-122.258.2.noarch",
"product_id": "kernel-docs-html-4.12.14-122.258.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-122.258.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-122.258.1.noarch",
"product_id": "kernel-macros-4.12.14-122.258.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-122.258.1.noarch",
"product": {
"name": "kernel-source-4.12.14-122.258.1.noarch",
"product_id": "kernel-source-4.12.14-122.258.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-122.258.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-122.258.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-122.258.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"product_id": "dlm-kmp-default-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"product_id": "gfs2-kmp-default-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-debug-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-debug-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-debug-base-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-debug-base-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-debug-devel-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-debug-devel-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-default-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-default-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-default-base-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-default-base-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-default-devel-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-default-extra-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-default-extra-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-default-kgraft-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-obs-build-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-obs-qa-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-obs-qa-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-syms-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-syms-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-vanilla-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-vanilla-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-vanilla-base-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.258.1.ppc64le",
"product_id": "kernel-vanilla-devel-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"product": {
"name": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"product_id": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.258.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.258.1.ppc64le",
"product_id": "kselftests-kmp-default-4.12.14-122.258.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.12.14-122.258.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"product_id": "cluster-md-kmp-default-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.258.1.s390x",
"product": {
"name": "dlm-kmp-default-4.12.14-122.258.1.s390x",
"product_id": "dlm-kmp-default-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.258.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.258.1.s390x",
"product_id": "gfs2-kmp-default-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-default-4.12.14-122.258.1.s390x",
"product_id": "kernel-default-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-default-base-4.12.14-122.258.1.s390x",
"product_id": "kernel-default-base-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-default-devel-4.12.14-122.258.1.s390x",
"product_id": "kernel-default-devel-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-default-extra-4.12.14-122.258.1.s390x",
"product_id": "kernel-default-extra-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.258.1.s390x",
"product_id": "kernel-default-kgraft-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-default-man-4.12.14-122.258.1.s390x",
"product_id": "kernel-default-man-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-obs-build-4.12.14-122.258.1.s390x",
"product_id": "kernel-obs-build-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-obs-qa-4.12.14-122.258.1.s390x",
"product_id": "kernel-obs-qa-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-syms-4.12.14-122.258.1.s390x",
"product_id": "kernel-syms-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-vanilla-4.12.14-122.258.1.s390x",
"product_id": "kernel-vanilla-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.258.1.s390x",
"product_id": "kernel-vanilla-base-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.258.1.s390x",
"product_id": "kernel-vanilla-devel-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-zfcpdump-4.12.14-122.258.1.s390x",
"product_id": "kernel-zfcpdump-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-man-4.12.14-122.258.1.s390x",
"product": {
"name": "kernel-zfcpdump-man-4.12.14-122.258.1.s390x",
"product_id": "kernel-zfcpdump-man-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"product": {
"name": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"product_id": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.258.1.s390x",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.258.1.s390x",
"product_id": "kselftests-kmp-default-4.12.14-122.258.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"product_id": "ocfs2-kmp-default-4.12.14-122.258.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"product_id": "cluster-md-kmp-default-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.12.14-122.258.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.12.14-122.258.1.x86_64",
"product_id": "dlm-kmp-default-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"product_id": "gfs2-kmp-default-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-122.258.1.x86_64",
"product_id": "kernel-debug-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-122.258.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-122.258.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-122.258.1.x86_64",
"product_id": "kernel-default-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-122.258.1.x86_64",
"product_id": "kernel-default-base-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-122.258.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-default-extra-4.12.14-122.258.1.x86_64",
"product_id": "kernel-default-extra-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"product_id": "kernel-default-kgraft-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"product_id": "kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-122.258.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-122.258.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-122.258.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-122.258.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-122.258.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-122.258.1.x86_64",
"product_id": "kernel-syms-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-122.258.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-122.258.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-122.258.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-122.258.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"product": {
"name": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"product_id": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-4.12.14-122.258.1.x86_64",
"product": {
"name": "kselftests-kmp-default-4.12.14-122.258.1.x86_64",
"product_id": "kselftests-kmp-default-4.12.14-122.258.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"product_id": "ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le"
},
"product_reference": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x"
},
"product_reference": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP5",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64"
},
"product_reference": "kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.258.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.258.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.258.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x"
},
"product_reference": "dlm-kmp-default-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.258.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.258.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64"
},
"product_reference": "kernel-default-4.12.14-122.258.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le"
},
"product_reference": "kernel-default-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x"
},
"product_reference": "kernel-default-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.258.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64"
},
"product_reference": "kernel-default-base-4.12.14-122.258.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le"
},
"product_reference": "kernel-default-base-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x"
},
"product_reference": "kernel-default-base-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.258.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64"
},
"product_reference": "kernel-default-devel-4.12.14-122.258.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x"
},
"product_reference": "kernel-default-devel-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x"
},
"product_reference": "kernel-default-man-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.258.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.258.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.258.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.258.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.258.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.258.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.258.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64"
},
"product_reference": "kernel-syms-4.12.14-122.258.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le"
},
"product_reference": "kernel-syms-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x"
},
"product_reference": "kernel-syms-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.258.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.258.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.258.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-122.258.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-122.258.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-122.258.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-122.258.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-122.258.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch"
},
"product_reference": "kernel-source-4.12.14-122.258.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.12.14-122.258.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-36789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-36789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context\n\nIf a driver calls can_get_echo_skb() during a hardware IRQ (which is often, but\nnot always, the case), the \u0027WARN_ON(in_irq)\u0027 in\nnet/core/skbuff.c#skb_release_head_state() might be triggered, under network\ncongestion circumstances, together with the potential risk of a NULL pointer\ndereference.\n\nThe root cause of this issue is the call to kfree_skb() instead of\ndev_kfree_skb_irq() in net/core/dev.c#enqueue_to_backlog().\n\nThis patch prevents the skb to be freed within the call to netif_rx() by\nincrementing its reference count with skb_get(). The skb is finally freed by\none of the in-irq-context safe functions: dev_consume_skb_any() or\ndev_kfree_skb_any(). The \"any\" version is used because some drivers might call\ncan_get_echo_skb() in a normal context.\n\nThe reason for this issue to occur is that initially, in the core network\nstack, loopback skb were not supposed to be received in hardware IRQ context.\nThe CAN stack is an exeption.\n\nThis bug was previously reported back in 2017 in [1] but the proposed patch\nnever got accepted.\n\nWhile [1] directly modifies net/core/dev.c, we try to propose here a\nsmoother modification local to CAN network stack (the assumption\nbehind is that only CAN devices are affected by this issue).\n\n[1] http://lore.kernel.org/r/57a3ffb6-3309-3ad5-5a34-e93c3fe3614d@cetitec.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-36789",
"url": "https://www.suse.com/security/cve/CVE-2020-36789"
},
{
"category": "external",
"summary": "SUSE Bug 1241408 for CVE-2020-36789",
"url": "https://bugzilla.suse.com/1241408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2020-36789"
},
{
"cve": "CVE-2021-47659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/plane: Move range check for format_count earlier\n\nWhile the check for format_count \u003e 64 in __drm_universal_plane_init()\nshouldn\u0027t be hit (it\u0027s a WARN_ON), in its current position it will then\nleak the plane-\u003eformat_types array and fail to call\ndrm_mode_object_unregister() leaking the modeset identifier. Move it to\nthe start of the function to avoid allocating those resources in the\nfirst place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47659",
"url": "https://www.suse.com/security/cve/CVE-2021-47659"
},
{
"category": "external",
"summary": "SUSE Bug 1237839 for CVE-2021-47659",
"url": "https://bugzilla.suse.com/1237839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2021-47659"
},
{
"cve": "CVE-2021-47668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_restart: fix use after free bug\n\nAfter calling netif_rx_ni(skb), dereferencing skb is unsafe.\nEspecially, the can_frame cf which aliases skb memory is accessed\nafter the netif_rx_ni() in:\n stats-\u003erx_bytes += cf-\u003elen;\n\nReordering the lines solves the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47668",
"url": "https://www.suse.com/security/cve/CVE-2021-47668"
},
{
"category": "external",
"summary": "SUSE Bug 1241404 for CVE-2021-47668",
"url": "https://bugzilla.suse.com/1241404"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2021-47668"
},
{
"cve": "CVE-2021-47669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: vxcan: vxcan_xmit: fix use after free bug\n\nAfter calling netif_rx_ni(skb), dereferencing skb is unsafe.\nEspecially, the canfd_frame cfd which aliases skb memory is accessed\nafter the netif_rx_ni().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47669",
"url": "https://www.suse.com/security/cve/CVE-2021-47669"
},
{
"category": "external",
"summary": "SUSE Bug 1241405 for CVE-2021-47669",
"url": "https://bugzilla.suse.com/1241405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2021-47669"
},
{
"cve": "CVE-2022-49044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm integrity: fix memory corruption when tag_size is less than digest size\n\nIt is possible to set up dm-integrity in such a way that the\n\"tag_size\" parameter is less than the actual digest size. In this\nsituation, a part of the digest beyond tag_size is ignored.\n\nIn this case, dm-integrity would write beyond the end of the\nic-\u003erecalc_tags array and corrupt memory. The corruption happened in\nintegrity_recalc-\u003eintegrity_sector_checksum-\u003ecrypto_shash_final.\n\nFix this corruption by increasing the tags array so that it has enough\npadding at the end to accomodate the loop in integrity_recalc() being\nable to write a full digest size for the last member of the tags\narray.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49044",
"url": "https://www.suse.com/security/cve/CVE-2022-49044"
},
{
"category": "external",
"summary": "SUSE Bug 1237840 for CVE-2022-49044",
"url": "https://bugzilla.suse.com/1237840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49044"
},
{
"cve": "CVE-2022-49055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Check for potential null return of kmalloc_array()\n\nAs the kmalloc_array() may return null, the \u0027event_waiters[i].wait\u0027 would lead to null-pointer dereference.\nTherefore, it is better to check the return value of kmalloc_array() to avoid this confusion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49055",
"url": "https://www.suse.com/security/cve/CVE-2022-49055"
},
{
"category": "external",
"summary": "SUSE Bug 1237868 for CVE-2022-49055",
"url": "https://bugzilla.suse.com/1237868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49055"
},
{
"cve": "CVE-2022-49060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: Fix NULL pointer dereference in smc_pnet_find_ib()\n\ndev_name() was called with dev.parent as argument but without to\nNULL-check it before.\nSolve this by checking the pointer before the call to dev_name().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49060",
"url": "https://www.suse.com/security/cve/CVE-2022-49060"
},
{
"category": "external",
"summary": "SUSE Bug 1237845 for CVE-2022-49060",
"url": "https://bugzilla.suse.com/1237845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49060"
},
{
"cve": "CVE-2022-49086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix leak of nested actions\n\nWhile parsing user-provided actions, openvswitch module may dynamically\nallocate memory and store pointers in the internal copy of the actions.\nSo this memory has to be freed while destroying the actions.\n\nCurrently there are only two such actions: ct() and set(). However,\nthere are many actions that can hold nested lists of actions and\novs_nla_free_flow_actions() just jumps over them leaking the memory.\n\nFor example, removal of the flow with the following actions will lead\nto a leak of the memory allocated by nf_ct_tmpl_alloc():\n\n actions:clone(ct(commit),0)\n\nNon-freed set() action may also leak the \u0027dst\u0027 structure for the\ntunnel info including device references.\n\nUnder certain conditions with a high rate of flow rotation that may\ncause significant memory leak problem (2MB per second in reporter\u0027s\ncase). The problem is also hard to mitigate, because the user doesn\u0027t\nhave direct control over the datapath flows generated by OVS.\n\nFix that by iterating over all the nested actions and freeing\neverything that needs to be freed recursively.\n\nNew build time assertion should protect us from this problem if new\nactions will be added in the future.\n\nUnfortunately, openvswitch module doesn\u0027t use NLA_F_NESTED, so all\nattributes has to be explicitly checked. sample() and clone() actions\nare mixing extra attributes into the user-provided action list. That\nprevents some code generalization too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49086",
"url": "https://www.suse.com/security/cve/CVE-2022-49086"
},
{
"category": "external",
"summary": "SUSE Bug 1238037 for CVE-2022-49086",
"url": "https://bugzilla.suse.com/1238037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "low"
}
],
"title": "CVE-2022-49086"
},
{
"cve": "CVE-2022-49111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use after free in hci_send_acl\n\nThis fixes the following trace caused by receiving\nHCI_EV_DISCONN_PHY_LINK_COMPLETE which does call hci_conn_del without\nfirst checking if conn-\u003etype is in fact AMP_LINK and in case it is\ndo properly cleanup upper layers with hci_disconn_cfm:\n\n ==================================================================\n BUG: KASAN: use-after-free in hci_send_acl+0xaba/0xc50\n Read of size 8 at addr ffff88800e404818 by task bluetoothd/142\n\n CPU: 0 PID: 142 Comm: bluetoothd Not tainted\n 5.17.0-rc5-00006-gda4022eeac1a #7\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x45/0x59\n print_address_description.constprop.0+0x1f/0x150\n kasan_report.cold+0x7f/0x11b\n hci_send_acl+0xaba/0xc50\n l2cap_do_send+0x23f/0x3d0\n l2cap_chan_send+0xc06/0x2cc0\n l2cap_sock_sendmsg+0x201/0x2b0\n sock_sendmsg+0xdc/0x110\n sock_write_iter+0x20f/0x370\n do_iter_readv_writev+0x343/0x690\n do_iter_write+0x132/0x640\n vfs_writev+0x198/0x570\n do_writev+0x202/0x280\n do_syscall_64+0x38/0x90\n entry_SYSCALL_64_after_hwframe+0x44/0xae\n RSP: 002b:00007ffce8a099b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000014\n Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3\n 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 14 00 00 00 0f 05\n \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10\n RDX: 0000000000000001 RSI: 00007ffce8a099e0 RDI: 0000000000000015\n RAX: ffffffffffffffda RBX: 00007ffce8a099e0 RCX: 00007f788fc3cf77\n R10: 00007ffce8af7080 R11: 0000000000000246 R12: 000055e4ccf75580\n RBP: 0000000000000015 R08: 0000000000000002 R09: 0000000000000001\n \u003c/TASK\u003e\n R13: 000055e4ccf754a0 R14: 000055e4ccf75cd0 R15: 000055e4ccf4a6b0\n\n Allocated by task 45:\n kasan_save_stack+0x1e/0x40\n __kasan_kmalloc+0x81/0xa0\n hci_chan_create+0x9a/0x2f0\n l2cap_conn_add.part.0+0x1a/0xdc0\n l2cap_connect_cfm+0x236/0x1000\n le_conn_complete_evt+0x15a7/0x1db0\n hci_le_conn_complete_evt+0x226/0x2c0\n hci_le_meta_evt+0x247/0x450\n hci_event_packet+0x61b/0xe90\n hci_rx_work+0x4d5/0xc50\n process_one_work+0x8fb/0x15a0\n worker_thread+0x576/0x1240\n kthread+0x29d/0x340\n ret_from_fork+0x1f/0x30\n\n Freed by task 45:\n kasan_save_stack+0x1e/0x40\n kasan_set_track+0x21/0x30\n kasan_set_free_info+0x20/0x30\n __kasan_slab_free+0xfb/0x130\n kfree+0xac/0x350\n hci_conn_cleanup+0x101/0x6a0\n hci_conn_del+0x27e/0x6c0\n hci_disconn_phylink_complete_evt+0xe0/0x120\n hci_event_packet+0x812/0xe90\n hci_rx_work+0x4d5/0xc50\n process_one_work+0x8fb/0x15a0\n worker_thread+0x576/0x1240\n kthread+0x29d/0x340\n ret_from_fork+0x1f/0x30\n\n The buggy address belongs to the object at ffff88800c0f0500\n The buggy address is located 24 bytes inside of\n which belongs to the cache kmalloc-128 of size 128\n The buggy address belongs to the page:\n 128-byte region [ffff88800c0f0500, ffff88800c0f0580)\n flags: 0x100000000000200(slab|node=0|zone=1)\n page:00000000fe45cd86 refcount:1 mapcount:0\n mapping:0000000000000000 index:0x0 pfn:0xc0f0\n raw: 0000000000000000 0000000080100010 00000001ffffffff\n 0000000000000000\n raw: 0100000000000200 ffffea00003a2c80 dead000000000004\n ffff8880078418c0\n page dumped because: kasan: bad access detected\n ffff88800c0f0400: 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc\n Memory state around the buggy address:\n \u003effff88800c0f0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff88800c0f0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n ffff88800c0f0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49111",
"url": "https://www.suse.com/security/cve/CVE-2022-49111"
},
{
"category": "external",
"summary": "SUSE Bug 1237984 for CVE-2022-49111",
"url": "https://bugzilla.suse.com/1237984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49111"
},
{
"cve": "CVE-2022-49118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49118"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Free irq vectors in order for v3 HW\n\nIf the driver probe fails to request the channel IRQ or fatal IRQ, the\ndriver will free the IRQ vectors before freeing the IRQs in free_irq(),\nand this will cause a kernel BUG like this:\n\n------------[ cut here ]------------\nkernel BUG at drivers/pci/msi.c:369!\nInternal error: Oops - BUG: 0 [#1] PREEMPT SMP\nCall trace:\n free_msi_irqs+0x118/0x13c\n pci_disable_msi+0xfc/0x120\n pci_free_irq_vectors+0x24/0x3c\n hisi_sas_v3_probe+0x360/0x9d0 [hisi_sas_v3_hw]\n local_pci_probe+0x44/0xb0\n work_for_cpu_fn+0x20/0x34\n process_one_work+0x1d0/0x340\n worker_thread+0x2e0/0x460\n kthread+0x180/0x190\n ret_from_fork+0x10/0x20\n---[ end trace b88990335b610c11 ]---\n\nSo we use devm_add_action() to control the order in which we free the\nvectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49118",
"url": "https://www.suse.com/security/cve/CVE-2022-49118"
},
{
"category": "external",
"summary": "SUSE Bug 1237979 for CVE-2022-49118",
"url": "https://bugzilla.suse.com/1237979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49118"
},
{
"cve": "CVE-2022-49121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49121"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: pm8001: Fix tag leaks on error\n\nIn pm8001_chip_set_dev_state_req(), pm8001_chip_fw_flash_update_req(),\npm80xx_chip_phy_ctl_req() and pm8001_chip_reg_dev_req() add missing calls\nto pm8001_tag_free() to free the allocated tag when pm8001_mpi_build_cmd()\nfails.\n\nSimilarly, in pm8001_exec_internal_task_abort(), if the chip -\u003etask_abort\nmethod fails, the tag allocated for the abort request task must be\nfreed. Add the missing call to pm8001_tag_free().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49121",
"url": "https://www.suse.com/security/cve/CVE-2022-49121"
},
{
"category": "external",
"summary": "SUSE Bug 1237926 for CVE-2022-49121",
"url": "https://bugzilla.suse.com/1237926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49121"
},
{
"cve": "CVE-2022-49137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49137"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj\n\nThis issue takes place in an error path in\namdgpu_cs_fence_to_handle_ioctl(). When `info-\u003ein.what` falls into\ndefault case, the function simply returns -EINVAL, forgetting to\ndecrement the reference count of a dma_fence obj, which is bumped\nearlier by amdgpu_cs_get_fence(). This may result in reference count\nleaks.\n\nFix it by decreasing the refcount of specific object before returning\nthe error code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49137",
"url": "https://www.suse.com/security/cve/CVE-2022-49137"
},
{
"category": "external",
"summary": "SUSE Bug 1238155 for CVE-2022-49137",
"url": "https://bugzilla.suse.com/1238155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "low"
}
],
"title": "CVE-2022-49137"
},
{
"cve": "CVE-2022-49171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: don\u0027t BUG if someone dirty pages without asking ext4 first\n\n[un]pin_user_pages_remote is dirtying pages without properly warning\nthe file system in advance. A related race was noted by Jan Kara in\n2018[1]; however, more recently instead of it being a very hard-to-hit\nrace, it could be reliably triggered by process_vm_writev(2) which was\ndiscovered by Syzbot[2].\n\nThis is technically a bug in mm/gup.c, but arguably ext4 is fragile in\nthat if some other kernel subsystem dirty pages without properly\nnotifying the file system using page_mkwrite(), ext4 will BUG, while\nother file systems will not BUG (although data will still be lost).\n\nSo instead of crashing with a BUG, issue a warning (since there may be\npotential data loss) and just mark the page as clean to avoid\nunprivileged denial of service attacks until the problem can be\nproperly fixed. More discussion and background can be found in the\nthread starting at [2].\n\n[1] https://lore.kernel.org/linux-mm/20180103100430.GE4911@quack2.suse.cz\n[2] https://lore.kernel.org/r/Yg0m6IjcNmfaSokM@google.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49171",
"url": "https://www.suse.com/security/cve/CVE-2022-49171"
},
{
"category": "external",
"summary": "SUSE Bug 1238093 for CVE-2022-49171",
"url": "https://bugzilla.suse.com/1238093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49171"
},
{
"cve": "CVE-2022-49175",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49175"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM: core: keep irq flags in device_pm_check_callbacks()\n\nThe function device_pm_check_callbacks() can be called under the spin\nlock (in the reported case it happens from genpd_add_device() -\u003e\ndev_pm_domain_set(), when the genpd uses spinlocks rather than mutexes.\n\nHowever this function uncoditionally uses spin_lock_irq() /\nspin_unlock_irq(), thus not preserving the CPU flags. Use the\nirqsave/irqrestore instead.\n\nThe backtrace for the reference:\n[ 2.752010] ------------[ cut here ]------------\n[ 2.756769] raw_local_irq_restore() called with IRQs enabled\n[ 2.762596] WARNING: CPU: 4 PID: 1 at kernel/locking/irqflag-debug.c:10 warn_bogus_irq_restore+0x34/0x50\n[ 2.772338] Modules linked in:\n[ 2.775487] CPU: 4 PID: 1 Comm: swapper/0 Tainted: G S 5.17.0-rc6-00384-ge330d0d82eff-dirty #684\n[ 2.781384] Freeing initrd memory: 46024K\n[ 2.785839] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 2.785841] pc : warn_bogus_irq_restore+0x34/0x50\n[ 2.785844] lr : warn_bogus_irq_restore+0x34/0x50\n[ 2.785846] sp : ffff80000805b7d0\n[ 2.785847] x29: ffff80000805b7d0 x28: 0000000000000000 x27: 0000000000000002\n[ 2.785850] x26: ffffd40e80930b18 x25: ffff7ee2329192b8 x24: ffff7edfc9f60800\n[ 2.785853] x23: ffffd40e80930b18 x22: ffffd40e80930d30 x21: ffff7edfc0dffa00\n[ 2.785856] x20: ffff7edfc09e3768 x19: 0000000000000000 x18: ffffffffffffffff\n[ 2.845775] x17: 6572206f74206465 x16: 6c696166203a3030 x15: ffff80008805b4f7\n[ 2.853108] x14: 0000000000000000 x13: ffffd40e809550b0 x12: 00000000000003d8\n[ 2.860441] x11: 0000000000000148 x10: ffffd40e809550b0 x9 : ffffd40e809550b0\n[ 2.867774] x8 : 00000000ffffefff x7 : ffffd40e809ad0b0 x6 : ffffd40e809ad0b0\n[ 2.875107] x5 : 000000000000bff4 x4 : 0000000000000000 x3 : 0000000000000000\n[ 2.882440] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff7edfc03a8000\n[ 2.889774] Call trace:\n[ 2.892290] warn_bogus_irq_restore+0x34/0x50\n[ 2.896770] _raw_spin_unlock_irqrestore+0x94/0xa0\n[ 2.901690] genpd_unlock_spin+0x20/0x30\n[ 2.905724] genpd_add_device+0x100/0x2d0\n[ 2.909850] __genpd_dev_pm_attach+0xa8/0x23c\n[ 2.914329] genpd_dev_pm_attach_by_id+0xc4/0x190\n[ 2.919167] genpd_dev_pm_attach_by_name+0x3c/0xd0\n[ 2.924086] dev_pm_domain_attach_by_name+0x24/0x30\n[ 2.929102] psci_dt_attach_cpu+0x24/0x90\n[ 2.933230] psci_cpuidle_probe+0x2d4/0x46c\n[ 2.937534] platform_probe+0x68/0xe0\n[ 2.941304] really_probe.part.0+0x9c/0x2fc\n[ 2.945605] __driver_probe_device+0x98/0x144\n[ 2.950085] driver_probe_device+0x44/0x15c\n[ 2.954385] __device_attach_driver+0xb8/0x120\n[ 2.958950] bus_for_each_drv+0x78/0xd0\n[ 2.962896] __device_attach+0xd8/0x180\n[ 2.966843] device_initial_probe+0x14/0x20\n[ 2.971144] bus_probe_device+0x9c/0xa4\n[ 2.975092] device_add+0x380/0x88c\n[ 2.978679] platform_device_add+0x114/0x234\n[ 2.983067] platform_device_register_full+0x100/0x190\n[ 2.988344] psci_idle_init+0x6c/0xb0\n[ 2.992113] do_one_initcall+0x74/0x3a0\n[ 2.996060] kernel_init_freeable+0x2fc/0x384\n[ 3.000543] kernel_init+0x28/0x130\n[ 3.004132] ret_from_fork+0x10/0x20\n[ 3.007817] irq event stamp: 319826\n[ 3.011404] hardirqs last enabled at (319825): [\u003cffffd40e7eda0268\u003e] __up_console_sem+0x78/0x84\n[ 3.020332] hardirqs last disabled at (319826): [\u003cffffd40e7fd6d9d8\u003e] el1_dbg+0x24/0x8c\n[ 3.028458] softirqs last enabled at (318312): [\u003cffffd40e7ec90410\u003e] _stext+0x410/0x588\n[ 3.036678] softirqs last disabled at (318299): [\u003cffffd40e7ed1bf68\u003e] __irq_exit_rcu+0x158/0x174\n[ 3.045607] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49175",
"url": "https://www.suse.com/security/cve/CVE-2022-49175"
},
{
"category": "external",
"summary": "SUSE Bug 1238099 for CVE-2022-49175",
"url": "https://bugzilla.suse.com/1238099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49175"
},
{
"cve": "CVE-2022-49176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbfq: fix use-after-free in bfq_dispatch_request\n\nKASAN reports a use-after-free report when doing normal scsi-mq test\n\n[69832.239032] ==================================================================\n[69832.241810] BUG: KASAN: use-after-free in bfq_dispatch_request+0x1045/0x44b0\n[69832.243267] Read of size 8 at addr ffff88802622ba88 by task kworker/3:1H/155\n[69832.244656]\n[69832.245007] CPU: 3 PID: 155 Comm: kworker/3:1H Not tainted 5.10.0-10295-g576c6382529e #8\n[69832.246626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n[69832.249069] Workqueue: kblockd blk_mq_run_work_fn\n[69832.250022] Call Trace:\n[69832.250541] dump_stack+0x9b/0xce\n[69832.251232] ? bfq_dispatch_request+0x1045/0x44b0\n[69832.252243] print_address_description.constprop.6+0x3e/0x60\n[69832.253381] ? __cpuidle_text_end+0x5/0x5\n[69832.254211] ? vprintk_func+0x6b/0x120\n[69832.254994] ? bfq_dispatch_request+0x1045/0x44b0\n[69832.255952] ? bfq_dispatch_request+0x1045/0x44b0\n[69832.256914] kasan_report.cold.9+0x22/0x3a\n[69832.257753] ? bfq_dispatch_request+0x1045/0x44b0\n[69832.258755] check_memory_region+0x1c1/0x1e0\n[69832.260248] bfq_dispatch_request+0x1045/0x44b0\n[69832.261181] ? bfq_bfqq_expire+0x2440/0x2440\n[69832.262032] ? blk_mq_delay_run_hw_queues+0xf9/0x170\n[69832.263022] __blk_mq_do_dispatch_sched+0x52f/0x830\n[69832.264011] ? blk_mq_sched_request_inserted+0x100/0x100\n[69832.265101] __blk_mq_sched_dispatch_requests+0x398/0x4f0\n[69832.266206] ? blk_mq_do_dispatch_ctx+0x570/0x570\n[69832.267147] ? __switch_to+0x5f4/0xee0\n[69832.267898] blk_mq_sched_dispatch_requests+0xdf/0x140\n[69832.268946] __blk_mq_run_hw_queue+0xc0/0x270\n[69832.269840] blk_mq_run_work_fn+0x51/0x60\n[69832.278170] process_one_work+0x6d4/0xfe0\n[69832.278984] worker_thread+0x91/0xc80\n[69832.279726] ? __kthread_parkme+0xb0/0x110\n[69832.280554] ? process_one_work+0xfe0/0xfe0\n[69832.281414] kthread+0x32d/0x3f0\n[69832.282082] ? kthread_park+0x170/0x170\n[69832.282849] ret_from_fork+0x1f/0x30\n[69832.283573]\n[69832.283886] Allocated by task 7725:\n[69832.284599] kasan_save_stack+0x19/0x40\n[69832.285385] __kasan_kmalloc.constprop.2+0xc1/0xd0\n[69832.286350] kmem_cache_alloc_node+0x13f/0x460\n[69832.287237] bfq_get_queue+0x3d4/0x1140\n[69832.287993] bfq_get_bfqq_handle_split+0x103/0x510\n[69832.289015] bfq_init_rq+0x337/0x2d50\n[69832.289749] bfq_insert_requests+0x304/0x4e10\n[69832.290634] blk_mq_sched_insert_requests+0x13e/0x390\n[69832.291629] blk_mq_flush_plug_list+0x4b4/0x760\n[69832.292538] blk_flush_plug_list+0x2c5/0x480\n[69832.293392] io_schedule_prepare+0xb2/0xd0\n[69832.294209] io_schedule_timeout+0x13/0x80\n[69832.295014] wait_for_common_io.constprop.1+0x13c/0x270\n[69832.296137] submit_bio_wait+0x103/0x1a0\n[69832.296932] blkdev_issue_discard+0xe6/0x160\n[69832.297794] blk_ioctl_discard+0x219/0x290\n[69832.298614] blkdev_common_ioctl+0x50a/0x1750\n[69832.304715] blkdev_ioctl+0x470/0x600\n[69832.305474] block_ioctl+0xde/0x120\n[69832.306232] vfs_ioctl+0x6c/0xc0\n[69832.306877] __se_sys_ioctl+0x90/0xa0\n[69832.307629] do_syscall_64+0x2d/0x40\n[69832.308362] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n[69832.309382]\n[69832.309701] Freed by task 155:\n[69832.310328] kasan_save_stack+0x19/0x40\n[69832.311121] kasan_set_track+0x1c/0x30\n[69832.311868] kasan_set_free_info+0x1b/0x30\n[69832.312699] __kasan_slab_free+0x111/0x160\n[69832.313524] kmem_cache_free+0x94/0x460\n[69832.314367] bfq_put_queue+0x582/0x940\n[69832.315112] __bfq_bfqd_reset_in_service+0x166/0x1d0\n[69832.317275] bfq_bfqq_expire+0xb27/0x2440\n[69832.318084] bfq_dispatch_request+0x697/0x44b0\n[69832.318991] __blk_mq_do_dispatch_sched+0x52f/0x830\n[69832.319984] __blk_mq_sched_dispatch_requests+0x398/0x4f0\n[69832.321087] blk_mq_sched_dispatch_requests+0xdf/0x140\n[69832.322225] __blk_mq_run_hw_queue+0xc0/0x270\n[69832.323114] blk_mq_run_work_fn+0x51/0x6\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49176",
"url": "https://www.suse.com/security/cve/CVE-2022-49176"
},
{
"category": "external",
"summary": "SUSE Bug 1238097 for CVE-2022-49176",
"url": "https://bugzilla.suse.com/1238097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49176"
},
{
"cve": "CVE-2022-49179",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49179"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: don\u0027t move oom_bfqq\n\nOur test report a UAF:\n\n[ 2073.019181] ==================================================================\n[ 2073.019188] BUG: KASAN: use-after-free in __bfq_put_async_bfqq+0xa0/0x168\n[ 2073.019191] Write of size 8 at addr ffff8000ccf64128 by task rmmod/72584\n[ 2073.019192]\n[ 2073.019196] CPU: 0 PID: 72584 Comm: rmmod Kdump: loaded Not tainted 4.19.90-yk #5\n[ 2073.019198] Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n[ 2073.019200] Call trace:\n[ 2073.019203] dump_backtrace+0x0/0x310\n[ 2073.019206] show_stack+0x28/0x38\n[ 2073.019210] dump_stack+0xec/0x15c\n[ 2073.019216] print_address_description+0x68/0x2d0\n[ 2073.019220] kasan_report+0x238/0x2f0\n[ 2073.019224] __asan_store8+0x88/0xb0\n[ 2073.019229] __bfq_put_async_bfqq+0xa0/0x168\n[ 2073.019233] bfq_put_async_queues+0xbc/0x208\n[ 2073.019236] bfq_pd_offline+0x178/0x238\n[ 2073.019240] blkcg_deactivate_policy+0x1f0/0x420\n[ 2073.019244] bfq_exit_queue+0x128/0x178\n[ 2073.019249] blk_mq_exit_sched+0x12c/0x160\n[ 2073.019252] elevator_exit+0xc8/0xd0\n[ 2073.019256] blk_exit_queue+0x50/0x88\n[ 2073.019259] blk_cleanup_queue+0x228/0x3d8\n[ 2073.019267] null_del_dev+0xfc/0x1e0 [null_blk]\n[ 2073.019274] null_exit+0x90/0x114 [null_blk]\n[ 2073.019278] __arm64_sys_delete_module+0x358/0x5a0\n[ 2073.019282] el0_svc_common+0xc8/0x320\n[ 2073.019287] el0_svc_handler+0xf8/0x160\n[ 2073.019290] el0_svc+0x10/0x218\n[ 2073.019291]\n[ 2073.019294] Allocated by task 14163:\n[ 2073.019301] kasan_kmalloc+0xe0/0x190\n[ 2073.019305] kmem_cache_alloc_node_trace+0x1cc/0x418\n[ 2073.019308] bfq_pd_alloc+0x54/0x118\n[ 2073.019313] blkcg_activate_policy+0x250/0x460\n[ 2073.019317] bfq_create_group_hierarchy+0x38/0x110\n[ 2073.019321] bfq_init_queue+0x6d0/0x948\n[ 2073.019325] blk_mq_init_sched+0x1d8/0x390\n[ 2073.019330] elevator_switch_mq+0x88/0x170\n[ 2073.019334] elevator_switch+0x140/0x270\n[ 2073.019338] elv_iosched_store+0x1a4/0x2a0\n[ 2073.019342] queue_attr_store+0x90/0xe0\n[ 2073.019348] sysfs_kf_write+0xa8/0xe8\n[ 2073.019351] kernfs_fop_write+0x1f8/0x378\n[ 2073.019359] __vfs_write+0xe0/0x360\n[ 2073.019363] vfs_write+0xf0/0x270\n[ 2073.019367] ksys_write+0xdc/0x1b8\n[ 2073.019371] __arm64_sys_write+0x50/0x60\n[ 2073.019375] el0_svc_common+0xc8/0x320\n[ 2073.019380] el0_svc_handler+0xf8/0x160\n[ 2073.019383] el0_svc+0x10/0x218\n[ 2073.019385]\n[ 2073.019387] Freed by task 72584:\n[ 2073.019391] __kasan_slab_free+0x120/0x228\n[ 2073.019394] kasan_slab_free+0x10/0x18\n[ 2073.019397] kfree+0x94/0x368\n[ 2073.019400] bfqg_put+0x64/0xb0\n[ 2073.019404] bfqg_and_blkg_put+0x90/0xb0\n[ 2073.019408] bfq_put_queue+0x220/0x228\n[ 2073.019413] __bfq_put_async_bfqq+0x98/0x168\n[ 2073.019416] bfq_put_async_queues+0xbc/0x208\n[ 2073.019420] bfq_pd_offline+0x178/0x238\n[ 2073.019424] blkcg_deactivate_policy+0x1f0/0x420\n[ 2073.019429] bfq_exit_queue+0x128/0x178\n[ 2073.019433] blk_mq_exit_sched+0x12c/0x160\n[ 2073.019437] elevator_exit+0xc8/0xd0\n[ 2073.019440] blk_exit_queue+0x50/0x88\n[ 2073.019443] blk_cleanup_queue+0x228/0x3d8\n[ 2073.019451] null_del_dev+0xfc/0x1e0 [null_blk]\n[ 2073.019459] null_exit+0x90/0x114 [null_blk]\n[ 2073.019462] __arm64_sys_delete_module+0x358/0x5a0\n[ 2073.019467] el0_svc_common+0xc8/0x320\n[ 2073.019471] el0_svc_handler+0xf8/0x160\n[ 2073.019474] el0_svc+0x10/0x218\n[ 2073.019475]\n[ 2073.019479] The buggy address belongs to the object at ffff8000ccf63f00\n which belongs to the cache kmalloc-1024 of size 1024\n[ 2073.019484] The buggy address is located 552 bytes inside of\n 1024-byte region [ffff8000ccf63f00, ffff8000ccf64300)\n[ 2073.019486] The buggy address belongs to the page:\n[ 2073.019492] page:ffff7e000333d800 count:1 mapcount:0 mapping:ffff8000c0003a00 index:0x0 compound_mapcount: 0\n[ 2073.020123] flags: 0x7ffff0000008100(slab|head)\n[ 2073.020403] raw: 07ffff0000008100 ffff7e0003334c08 ffff7e00001f5a08 ffff8000c0003a00\n[ 2073.020409] ra\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49179",
"url": "https://www.suse.com/security/cve/CVE-2022-49179"
},
{
"category": "external",
"summary": "SUSE Bug 1238092 for CVE-2022-49179",
"url": "https://bugzilla.suse.com/1238092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49179"
},
{
"cve": "CVE-2022-49188",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49188"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region\n\nThe device_node pointer is returned by of_parse_phandle() or\nof_get_child_by_name() with refcount incremented.\nWe should use of_node_put() on it when done.\n\nThis function only call of_node_put(node) when of_address_to_resource\nsucceeds, missing error cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49188",
"url": "https://www.suse.com/security/cve/CVE-2022-49188"
},
{
"category": "external",
"summary": "SUSE Bug 1238138 for CVE-2022-49188",
"url": "https://bugzilla.suse.com/1238138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49188"
},
{
"cve": "CVE-2022-49197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_netlink: Fix shift out of bounds in group mask calculation\n\nWhen a netlink message is received, netlink_recvmsg() fills in the address\nof the sender. One of the fields is the 32-bit bitfield nl_groups, which\ncarries the multicast group on which the message was received. The least\nsignificant bit corresponds to group 1, and therefore the highest group\nthat the field can represent is 32. Above that, the UB sanitizer flags the\nout-of-bounds shift attempts.\n\nWhich bits end up being set in such case is implementation defined, but\nit\u0027s either going to be a wrong non-zero value, or zero, which is at least\nnot misleading. Make the latter choice deterministic by always setting to 0\nfor higher-numbered multicast groups.\n\nTo get information about membership in groups \u003e= 32, userspace is expected\nto use nl_pktinfo control messages[0], which are enabled by NETLINK_PKTINFO\nsocket option.\n[0] https://lwn.net/Articles/147608/\n\nThe way to trigger this issue is e.g. through monitoring the BRVLAN group:\n\n\t# bridge monitor vlan \u0026\n\t# ip link add name br type bridge\n\nWhich produces the following citation:\n\n\tUBSAN: shift-out-of-bounds in net/netlink/af_netlink.c:162:19\n\tshift exponent 32 is too large for 32-bit type \u0027int\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49197",
"url": "https://www.suse.com/security/cve/CVE-2022-49197"
},
{
"category": "external",
"summary": "SUSE Bug 1238455 for CVE-2022-49197",
"url": "https://bugzilla.suse.com/1238455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49197"
},
{
"cve": "CVE-2022-49205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49205"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix double uncharge the mem of sk_msg\n\nIf tcp_bpf_sendmsg is running during a tear down operation, psock may be\nfreed.\n\ntcp_bpf_sendmsg()\n tcp_bpf_send_verdict()\n sk_msg_return()\n tcp_bpf_sendmsg_redir()\n unlikely(!psock))\n sk_msg_free()\n\nThe mem of msg has been uncharged in tcp_bpf_send_verdict() by\nsk_msg_return(), and would be uncharged by sk_msg_free() again. When psock\nis null, we can simply returning an error code, this would then trigger\nthe sk_msg_free_nocharge in the error path of __SK_REDIRECT and would have\nthe side effect of throwing an error up to user space. This would be a\nslight change in behavior from user side but would look the same as an\nerror if the redirect on the socket threw an error.\n\nThis issue can cause the following info:\nWARNING: CPU: 0 PID: 2136 at net/ipv4/af_inet.c:155 inet_sock_destruct+0x13c/0x260\nCall Trace:\n \u003cTASK\u003e\n __sk_destruct+0x24/0x1f0\n sk_psock_destroy+0x19b/0x1c0\n process_one_work+0x1b3/0x3c0\n worker_thread+0x30/0x350\n ? process_one_work+0x3c0/0x3c0\n kthread+0xe6/0x110\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49205",
"url": "https://www.suse.com/security/cve/CVE-2022-49205"
},
{
"category": "external",
"summary": "SUSE Bug 1238335 for CVE-2022-49205",
"url": "https://bugzilla.suse.com/1238335"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49205"
},
{
"cve": "CVE-2022-49232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49232"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes()\n\nIn amdgpu_dm_connector_add_common_modes(), amdgpu_dm_create_common_mode()\nis assigned to mode and is passed to drm_mode_probed_add() directly after\nthat. drm_mode_probed_add() passes \u0026mode-\u003ehead to list_add_tail(), and\nthere is a dereference of it in list_add_tail() without recoveries, which\ncould lead to NULL pointer dereference on failure of\namdgpu_dm_create_common_mode().\n\nFix this by adding a NULL check of mode.\n\nThis bug was found by a static analyzer.\n\nBuilds with \u0027make allyesconfig\u0027 show no new warnings,\nand our static analyzer no longer warns about this code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49232",
"url": "https://www.suse.com/security/cve/CVE-2022-49232"
},
{
"category": "external",
"summary": "SUSE Bug 1238139 for CVE-2022-49232",
"url": "https://bugzilla.suse.com/1238139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49232"
},
{
"cve": "CVE-2022-49290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac80211: fix potential double free on mesh join\n\nWhile commit 6a01afcf8468 (\"mac80211: mesh: Free ie data when leaving\nmesh\") fixed a memory leak on mesh leave / teardown it introduced a\npotential memory corruption caused by a double free when rejoining the\nmesh:\n\n ieee80211_leave_mesh()\n -\u003e kfree(sdata-\u003eu.mesh.ie);\n ...\n ieee80211_join_mesh()\n -\u003e copy_mesh_setup()\n -\u003e old_ie = ifmsh-\u003eie;\n -\u003e kfree(old_ie);\n\nThis double free / kernel panics can be reproduced by using wpa_supplicant\nwith an encrypted mesh (if set up without encryption via \"iw\" then\nifmsh-\u003eie is always NULL, which avoids this issue). And then calling:\n\n $ iw dev mesh0 mesh leave\n $ iw dev mesh0 mesh join my-mesh\n\nNote that typically these commands are not used / working when using\nwpa_supplicant. And it seems that wpa_supplicant or wpa_cli are going\nthrough a NETDEV_DOWN/NETDEV_UP cycle between a mesh leave and mesh join\nwhere the NETDEV_UP resets the mesh.ie to NULL via a memcpy of\ndefault_mesh_setup in cfg80211_netdev_notifier_call, which then avoids\nthe memory corruption, too.\n\nThe issue was first observed in an application which was not using\nwpa_supplicant but \"Senf\" instead, which implements its own calls to\nnl80211.\n\nFixing the issue by removing the kfree()\u0027ing of the mesh IE in the mesh\njoin function and leaving it solely up to the mesh leave to free the\nmesh IE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49290",
"url": "https://www.suse.com/security/cve/CVE-2022-49290"
},
{
"category": "external",
"summary": "SUSE Bug 1238156 for CVE-2022-49290",
"url": "https://bugzilla.suse.com/1238156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49290"
},
{
"cve": "CVE-2022-49305",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49305"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop()\n\nThere is a deadlock in ieee80211_beacons_stop(), which is shown below:\n\n (Thread 1) | (Thread 2)\n | ieee80211_send_beacon()\nieee80211_beacons_stop() | mod_timer()\n spin_lock_irqsave() //(1) | (wait a time)\n ... | ieee80211_send_beacon_cb()\n del_timer_sync() | spin_lock_irqsave() //(2)\n (wait timer to stop) | ...\n\nWe hold ieee-\u003ebeacon_lock in position (1) of thread 1 and use\ndel_timer_sync() to wait timer to stop, but timer handler\nalso need ieee-\u003ebeacon_lock in position (2) of thread 2.\nAs a result, ieee80211_beacons_stop() will block forever.\n\nThis patch extracts del_timer_sync() from the protection of\nspin_lock_irqsave(), which could let timer handler to obtain\nthe needed lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49305",
"url": "https://www.suse.com/security/cve/CVE-2022-49305"
},
{
"category": "external",
"summary": "SUSE Bug 1238645 for CVE-2022-49305",
"url": "https://bugzilla.suse.com/1238645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49305"
},
{
"cve": "CVE-2022-49325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: add accessors to read/set tp-\u003esnd_cwnd\n\nWe had various bugs over the years with code\nbreaking the assumption that tp-\u003esnd_cwnd is greater\nthan zero.\n\nLately, syzbot reported the WARN_ON_ONCE(!tp-\u003eprior_cwnd) added\nin commit 8b8a321ff72c (\"tcp: fix zero cwnd in tcp_cwnd_reduction\")\ncan trigger, and without a repro we would have to spend\nconsiderable time finding the bug.\n\nInstead of complaining too late, we want to catch where\nand when tp-\u003esnd_cwnd is set to an illegal value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49325",
"url": "https://www.suse.com/security/cve/CVE-2022-49325"
},
{
"category": "external",
"summary": "SUSE Bug 1238398 for CVE-2022-49325",
"url": "https://bugzilla.suse.com/1238398"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49325"
},
{
"cve": "CVE-2022-49335",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49335"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/cs: make commands with 0 chunks illegal behaviour.\n\nSubmitting a cs with 0 chunks, causes an oops later, found trying\nto execute the wrong userspace driver.\n\nMESA_LOADER_DRIVER_OVERRIDE=v3d glxinfo\n\n[172536.665184] BUG: kernel NULL pointer dereference, address: 00000000000001d8\n[172536.665188] #PF: supervisor read access in kernel mode\n[172536.665189] #PF: error_code(0x0000) - not-present page\n[172536.665191] PGD 6712a0067 P4D 6712a0067 PUD 5af9ff067 PMD 0\n[172536.665195] Oops: 0000 [#1] SMP NOPTI\n[172536.665197] CPU: 7 PID: 2769838 Comm: glxinfo Tainted: P O 5.10.81 #1-NixOS\n[172536.665199] Hardware name: To be filled by O.E.M. To be filled by O.E.M./CROSSHAIR V FORMULA-Z, BIOS 2201 03/23/2015\n[172536.665272] RIP: 0010:amdgpu_cs_ioctl+0x96/0x1ce0 [amdgpu]\n[172536.665274] Code: 75 18 00 00 4c 8b b2 88 00 00 00 8b 46 08 48 89 54 24 68 49 89 f7 4c 89 5c 24 60 31 d2 4c 89 74 24 30 85 c0 0f 85 c0 01 00 00 \u003c48\u003e 83 ba d8 01 00 00 00 48 8b b4 24 90 00 00 00 74 16 48 8b 46 10\n[172536.665276] RSP: 0018:ffffb47c0e81bbe0 EFLAGS: 00010246\n[172536.665277] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000\n[172536.665278] RDX: 0000000000000000 RSI: ffffb47c0e81be28 RDI: ffffb47c0e81bd68\n[172536.665279] RBP: ffff936524080010 R08: 0000000000000000 R09: ffffb47c0e81be38\n[172536.665281] R10: ffff936524080010 R11: ffff936524080000 R12: ffffb47c0e81bc40\n[172536.665282] R13: ffffb47c0e81be28 R14: ffff9367bc410000 R15: ffffb47c0e81be28\n[172536.665283] FS: 00007fe35e05d740(0000) GS:ffff936c1edc0000(0000) knlGS:0000000000000000\n[172536.665284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[172536.665286] CR2: 00000000000001d8 CR3: 0000000532e46000 CR4: 00000000000406e0\n[172536.665287] Call Trace:\n[172536.665322] ? amdgpu_cs_find_mapping+0x110/0x110 [amdgpu]\n[172536.665332] drm_ioctl_kernel+0xaa/0xf0 [drm]\n[172536.665338] drm_ioctl+0x201/0x3b0 [drm]\n[172536.665369] ? amdgpu_cs_find_mapping+0x110/0x110 [amdgpu]\n[172536.665372] ? selinux_file_ioctl+0x135/0x230\n[172536.665399] amdgpu_drm_ioctl+0x49/0x80 [amdgpu]\n[172536.665403] __x64_sys_ioctl+0x83/0xb0\n[172536.665406] do_syscall_64+0x33/0x40\n[172536.665409] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nBug: https://gitlab.freedesktop.org/drm/amd/-/issues/2018",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49335",
"url": "https://www.suse.com/security/cve/CVE-2022-49335"
},
{
"category": "external",
"summary": "SUSE Bug 1238377 for CVE-2022-49335",
"url": "https://bugzilla.suse.com/1238377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49335"
},
{
"cve": "CVE-2022-49351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49351"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: altera: Fix refcount leak in altera_tse_mdio_create\n\nEvery iteration of for_each_child_of_node() decrements\nthe reference count of the previous node.\nWhen break from a for_each_child_of_node() loop,\nwe need to explicitly call of_node_put() on the child node when\nnot need anymore.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49351",
"url": "https://www.suse.com/security/cve/CVE-2022-49351"
},
{
"category": "external",
"summary": "SUSE Bug 1237939 for CVE-2022-49351",
"url": "https://bugzilla.suse.com/1237939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49351"
},
{
"cve": "CVE-2022-49385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49385"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver: base: fix UAF when driver_attach failed\n\nWhen driver_attach(drv); failed, the driver_private will be freed.\nBut it has been added to the bus, which caused a UAF.\n\nTo fix it, we need to delete it from the bus when failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49385",
"url": "https://www.suse.com/security/cve/CVE-2022-49385"
},
{
"category": "external",
"summary": "SUSE Bug 1237951 for CVE-2022-49385",
"url": "https://bugzilla.suse.com/1237951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49385"
},
{
"cve": "CVE-2022-49390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49390"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmacsec: fix UAF bug for real_dev\n\nCreate a new macsec device but not get reference to real_dev. That can\nnot ensure that real_dev is freed after macsec. That will trigger the\nUAF bug for real_dev as following:\n\n==================================================================\nBUG: KASAN: use-after-free in macsec_get_iflink+0x5f/0x70 drivers/net/macsec.c:3662\nCall Trace:\n ...\n macsec_get_iflink+0x5f/0x70 drivers/net/macsec.c:3662\n dev_get_iflink+0x73/0xe0 net/core/dev.c:637\n default_operstate net/core/link_watch.c:42 [inline]\n rfc2863_policy+0x233/0x2d0 net/core/link_watch.c:54\n linkwatch_do_dev+0x2a/0x150 net/core/link_watch.c:161\n\nAllocated by task 22209:\n ...\n alloc_netdev_mqs+0x98/0x1100 net/core/dev.c:10549\n rtnl_create_link+0x9d7/0xc00 net/core/rtnetlink.c:3235\n veth_newlink+0x20e/0xa90 drivers/net/veth.c:1748\n\nFreed by task 8:\n ...\n kfree+0xd6/0x4d0 mm/slub.c:4552\n kvfree+0x42/0x50 mm/util.c:615\n device_release+0x9f/0x240 drivers/base/core.c:2229\n kobject_cleanup lib/kobject.c:673 [inline]\n kobject_release lib/kobject.c:704 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1c8/0x540 lib/kobject.c:721\n netdev_run_todo+0x72e/0x10b0 net/core/dev.c:10327\n\nAfter commit faab39f63c1f (\"net: allow out-of-order netdev unregistration\")\nand commit e5f80fcf869a (\"ipv6: give an IPv6 dev to blackhole_netdev\"), we\ncan add dev_hold_track() in macsec_dev_init() and dev_put_track() in\nmacsec_free_netdev() to fix the problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49390",
"url": "https://www.suse.com/security/cve/CVE-2022-49390"
},
{
"category": "external",
"summary": "SUSE Bug 1238233 for CVE-2022-49390",
"url": "https://bugzilla.suse.com/1238233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49390"
},
{
"cve": "CVE-2022-49411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49411"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbfq: Make sure bfqg for which we are queueing requests is online\n\nBios queued into BFQ IO scheduler can be associated with a cgroup that\nwas already offlined. This may then cause insertion of this bfq_group\ninto a service tree. But this bfq_group will get freed as soon as last\nbio associated with it is completed leading to use after free issues for\nservice tree users. Fix the problem by making sure we always operate on\nonline bfq_group. If the bfq_group associated with the bio is not\nonline, we pick the first online parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49411",
"url": "https://www.suse.com/security/cve/CVE-2022-49411"
},
{
"category": "external",
"summary": "SUSE Bug 1238307 for CVE-2022-49411",
"url": "https://bugzilla.suse.com/1238307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49411"
},
{
"cve": "CVE-2022-49442",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49442"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/base/node.c: fix compaction sysfs file leak\n\nCompaction sysfs file is created via compaction_register_node in\nregister_node. But we forgot to remove it in unregister_node. Thus\ncompaction sysfs file is leaked. Using compaction_unregister_node to fix\nthis issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49442",
"url": "https://www.suse.com/security/cve/CVE-2022-49442"
},
{
"category": "external",
"summary": "SUSE Bug 1238243 for CVE-2022-49442",
"url": "https://bugzilla.suse.com/1238243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49442"
},
{
"cve": "CVE-2022-49465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49465"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-throttle: Set BIO_THROTTLED when bio has been throttled\n\n1.In current process, all bio will set the BIO_THROTTLED flag\nafter __blk_throtl_bio().\n\n2.If bio needs to be throttled, it will start the timer and\nstop submit bio directly. Bio will submit in\nblk_throtl_dispatch_work_fn() when the timer expires.But in\nthe current process, if bio is throttled. The BIO_THROTTLED\nwill be set to bio after timer start. If the bio has been\ncompleted, it may cause use-after-free blow.\n\nBUG: KASAN: use-after-free in blk_throtl_bio+0x12f0/0x2c70\nRead of size 2 at addr ffff88801b8902d4 by task fio/26380\n\n dump_stack+0x9b/0xce\n print_address_description.constprop.6+0x3e/0x60\n kasan_report.cold.9+0x22/0x3a\n blk_throtl_bio+0x12f0/0x2c70\n submit_bio_checks+0x701/0x1550\n submit_bio_noacct+0x83/0xc80\n submit_bio+0xa7/0x330\n mpage_readahead+0x380/0x500\n read_pages+0x1c1/0xbf0\n page_cache_ra_unbounded+0x471/0x6f0\n do_page_cache_ra+0xda/0x110\n ondemand_readahead+0x442/0xae0\n page_cache_async_ra+0x210/0x300\n generic_file_buffered_read+0x4d9/0x2130\n generic_file_read_iter+0x315/0x490\n blkdev_read_iter+0x113/0x1b0\n aio_read+0x2ad/0x450\n io_submit_one+0xc8e/0x1d60\n __se_sys_io_submit+0x125/0x350\n do_syscall_64+0x2d/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nAllocated by task 26380:\n kasan_save_stack+0x19/0x40\n __kasan_kmalloc.constprop.2+0xc1/0xd0\n kmem_cache_alloc+0x146/0x440\n mempool_alloc+0x125/0x2f0\n bio_alloc_bioset+0x353/0x590\n mpage_alloc+0x3b/0x240\n do_mpage_readpage+0xddf/0x1ef0\n mpage_readahead+0x264/0x500\n read_pages+0x1c1/0xbf0\n page_cache_ra_unbounded+0x471/0x6f0\n do_page_cache_ra+0xda/0x110\n ondemand_readahead+0x442/0xae0\n page_cache_async_ra+0x210/0x300\n generic_file_buffered_read+0x4d9/0x2130\n generic_file_read_iter+0x315/0x490\n blkdev_read_iter+0x113/0x1b0\n aio_read+0x2ad/0x450\n io_submit_one+0xc8e/0x1d60\n __se_sys_io_submit+0x125/0x350\n do_syscall_64+0x2d/0x40\n entry_SYSCALL_64_after_hwframe+0x44/0xa9\n\nFreed by task 0:\n kasan_save_stack+0x19/0x40\n kasan_set_track+0x1c/0x30\n kasan_set_free_info+0x1b/0x30\n __kasan_slab_free+0x111/0x160\n kmem_cache_free+0x94/0x460\n mempool_free+0xd6/0x320\n bio_free+0xe0/0x130\n bio_put+0xab/0xe0\n bio_endio+0x3a6/0x5d0\n blk_update_request+0x590/0x1370\n scsi_end_request+0x7d/0x400\n scsi_io_completion+0x1aa/0xe50\n scsi_softirq_done+0x11b/0x240\n blk_mq_complete_request+0xd4/0x120\n scsi_mq_done+0xf0/0x200\n virtscsi_vq_done+0xbc/0x150\n vring_interrupt+0x179/0x390\n __handle_irq_event_percpu+0xf7/0x490\n handle_irq_event_percpu+0x7b/0x160\n handle_irq_event+0xcc/0x170\n handle_edge_irq+0x215/0xb20\n common_interrupt+0x60/0x120\n asm_common_interrupt+0x1e/0x40\n\nFix this by move BIO_THROTTLED set into the queue_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49465",
"url": "https://www.suse.com/security/cve/CVE-2022-49465"
},
{
"category": "external",
"summary": "SUSE Bug 1238919 for CVE-2022-49465",
"url": "https://bugzilla.suse.com/1238919"
},
{
"category": "external",
"summary": "SUSE Bug 1238920 for CVE-2022-49465",
"url": "https://bugzilla.suse.com/1238920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "important"
}
],
"title": "CVE-2022-49465"
},
{
"cve": "CVE-2022-49478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init\n\nSyzbot reported that -1 is used as array index. The problem was in\nmissing validation check.\n\nhdw-\u003eunit_number is initialized with -1 and then if init table walk fails\nthis value remains unchanged. Since code blindly uses this member for\narray indexing adding sanity check is the easiest fix for that.\n\nhdw-\u003eworkpoll initialization moved upper to prevent warning in\n__flush_work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49478",
"url": "https://www.suse.com/security/cve/CVE-2022-49478"
},
{
"category": "external",
"summary": "SUSE Bug 1238000 for CVE-2022-49478",
"url": "https://bugzilla.suse.com/1238000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49478"
},
{
"cve": "CVE-2022-49489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49489"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume\n\nBUG: Unable to handle kernel paging request at virtual address 006b6b6b6b6b6be3\n\nCall trace:\n dpu_vbif_init_memtypes+0x40/0xb8\n dpu_runtime_resume+0xcc/0x1c0\n pm_generic_runtime_resume+0x30/0x44\n __genpd_runtime_resume+0x68/0x7c\n genpd_runtime_resume+0x134/0x258\n __rpm_callback+0x98/0x138\n rpm_callback+0x30/0x88\n rpm_resume+0x36c/0x49c\n __pm_runtime_resume+0x80/0xb0\n dpu_core_irq_uninstall+0x30/0xb0\n dpu_irq_uninstall+0x18/0x24\n msm_drm_uninit+0xd8/0x16c\n\nPatchwork: https://patchwork.freedesktop.org/patch/483255/\n[DB: fixed Fixes tag]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49489",
"url": "https://www.suse.com/security/cve/CVE-2022-49489"
},
{
"category": "external",
"summary": "SUSE Bug 1238244 for CVE-2022-49489",
"url": "https://bugzilla.suse.com/1238244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49489"
},
{
"cve": "CVE-2022-49504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49504"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Inhibit aborts if external loopback plug is inserted\n\nAfter running a short external loopback test, when the external loopback is\nremoved and a normal cable inserted that is directly connected to a target\ndevice, the system oops in the llpfc_set_rrq_active() routine.\n\nWhen the loopback was inserted an FLOGI was transmit. As we\u0027re looped back,\nwe receive the FLOGI request. The FLOGI is ABTS\u0027d as we recognize the same\nwppn thus understand it\u0027s a loopback. However, as the ABTS sends address\ninformation the port is not set to (fffffe), the ABTS is dropped on the\nwire. A short 1 frame loopback test is run and completes before the ABTS\ntimes out. The looback is unplugged and the new cable plugged in, and the\nan FLOGI to the new device occurs and completes. Due to a mixup in ref\ncounting the completion of the new FLOGI releases the fabric ndlp. Then the\noriginal ABTS completes and references the released ndlp generating the\noops.\n\nCorrect by no-op\u0027ing the ABTS when in loopback mode (it will be dropped\nanyway). Added a flag to track the mode to recognize when it should be\nno-op\u0027d.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49504",
"url": "https://www.suse.com/security/cve/CVE-2022-49504"
},
{
"category": "external",
"summary": "SUSE Bug 1238835 for CVE-2022-49504",
"url": "https://bugzilla.suse.com/1238835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49504"
},
{
"cve": "CVE-2022-49521",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49521"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix resource leak in lpfc_sli4_send_seq_to_ulp()\n\nIf no handler is found in lpfc_complete_unsol_iocb() to match the rctl of a\nreceived frame, the frame is dropped and resources are leaked.\n\nFix by returning resources when discarding an unhandled frame type. Update\nlpfc_fc_frame_check() handling of NOP basic link service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49521",
"url": "https://www.suse.com/security/cve/CVE-2022-49521"
},
{
"category": "external",
"summary": "SUSE Bug 1238938 for CVE-2022-49521",
"url": "https://bugzilla.suse.com/1238938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49521"
},
{
"cve": "CVE-2022-49525",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49525"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx25821: Fix the warning when removing the module\n\nWhen removing the module, we will get the following warning:\n\n[ 14.746697] remove_proc_entry: removing non-empty directory \u0027irq/21\u0027, leaking at least \u0027cx25821[1]\u0027\n[ 14.747449] WARNING: CPU: 4 PID: 368 at fs/proc/generic.c:717 remove_proc_entry+0x389/0x3f0\n[ 14.751611] RIP: 0010:remove_proc_entry+0x389/0x3f0\n[ 14.759589] Call Trace:\n[ 14.759792] \u003cTASK\u003e\n[ 14.759975] unregister_irq_proc+0x14c/0x170\n[ 14.760340] irq_free_descs+0x94/0xe0\n[ 14.760640] mp_unmap_irq+0xb6/0x100\n[ 14.760937] acpi_unregister_gsi_ioapic+0x27/0x40\n[ 14.761334] acpi_pci_irq_disable+0x1d3/0x320\n[ 14.761688] pci_disable_device+0x1ad/0x380\n[ 14.762027] ? _raw_spin_unlock_irqrestore+0x2d/0x60\n[ 14.762442] ? cx25821_shutdown+0x20/0x9f0 [cx25821]\n[ 14.762848] cx25821_finidev+0x48/0xc0 [cx25821]\n[ 14.763242] pci_device_remove+0x92/0x240\n\nFix this by freeing the irq before call pci_disable_device().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49525",
"url": "https://www.suse.com/security/cve/CVE-2022-49525"
},
{
"category": "external",
"summary": "SUSE Bug 1238022 for CVE-2022-49525",
"url": "https://bugzilla.suse.com/1238022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49525"
},
{
"cve": "CVE-2022-49534",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49534"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Protect memory leak for NPIV ports sending PLOGI_RJT\n\nThere is a potential memory leak in lpfc_ignore_els_cmpl() and\nlpfc_els_rsp_reject() that was allocated from NPIV PLOGI_RJT\n(lpfc_rcv_plogi()\u0027s login_mbox).\n\nCheck if cmdiocb-\u003econtext_un.mbox was allocated in lpfc_ignore_els_cmpl(),\nand then free it back to phba-\u003embox_mem_pool along with mbox-\u003ectx_buf for\nservice parameters.\n\nFor lpfc_els_rsp_reject() failure, free both the ctx_buf for service\nparameters and the login_mbox.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49534",
"url": "https://www.suse.com/security/cve/CVE-2022-49534"
},
{
"category": "external",
"summary": "SUSE Bug 1238893 for CVE-2022-49534",
"url": "https://bugzilla.suse.com/1238893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "low"
}
],
"title": "CVE-2022-49534"
},
{
"cve": "CVE-2022-49535",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49535"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix null pointer dereference after failing to issue FLOGI and PLOGI\n\nIf lpfc_issue_els_flogi() fails and returns non-zero status, the node\nreference count is decremented to trigger the release of the nodelist\nstructure. However, if there is a prior registration or dev-loss-evt work\npending, the node may be released prematurely. When dev-loss-evt\ncompletes, the released node is referenced causing a use-after-free null\npointer dereference.\n\nSimilarly, when processing non-zero ELS PLOGI completion status in\nlpfc_cmpl_els_plogi(), the ndlp flags are checked for a transport\nregistration before triggering node removal. If dev-loss-evt work is\npending, the node may be released prematurely and a subsequent call to\nlpfc_dev_loss_tmo_handler() results in a use after free ndlp dereference.\n\nAdd test for pending dev-loss before decrementing the node reference count\nfor FLOGI, PLOGI, PRLI, and ADISC handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49535",
"url": "https://www.suse.com/security/cve/CVE-2022-49535"
},
{
"category": "external",
"summary": "SUSE Bug 1238937 for CVE-2022-49535",
"url": "https://bugzilla.suse.com/1238937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49535"
},
{
"cve": "CVE-2022-49536",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49536"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix SCSI I/O completion and abort handler deadlock\n\nDuring stress I/O tests with 500+ vports, hard LOCKUP call traces are\nobserved.\n\nCPU A:\n native_queued_spin_lock_slowpath+0x192\n _raw_spin_lock_irqsave+0x32\n lpfc_handle_fcp_err+0x4c6\n lpfc_fcp_io_cmd_wqe_cmpl+0x964\n lpfc_sli4_fp_handle_cqe+0x266\n __lpfc_sli4_process_cq+0x105\n __lpfc_sli4_hba_process_cq+0x3c\n lpfc_cq_poll_hdler+0x16\n irq_poll_softirq+0x76\n __softirqentry_text_start+0xe4\n irq_exit+0xf7\n do_IRQ+0x7f\n\nCPU B:\n native_queued_spin_lock_slowpath+0x5b\n _raw_spin_lock+0x1c\n lpfc_abort_handler+0x13e\n scmd_eh_abort_handler+0x85\n process_one_work+0x1a7\n worker_thread+0x30\n kthread+0x112\n ret_from_fork+0x1f\n\nDiagram of lockup:\n\nCPUA CPUB\n---- ----\nlpfc_cmd-\u003ebuf_lock\n phba-\u003ehbalock\n lpfc_cmd-\u003ebuf_lock\nphba-\u003ehbalock\n\nFix by reordering the taking of the lpfc_cmd-\u003ebuf_lock and phba-\u003ehbalock in\nlpfc_abort_handler routine so that it tries to take the lpfc_cmd-\u003ebuf_lock\nfirst before phba-\u003ehbalock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49536",
"url": "https://www.suse.com/security/cve/CVE-2022-49536"
},
{
"category": "external",
"summary": "SUSE Bug 1238838 for CVE-2022-49536",
"url": "https://bugzilla.suse.com/1238838"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49536"
},
{
"cve": "CVE-2022-49537",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49537"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix call trace observed during I/O with CMF enabled\n\nThe following was seen with CMF enabled:\n\nBUG: using smp_processor_id() in preemptible\ncode: systemd-udevd/31711\nkernel: caller is lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: CPU: 12 PID: 31711 Comm: systemd-udevd\nkernel: Call Trace:\nkernel: \u003cTASK\u003e\nkernel: dump_stack_lvl+0x44/0x57\nkernel: check_preemption_disabled+0xbf/0xe0\nkernel: lpfc_update_cmf_cmd+0x214/0x420 [lpfc]\nkernel: lpfc_nvme_fcp_io_submit+0x23b4/0x4df0 [lpfc]\n\nthis_cpu_ptr() calls smp_processor_id() in a preemptible context.\n\nFix by using per_cpu_ptr() with raw_smp_processor_id() instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49537",
"url": "https://www.suse.com/security/cve/CVE-2022-49537"
},
{
"category": "external",
"summary": "SUSE Bug 1238930 for CVE-2022-49537",
"url": "https://bugzilla.suse.com/1238930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49537"
},
{
"cve": "CVE-2022-49542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49542"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg()\n\nIn an attempt to log message 0126 with LOG_TRACE_EVENT, the following hard\nlockup call trace hangs the system.\n\nCall Trace:\n _raw_spin_lock_irqsave+0x32/0x40\n lpfc_dmp_dbg.part.32+0x28/0x220 [lpfc]\n lpfc_cmpl_els_fdisc+0x145/0x460 [lpfc]\n lpfc_sli_cancel_jobs+0x92/0xd0 [lpfc]\n lpfc_els_flush_cmd+0x43c/0x670 [lpfc]\n lpfc_els_flush_all_cmd+0x37/0x60 [lpfc]\n lpfc_sli4_async_event_proc+0x956/0x1720 [lpfc]\n lpfc_do_work+0x1485/0x1d70 [lpfc]\n kthread+0x112/0x130\n ret_from_fork+0x1f/0x40\nKernel panic - not syncing: Hard LOCKUP\n\nThe same CPU tries to claim the phba-\u003eport_list_lock twice.\n\nMove the cfg_log_verbose checks as part of the lpfc_printf_vlog() and\nlpfc_printf_log() macros before calling lpfc_dmp_dbg(). There is no need\nto take the phba-\u003eport_list_lock within lpfc_dmp_dbg().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49542",
"url": "https://www.suse.com/security/cve/CVE-2022-49542"
},
{
"category": "external",
"summary": "SUSE Bug 1238722 for CVE-2022-49542",
"url": "https://bugzilla.suse.com/1238722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49542"
},
{
"cve": "CVE-2022-49561",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49561"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: re-fetch conntrack after insertion\n\nIn case the conntrack is clashing, insertion can free skb-\u003e_nfct and\nset skb-\u003e_nfct to the already-confirmed entry.\n\nThis wasn\u0027t found before because the conntrack entry and the extension\nspace used to free\u0027d after an rcu grace period, plus the race needs\nevents enabled to trigger.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49561",
"url": "https://www.suse.com/security/cve/CVE-2022-49561"
},
{
"category": "external",
"summary": "SUSE Bug 1238537 for CVE-2022-49561",
"url": "https://bugzilla.suse.com/1238537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49561"
},
{
"cve": "CVE-2022-49590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigmp: Fix data-races around sysctl_igmp_llm_reports.\n\nWhile reading sysctl_igmp_llm_reports, it can be changed concurrently.\nThus, we need to add READ_ONCE() to its readers.\n\nThis test can be packed into a helper, so such changes will be in the\nfollow-up series after net is merged into net-next.\n\n if (ipv4_is_local_multicast(pmc-\u003emultiaddr) \u0026\u0026\n !READ_ONCE(net-\u003eipv4.sysctl_igmp_llm_reports))",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49590",
"url": "https://www.suse.com/security/cve/CVE-2022-49590"
},
{
"category": "external",
"summary": "SUSE Bug 1238844 for CVE-2022-49590",
"url": "https://bugzilla.suse.com/1238844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49590"
},
{
"cve": "CVE-2022-49658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals\n\nKuee reported a corner case where the tnum becomes constant after the call\nto __reg_bound_offset(), but the register\u0027s bounds are not, that is, its\nmin bounds are still not equal to the register\u0027s max bounds.\n\nThis in turn allows to leak pointers through turning a pointer register as\nis into an unknown scalar via adjust_ptr_min_max_vals().\n\nBefore:\n\n func#0 @0\n 0: R1=ctx(off=0,imm=0,umax=0,var_off=(0x0; 0x0)) R10=fp(off=0,imm=0,umax=0,var_off=(0x0; 0x0))\n 0: (b7) r0 = 1 ; R0_w=scalar(imm=1,umin=1,umax=1,var_off=(0x1; 0x0))\n 1: (b7) r3 = 0 ; R3_w=scalar(imm=0,umax=0,var_off=(0x0; 0x0))\n 2: (87) r3 = -r3 ; R3_w=scalar()\n 3: (87) r3 = -r3 ; R3_w=scalar()\n 4: (47) r3 |= 32767 ; R3_w=scalar(smin=-9223372036854743041,umin=32767,var_off=(0x7fff; 0xffffffffffff8000),s32_min=-2147450881)\n 5: (75) if r3 s\u003e= 0x0 goto pc+1 ; R3_w=scalar(umin=9223372036854808575,var_off=(0x8000000000007fff; 0x7fffffffffff8000),s32_min=-2147450881,u32_min=32767)\n 6: (95) exit\n\n from 5 to 7: R0=scalar(imm=1,umin=1,umax=1,var_off=(0x1; 0x0)) R1=ctx(off=0,imm=0,umax=0,var_off=(0x0; 0x0)) R3=scalar(umin=32767,umax=9223372036854775807,var_off=(0x7fff; 0x7fffffffffff8000),s32_min=-2147450881) R10=fp(off=0,imm=0,umax=0,var_off=(0x0; 0x0))\n 7: (d5) if r3 s\u003c= 0x8000 goto pc+1 ; R3=scalar(umin=32769,umax=9223372036854775807,var_off=(0x7fff; 0x7fffffffffff8000),s32_min=-2147450881,u32_min=32767)\n 8: (95) exit\n\n from 7 to 9: R0=scalar(imm=1,umin=1,umax=1,var_off=(0x1; 0x0)) R1=ctx(off=0,imm=0,umax=0,var_off=(0x0; 0x0)) R3=scalar(umin=32767,umax=32768,var_off=(0x7fff; 0x8000)) R10=fp(off=0,imm=0,umax=0,var_off=(0x0; 0x0))\n 9: (07) r3 += -32767 ; R3_w=scalar(imm=0,umax=1,var_off=(0x0; 0x0)) \u003c--- [*]\n 10: (95) exit\n\nWhat can be seen here is that R3=scalar(umin=32767,umax=32768,var_off=(0x7fff;\n0x8000)) after the operation R3 += -32767 results in a \u0027malformed\u0027 constant, that\nis, R3_w=scalar(imm=0,umax=1,var_off=(0x0; 0x0)). Intersecting with var_off has\nnot been done at that point via __update_reg_bounds(), which would have improved\nthe umax to be equal to umin.\n\nRefactor the tnum \u003c\u003e min/max bounds information flow into a reg_bounds_sync()\nhelper and use it consistently everywhere. After the fix, bounds have been\ncorrected to R3_w=scalar(imm=0,umax=0,var_off=(0x0; 0x0)) and thus the register\nis regarded as a \u0027proper\u0027 constant scalar of 0.\n\nAfter:\n\n func#0 @0\n 0: R1=ctx(off=0,imm=0,umax=0,var_off=(0x0; 0x0)) R10=fp(off=0,imm=0,umax=0,var_off=(0x0; 0x0))\n 0: (b7) r0 = 1 ; R0_w=scalar(imm=1,umin=1,umax=1,var_off=(0x1; 0x0))\n 1: (b7) r3 = 0 ; R3_w=scalar(imm=0,umax=0,var_off=(0x0; 0x0))\n 2: (87) r3 = -r3 ; R3_w=scalar()\n 3: (87) r3 = -r3 ; R3_w=scalar()\n 4: (47) r3 |= 32767 ; R3_w=scalar(smin=-9223372036854743041,umin=32767,var_off=(0x7fff; 0xffffffffffff8000),s32_min=-2147450881)\n 5: (75) if r3 s\u003e= 0x0 goto pc+1 ; R3_w=scalar(umin=9223372036854808575,var_off=(0x8000000000007fff; 0x7fffffffffff8000),s32_min=-2147450881,u32_min=32767)\n 6: (95) exit\n\n from 5 to 7: R0=scalar(imm=1,umin=1,umax=1,var_off=(0x1; 0x0)) R1=ctx(off=0,imm=0,umax=0,var_off=(0x0; 0x0)) R3=scalar(umin=32767,umax=9223372036854775807,var_off=(0x7fff; 0x7fffffffffff8000),s32_min=-2147450881) R10=fp(off=0,imm=0,umax=0,var_off=(0x0; 0x0))\n 7: (d5) if r3 s\u003c= 0x8000 goto pc+1 ; R3=scalar(umin=32769,umax=9223372036854775807,var_off=(0x7fff; 0x7fffffffffff8000),s32_min=-2147450881,u32_min=32767)\n 8: (95) exit\n\n from 7 to 9: R0=scalar(imm=1,umin=1,umax=1,var_off=(0x1; 0x0)) R1=ctx(off=0,imm=0,umax=0,var_off=(0x0; 0x0)) R3=scalar(umin=32767,umax=32768,var_off=(0x7fff; 0x8000)) R10=fp(off=0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49658",
"url": "https://www.suse.com/security/cve/CVE-2022-49658"
},
{
"category": "external",
"summary": "SUSE Bug 1238803 for CVE-2022-49658",
"url": "https://bugzilla.suse.com/1238803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49658"
},
{
"cve": "CVE-2022-49668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events\n\nof_get_child_by_name() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when done.\nThis function only calls of_node_put() in normal path,\nmissing it in error paths.\nAdd missing of_node_put() to avoid refcount leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49668",
"url": "https://www.suse.com/security/cve/CVE-2022-49668"
},
{
"category": "external",
"summary": "SUSE Bug 1237957 for CVE-2022-49668",
"url": "https://bugzilla.suse.com/1237957"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49668"
},
{
"cve": "CVE-2022-49693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf\n\nof_graph_get_remote_node() returns remote device node pointer with\nrefcount incremented, we should use of_node_put() on it\nwhen not need anymore.\nAdd missing of_node_put() to avoid refcount leak.\n\nPatchwork: https://patchwork.freedesktop.org/patch/488473/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49693",
"url": "https://www.suse.com/security/cve/CVE-2022-49693"
},
{
"category": "external",
"summary": "SUSE Bug 1237954 for CVE-2022-49693",
"url": "https://bugzilla.suse.com/1237954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49693"
},
{
"cve": "CVE-2022-49725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Fix call trace in setup_tx_descriptors\n\nAfter PF reset and ethtool -t there was call trace in dmesg\nsometimes leading to panic. When there was some time, around 5\nseconds, between reset and test there were no errors.\n\nProblem was that pf reset calls i40e_vsi_close in prep_for_reset\nand ethtool -t calls i40e_vsi_close in diag_test. If there was not\nenough time between those commands the second i40e_vsi_close starts\nbefore previous i40e_vsi_close was done which leads to crash.\n\nAdd check to diag_test if pf is in reset and don\u0027t start offline\ntests if it is true.\nAdd netif_info(\"testing failed\") into unhappy path of i40e_diag_test()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49725",
"url": "https://www.suse.com/security/cve/CVE-2022-49725"
},
{
"category": "external",
"summary": "SUSE Bug 1238016 for CVE-2022-49725",
"url": "https://bugzilla.suse.com/1238016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49725"
},
{
"cve": "CVE-2022-49728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix signed integer overflow in __ip6_append_data\n\nResurrect ubsan overflow checks and ubsan report this warning,\nfix it by change the variable [length] type to size_t.\n\nUBSAN: signed-integer-overflow in net/ipv6/ip6_output.c:1489:19\n2147479552 + 8567 cannot be represented in type \u0027int\u0027\nCPU: 0 PID: 253 Comm: err Not tainted 5.16.0+ #1\nHardware name: linux,dummy-virt (DT)\nCall trace:\n dump_backtrace+0x214/0x230\n show_stack+0x30/0x78\n dump_stack_lvl+0xf8/0x118\n dump_stack+0x18/0x30\n ubsan_epilogue+0x18/0x60\n handle_overflow+0xd0/0xf0\n __ubsan_handle_add_overflow+0x34/0x44\n __ip6_append_data.isra.48+0x1598/0x1688\n ip6_append_data+0x128/0x260\n udpv6_sendmsg+0x680/0xdd0\n inet6_sendmsg+0x54/0x90\n sock_sendmsg+0x70/0x88\n ____sys_sendmsg+0xe8/0x368\n ___sys_sendmsg+0x98/0xe0\n __sys_sendmmsg+0xf4/0x3b8\n __arm64_sys_sendmmsg+0x34/0x48\n invoke_syscall+0x64/0x160\n el0_svc_common.constprop.4+0x124/0x300\n do_el0_svc+0x44/0xc8\n el0_svc+0x3c/0x1e8\n el0t_64_sync_handler+0x88/0xb0\n el0t_64_sync+0x16c/0x170\n\nChanges since v1:\n-Change the variable [length] type to unsigned, as Eric Dumazet suggested.\nChanges since v2:\n-Don\u0027t change exthdrlen type in ip6_make_skb, as Paolo Abeni suggested.\nChanges since v3:\n-Don\u0027t change ulen type in udpv6_sendmsg and l2tp_ip6_sendmsg, as\nJakub Kicinski suggested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49728",
"url": "https://www.suse.com/security/cve/CVE-2022-49728"
},
{
"category": "external",
"summary": "SUSE Bug 1239111 for CVE-2022-49728",
"url": "https://bugzilla.suse.com/1239111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49728"
},
{
"cve": "CVE-2022-49730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Resolve NULL ptr dereference after an ELS LOGO is aborted\n\nA use-after-free crash can occur after an ELS LOGO is aborted.\n\nSpecifically, a nodelist structure is freed and then\nndlp-\u003evport-\u003ecfg_log_verbose is dereferenced in lpfc_nlp_get() when the\ndiscovery state machine is mistakenly called a second time with\nNLP_EVT_DEVICE_RM argument.\n\nRework lpfc_cmpl_els_logo() to prevent the duplicate calls to release a\nnodelist structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49730",
"url": "https://www.suse.com/security/cve/CVE-2022-49730"
},
{
"category": "external",
"summary": "SUSE Bug 1239070 for CVE-2022-49730",
"url": "https://bugzilla.suse.com/1239070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49730"
},
{
"cve": "CVE-2022-49749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: designware: use casting of u64 in clock multiplication to avoid overflow\n\nIn functions i2c_dw_scl_lcnt() and i2c_dw_scl_hcnt() may have overflow\nby depending on the values of the given parameters including the ic_clk.\nFor example in our use case where ic_clk is larger than one million,\nmultiplication of ic_clk * 4700 will result in 32 bit overflow.\n\nAdd cast of u64 to the calculation to avoid multiplication overflow, and\nuse the corresponding define for divide.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49749",
"url": "https://www.suse.com/security/cve/CVE-2022-49749"
},
{
"category": "external",
"summary": "SUSE Bug 1240243 for CVE-2022-49749",
"url": "https://bugzilla.suse.com/1240243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49749"
},
{
"cve": "CVE-2022-49753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-49753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: Fix double increment of client_count in dma_chan_get()\n\nThe first time dma_chan_get() is called for a channel the channel\nclient_count is incorrectly incremented twice for public channels,\nfirst in balance_ref_count(), and again prior to returning. This\nresults in an incorrect client count which will lead to the\nchannel resources not being freed when they should be. A simple\n test of repeated module load and unload of async_tx on a Dell\n Power Edge R7425 also shows this resulting in a kref underflow\n warning.\n\n[ 124.329662] async_tx: api initialized (async)\n[ 129.000627] async_tx: api initialized (async)\n[ 130.047839] ------------[ cut here ]------------\n[ 130.052472] refcount_t: underflow; use-after-free.\n[ 130.057279] WARNING: CPU: 3 PID: 19364 at lib/refcount.c:28\nrefcount_warn_saturate+0xba/0x110\n[ 130.065811] Modules linked in: async_tx(-) rfkill intel_rapl_msr\nintel_rapl_common amd64_edac edac_mce_amd ipmi_ssif kvm_amd dcdbas kvm\nmgag200 drm_shmem_helper acpi_ipmi irqbypass drm_kms_helper ipmi_si\nsyscopyarea sysfillrect rapl pcspkr ipmi_devintf sysimgblt fb_sys_fops\nk10temp i2c_piix4 ipmi_msghandler acpi_power_meter acpi_cpufreq vfat\nfat drm fuse xfs libcrc32c sd_mod t10_pi sg ahci crct10dif_pclmul\nlibahci crc32_pclmul crc32c_intel ghash_clmulni_intel igb megaraid_sas\ni40e libata i2c_algo_bit ccp sp5100_tco dca dm_mirror dm_region_hash\ndm_log dm_mod [last unloaded: async_tx]\n[ 130.117361] CPU: 3 PID: 19364 Comm: modprobe Kdump: loaded Not\ntainted 5.14.0-185.el9.x86_64 #1\n[ 130.126091] Hardware name: Dell Inc. PowerEdge R7425/02MJ3T, BIOS\n1.18.0 01/17/2022\n[ 130.133806] RIP: 0010:refcount_warn_saturate+0xba/0x110\n[ 130.139041] Code: 01 01 e8 6d bd 55 00 0f 0b e9 72 9d 8a 00 80 3d\n26 18 9c 01 00 75 85 48 c7 c7 f8 a3 03 9d c6 05 16 18 9c 01 01 e8 4a\nbd 55 00 \u003c0f\u003e 0b e9 4f 9d 8a 00 80 3d 01 18 9c 01 00 0f 85 5e ff ff ff\n48 c7\n[ 130.157807] RSP: 0018:ffffbf98898afe68 EFLAGS: 00010286\n[ 130.163036] RAX: 0000000000000000 RBX: ffff9da06028e598 RCX: 0000000000000000\n[ 130.170172] RDX: ffff9daf9de26480 RSI: ffff9daf9de198a0 RDI: ffff9daf9de198a0\n[ 130.177316] RBP: ffff9da7cddf3970 R08: 0000000000000000 R09: 00000000ffff7fff\n[ 130.184459] R10: ffffbf98898afd00 R11: ffffffff9d9e8c28 R12: ffff9da7cddf1970\n[ 130.191596] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 130.198739] FS: 00007f646435c740(0000) GS:ffff9daf9de00000(0000)\nknlGS:0000000000000000\n[ 130.206832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 130.212586] CR2: 00007f6463b214f0 CR3: 00000008ab98c000 CR4: 00000000003506e0\n[ 130.219729] Call Trace:\n[ 130.222192] \u003cTASK\u003e\n[ 130.224305] dma_chan_put+0x10d/0x110\n[ 130.227988] dmaengine_put+0x7a/0xa0\n[ 130.231575] __do_sys_delete_module.constprop.0+0x178/0x280\n[ 130.237157] ? syscall_trace_enter.constprop.0+0x145/0x1d0\n[ 130.242652] do_syscall_64+0x5c/0x90\n[ 130.246240] ? exc_page_fault+0x62/0x150\n[ 130.250178] entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[ 130.255243] RIP: 0033:0x7f6463a3f5ab\n[ 130.258830] Code: 73 01 c3 48 8b 0d 75 a8 1b 00 f7 d8 64 89 01 48\n83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 b0 00 00\n00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 45 a8 1b 00 f7 d8 64 89\n01 48\n[ 130.277591] RSP: 002b:00007fff22f972c8 EFLAGS: 00000206 ORIG_RAX:\n00000000000000b0\n[ 130.285164] RAX: ffffffffffffffda RBX: 000055b6786edd40 RCX: 00007f6463a3f5ab\n[ 130.292303] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 000055b6786edda8\n[ 130.299443] RBP: 000055b6786edd40 R08: 0000000000000000 R09: 0000000000000000\n[ 130.306584] R10: 00007f6463b9eac0 R11: 0000000000000206 R12: 000055b6786edda8\n[ 130.313731] R13: 0000000000000000 R14: 000055b6786edda8 R15: 00007fff22f995f8\n[ 130.320875] \u003c/TASK\u003e\n[ 130.323081] ---[ end trace eff7156d56b5cf25 ]---\n\ncat /sys/class/dma/dma0chan*/in_use would get the wrong result.\n2\n2\n2\n\nTest-by: Jie Hai \u003chaijie1@huawei.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-49753",
"url": "https://www.suse.com/security/cve/CVE-2022-49753"
},
{
"category": "external",
"summary": "SUSE Bug 1240250 for CVE-2022-49753",
"url": "https://bugzilla.suse.com/1240250"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2022-49753"
},
{
"cve": "CVE-2023-53023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: Fix use-after-free in local_cleanup()\n\nFix a use-after-free that occurs in kfree_skb() called from\nlocal_cleanup(). This could happen when killing nfc daemon (e.g. neard)\nafter detaching an nfc device.\nWhen detaching an nfc device, local_cleanup() called from\nnfc_llcp_unregister_device() frees local-\u003erx_pending and decreases\nlocal-\u003eref by kref_put() in nfc_llcp_local_put().\nIn the terminating process, nfc daemon releases all sockets and it leads\nto decreasing local-\u003eref. After the last release of local-\u003eref,\nlocal_cleanup() called from local_release() frees local-\u003erx_pending\nagain, which leads to the bug.\n\nSetting local-\u003erx_pending to NULL in local_cleanup() could prevent\nuse-after-free when local_cleanup() is called twice.\n\nFound by a modified version of syzkaller.\n\nBUG: KASAN: use-after-free in kfree_skb()\n\nCall Trace:\ndump_stack_lvl (lib/dump_stack.c:106)\nprint_address_description.constprop.0.cold (mm/kasan/report.c:306)\nkasan_check_range (mm/kasan/generic.c:189)\nkfree_skb (net/core/skbuff.c:955)\nlocal_cleanup (net/nfc/llcp_core.c:159)\nnfc_llcp_local_put.part.0 (net/nfc/llcp_core.c:172)\nnfc_llcp_local_put (net/nfc/llcp_core.c:181)\nllcp_sock_destruct (net/nfc/llcp_sock.c:959)\n__sk_destruct (net/core/sock.c:2133)\nsk_destruct (net/core/sock.c:2181)\n__sk_free (net/core/sock.c:2192)\nsk_free (net/core/sock.c:2203)\nllcp_sock_release (net/nfc/llcp_sock.c:646)\n__sock_release (net/socket.c:650)\nsock_close (net/socket.c:1365)\n__fput (fs/file_table.c:306)\ntask_work_run (kernel/task_work.c:179)\nptrace_notify (kernel/signal.c:2354)\nsyscall_exit_to_user_mode_prepare (kernel/entry/common.c:278)\nsyscall_exit_to_user_mode (kernel/entry/common.c:296)\ndo_syscall_64 (arch/x86/entry/common.c:86)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:106)\n\nAllocated by task 4719:\nkasan_save_stack (mm/kasan/common.c:45)\n__kasan_slab_alloc (mm/kasan/common.c:325)\nslab_post_alloc_hook (mm/slab.h:766)\nkmem_cache_alloc_node (mm/slub.c:3497)\n__alloc_skb (net/core/skbuff.c:552)\npn533_recv_response (drivers/nfc/pn533/usb.c:65)\n__usb_hcd_giveback_urb (drivers/usb/core/hcd.c:1671)\nusb_giveback_urb_bh (drivers/usb/core/hcd.c:1704)\ntasklet_action_common.isra.0 (kernel/softirq.c:797)\n__do_softirq (kernel/softirq.c:571)\n\nFreed by task 1901:\nkasan_save_stack (mm/kasan/common.c:45)\nkasan_set_track (mm/kasan/common.c:52)\nkasan_save_free_info (mm/kasan/genericdd.c:518)\n__kasan_slab_free (mm/kasan/common.c:236)\nkmem_cache_free (mm/slub.c:3809)\nkfree_skbmem (net/core/skbuff.c:874)\nkfree_skb (net/core/skbuff.c:931)\nlocal_cleanup (net/nfc/llcp_core.c:159)\nnfc_llcp_unregister_device (net/nfc/llcp_core.c:1617)\nnfc_unregister_device (net/nfc/core.c:1179)\npn53x_unregister_nfc (drivers/nfc/pn533/pn533.c:2846)\npn533_usb_disconnect (drivers/nfc/pn533/usb.c:579)\nusb_unbind_interface (drivers/usb/core/driver.c:458)\ndevice_release_driver_internal (drivers/base/dd.c:1279)\nbus_remove_device (drivers/base/bus.c:529)\ndevice_del (drivers/base/core.c:3665)\nusb_disable_device (drivers/usb/core/message.c:1420)\nusb_disconnect (drivers/usb/core.c:2261)\nhub_event (drivers/usb/core/hub.c:5833)\nprocess_one_work (arch/x86/include/asm/jump_label.h:27 include/linux/jump_label.h:212 include/trace/events/workqueue.h:108 kernel/workqueue.c:2281)\nworker_thread (include/linux/list.h:282 kernel/workqueue.c:2423)\nkthread (kernel/kthread.c:319)\nret_from_fork (arch/x86/entry/entry_64.S:301)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53023",
"url": "https://www.suse.com/security/cve/CVE-2023-53023"
},
{
"category": "external",
"summary": "SUSE Bug 1240309 for CVE-2023-53023",
"url": "https://bugzilla.suse.com/1240309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2023-53023"
},
{
"cve": "CVE-2023-53032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53032"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.\n\nWhen first_ip is 0, last_ip is 0xFFFFFFFF, and netmask is 31, the value of\nan arithmetic expression 2 \u003c\u003c (netmask - mask_bits - 1) is subject\nto overflow due to a failure casting operands to a larger data type\nbefore performing the arithmetic.\n\nNote that it\u0027s harmless since the value will be checked at the next step.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53032",
"url": "https://www.suse.com/security/cve/CVE-2023-53032"
},
{
"category": "external",
"summary": "SUSE Bug 1240270 for CVE-2023-53032",
"url": "https://bugzilla.suse.com/1240270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2023-53032"
},
{
"cve": "CVE-2024-46763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: Fix null-ptr-deref in GRO.\n\nWe observed a null-ptr-deref in fou_gro_receive() while shutting down\na host. [0]\n\nThe NULL pointer is sk-\u003esk_user_data, and the offset 8 is of protocol\nin struct fou.\n\nWhen fou_release() is called due to netns dismantle or explicit tunnel\nteardown, udp_tunnel_sock_release() sets NULL to sk-\u003esk_user_data.\nThen, the tunnel socket is destroyed after a single RCU grace period.\n\nSo, in-flight udp4_gro_receive() could find the socket and execute the\nFOU GRO handler, where sk-\u003esk_user_data could be NULL.\n\nLet\u0027s use rcu_dereference_sk_user_data() in fou_from_sock() and add NULL\nchecks in FOU GRO handlers.\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 80000001032f4067 P4D 80000001032f4067 PUD 103240067 PMD 0\nSMP PTI\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.10.216-204.855.amzn2.x86_64 #1\nHardware name: Amazon EC2 c5.large/, BIOS 1.0 10/16/2017\nRIP: 0010:fou_gro_receive (net/ipv4/fou.c:233) [fou]\nCode: 41 5f c3 cc cc cc cc e8 e7 2e 69 f4 0f 1f 80 00 00 00 00 0f 1f 44 00 00 49 89 f8 41 54 48 89 f7 48 89 d6 49 8b 80 88 02 00 00 \u003c0f\u003e b6 48 08 0f b7 42 4a 66 25 fd fd 80 cc 02 66 89 42 4a 0f b6 42\nRSP: 0018:ffffa330c0003d08 EFLAGS: 00010297\nRAX: 0000000000000000 RBX: ffff93d9e3a6b900 RCX: 0000000000000010\nRDX: ffff93d9e3a6b900 RSI: ffff93d9e3a6b900 RDI: ffff93dac2e24d08\nRBP: ffff93d9e3a6b900 R08: ffff93dacbce6400 R09: 0000000000000002\nR10: 0000000000000000 R11: ffffffffb5f369b0 R12: ffff93dacbce6400\nR13: ffff93dac2e24d08 R14: 0000000000000000 R15: ffffffffb4edd1c0\nFS: 0000000000000000(0000) GS:ffff93daee800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 0000000102140001 CR4: 00000000007706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259)\n ? __die_body.cold (arch/x86/kernel/dumpstack.c:478 arch/x86/kernel/dumpstack.c:420)\n ? no_context (arch/x86/mm/fault.c:752)\n ? exc_page_fault (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 arch/x86/mm/fault.c:1435 arch/x86/mm/fault.c:1483)\n ? asm_exc_page_fault (arch/x86/include/asm/idtentry.h:571)\n ? fou_gro_receive (net/ipv4/fou.c:233) [fou]\n udp_gro_receive (include/linux/netdevice.h:2552 net/ipv4/udp_offload.c:559)\n udp4_gro_receive (net/ipv4/udp_offload.c:604)\n inet_gro_receive (net/ipv4/af_inet.c:1549 (discriminator 7))\n dev_gro_receive (net/core/dev.c:6035 (discriminator 4))\n napi_gro_receive (net/core/dev.c:6170)\n ena_clean_rx_irq (drivers/amazon/net/ena/ena_netdev.c:1558) [ena]\n ena_io_poll (drivers/amazon/net/ena/ena_netdev.c:1742) [ena]\n napi_poll (net/core/dev.c:6847)\n net_rx_action (net/core/dev.c:6917)\n __do_softirq (arch/x86/include/asm/jump_label.h:25 include/linux/jump_label.h:200 include/trace/events/irq.h:142 kernel/softirq.c:299)\n asm_call_irq_on_stack (arch/x86/entry/entry_64.S:809)\n\u003c/IRQ\u003e\n do_softirq_own_stack (arch/x86/include/asm/irq_stack.h:27 arch/x86/include/asm/irq_stack.h:77 arch/x86/kernel/irq_64.c:77)\n irq_exit_rcu (kernel/softirq.c:393 kernel/softirq.c:423 kernel/softirq.c:435)\n common_interrupt (arch/x86/kernel/irq.c:239)\n asm_common_interrupt (arch/x86/include/asm/idtentry.h:626)\nRIP: 0010:acpi_idle_do_entry (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 drivers/acpi/processor_idle.c:114 drivers/acpi/processor_idle.c:575)\nCode: 8b 15 d1 3c c4 02 ed c3 cc cc cc cc 65 48 8b 04 25 40 ef 01 00 48 8b 00 a8 08 75 eb 0f 1f 44 00 00 0f 00 2d d5 09 55 00 fb f4 \u003cfa\u003e c3 cc cc cc cc e9 be fc ff ff 66 66 2e 0f 1f 84 00 00 00 00 00\nRSP: 0018:ffffffffb5603e58 EFLAGS: 00000246\nRAX: 0000000000004000 RBX: ffff93dac0929c00 RCX: ffff93daee833900\nRDX: ffff93daee800000 RSI: ffff93d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46763",
"url": "https://www.suse.com/security/cve/CVE-2024-46763"
},
{
"category": "external",
"summary": "SUSE Bug 1230764 for CVE-2024-46763",
"url": "https://bugzilla.suse.com/1230764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-46763"
},
{
"cve": "CVE-2024-46865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: fix initialization of grc\n\nThe grc must be initialize first. There can be a condition where if\nfou is NULL, goto out will be executed and grc would be used\nuninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46865",
"url": "https://www.suse.com/security/cve/CVE-2024-46865"
},
{
"category": "external",
"summary": "SUSE Bug 1231103 for CVE-2024-46865",
"url": "https://bugzilla.suse.com/1231103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-46865"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: avoid NFPROTO_UNSPEC where needed\n\nsyzbot managed to call xt_cluster match via ebtables:\n\n WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780\n [..]\n ebt_do_table+0x174b/0x2a40\n\nModule registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet\nprocessing. As this is only useful to restrict locally terminating\nTCP/UDP traffic, register this for ipv4 and ipv6 family only.\n\nPablo points out that this is a general issue, direct users of the\nset/getsockopt interface can call into targets/matches that were only\nintended for use with ip(6)tables.\n\nCheck all UNSPEC matches and targets for similar issues:\n\n- matches and targets are fine except if they assume skb_network_header()\n is valid -- this is only true when called from inet layer: ip(6) stack\n pulls the ip/ipv6 header into linear data area.\n- targets that return XT_CONTINUE or other xtables verdicts must be\n restricted too, they are incompatbile with the ebtables traverser, e.g.\n EBT_CONTINUE is a completely different value than XT_CONTINUE.\n\nMost matches/targets are changed to register for NFPROTO_IPV4/IPV6, as\nthey are provided for use by ip(6)tables.\n\nThe MARK target is also used by arptables, so register for NFPROTO_ARP too.\n\nWhile at it, bail out if connbytes fails to enable the corresponding\nconntrack family.\n\nThis change passes the selftests in iptables.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50038",
"url": "https://www.suse.com/security/cve/CVE-2024-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1231910 for CVE-2024-50038",
"url": "https://bugzilla.suse.com/1231910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-50038"
},
{
"cve": "CVE-2024-50272",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50272"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: Fix bounds checking in filemap_read()\n\nIf the caller supplies an iocb-\u003eki_pos value that is close to the\nfilesystem upper limit, and an iterator with a count that causes us to\noverflow that limit, then filemap_read() enters an infinite loop.\n\nThis behaviour was discovered when testing xfstests generic/525 with the\n\"localio\" optimisation for loopback NFS mounts.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50272",
"url": "https://www.suse.com/security/cve/CVE-2024-50272"
},
{
"category": "external",
"summary": "SUSE Bug 1233461 for CVE-2024-50272",
"url": "https://bugzilla.suse.com/1233461"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-50272"
},
{
"cve": "CVE-2024-52559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52559",
"url": "https://www.suse.com/security/cve/CVE-2024-52559"
},
{
"category": "external",
"summary": "SUSE Bug 1238507 for CVE-2024-52559",
"url": "https://bugzilla.suse.com/1238507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix not checking skb length on hci_acldata_packet\n\nThis fixes not checking if skb really contains an ACL header otherwise\nthe code may attempt to access some uninitilized/invalid memory past the\nvalid skb-\u003edata.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56590",
"url": "https://www.suse.com/security/cve/CVE-2024-56590"
},
{
"category": "external",
"summary": "SUSE Bug 1235038 for CVE-2024-56590",
"url": "https://bugzilla.suse.com/1235038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-56590"
},
{
"cve": "CVE-2024-56641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: initialize close_work early to avoid warning\n\nWe encountered a warning that close_work was canceled before\ninitialization.\n\n WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x1b0\n Workqueue: events smc_lgr_terminate_work [smc]\n RIP: 0010:__flush_work+0x19e/0x1b0\n Call Trace:\n ? __wake_up_common+0x7a/0x190\n ? work_busy+0x80/0x80\n __cancel_work_timer+0xe3/0x160\n smc_close_cancel_work+0x1a/0x70 [smc]\n smc_close_active_abort+0x207/0x360 [smc]\n __smc_lgr_terminate.part.38+0xc8/0x180 [smc]\n process_one_work+0x19e/0x340\n worker_thread+0x30/0x370\n ? process_one_work+0x340/0x340\n kthread+0x117/0x130\n ? __kthread_cancel_work+0x50/0x50\n ret_from_fork+0x22/0x30\n\nThis is because when smc_close_cancel_work is triggered, e.g. the RDMA\ndriver is rmmod and the LGR is terminated, the conn-\u003eclose_work is\nflushed before initialization, resulting in WARN_ON(!work-\u003efunc).\n\n__smc_lgr_terminate | smc_connect_{rdma|ism}\n-------------------------------------------------------------\n | smc_conn_create\n\t\t\t\t| \\- smc_lgr_register_conn\nfor conn in lgr-\u003econns_all |\n\\- smc_conn_kill |\n \\- smc_close_active_abort |\n \\- smc_close_cancel_work |\n \\- cancel_work_sync |\n \\- __flush_work |\n\t (close_work) |\n\t | smc_close_init\n\t | \\- INIT_WORK(\u0026close_work)\n\nSo fix this by initializing close_work before establishing the\nconnection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56641",
"url": "https://www.suse.com/security/cve/CVE-2024-56641"
},
{
"category": "external",
"summary": "SUSE Bug 1235526 for CVE-2024-56641",
"url": "https://bugzilla.suse.com/1235526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-56641"
},
{
"cve": "CVE-2024-57924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem \u003eencode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when -\u003eencode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of -\u003eencode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels \u003c v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels \u003c v6.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57924",
"url": "https://www.suse.com/security/cve/CVE-2024-57924"
},
{
"category": "external",
"summary": "SUSE Bug 1236086 for CVE-2024-57924",
"url": "https://bugzilla.suse.com/1236086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-57924"
},
{
"cve": "CVE-2024-57980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57980",
"url": "https://www.suse.com/security/cve/CVE-2024-57980"
},
{
"category": "external",
"summary": "SUSE Bug 1237911 for CVE-2024-57980",
"url": "https://bugzilla.suse.com/1237911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57981",
"url": "https://www.suse.com/security/cve/CVE-2024-57981"
},
{
"category": "external",
"summary": "SUSE Bug 1237912 for CVE-2024-57981",
"url": "https://bugzilla.suse.com/1237912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-58005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58005",
"url": "https://www.suse.com/security/cve/CVE-2024-58005"
},
{
"category": "external",
"summary": "SUSE Bug 1237873 for CVE-2024-58005",
"url": "https://bugzilla.suse.com/1237873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58009",
"url": "https://www.suse.com/security/cve/CVE-2024-58009"
},
{
"category": "external",
"summary": "SUSE Bug 1238760 for CVE-2024-58009",
"url": "https://bugzilla.suse.com/1238760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58017",
"url": "https://www.suse.com/security/cve/CVE-2024-58017"
},
{
"category": "external",
"summary": "SUSE Bug 1239112 for CVE-2024-58017",
"url": "https://bugzilla.suse.com/1239112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58063",
"url": "https://www.suse.com/security/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "SUSE Bug 1238984 for CVE-2024-58063",
"url": "https://bugzilla.suse.com/1238984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Fix link state exit during switch upstream function removal\n\nBefore 456d8aa37d0f (\"PCI/ASPM: Disable ASPM on MFD function removal to\navoid use-after-free\"), we would free the ASPM link only after the last\nfunction on the bus pertaining to the given link was removed.\n\nThat was too late. If function 0 is removed before sibling function,\nlink-\u003edownstream would point to free\u0027d memory after.\n\nAfter above change, we freed the ASPM parent link state upon any function\nremoval on the bus pertaining to a given link.\n\nThat is too early. If the link is to a PCIe switch with MFD on the upstream\nport, then removing functions other than 0 first would free a link which\nstill remains parent_link to the remaining downstream ports.\n\nThe resulting GPFs are especially frequent during hot-unplug, because\npciehp removes devices on the link bus in reverse order.\n\nOn that switch, function 0 is the virtual P2P bridge to the internal bus.\nFree exactly when function 0 is removed -- before the parent link is\nobsolete, but after all subordinate links are gone.\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58093",
"url": "https://www.suse.com/security/cve/CVE-2024-58093"
},
{
"category": "external",
"summary": "SUSE Bug 1241347 for CVE-2024-58093",
"url": "https://bugzilla.suse.com/1241347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2024-58093"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21735",
"url": "https://www.suse.com/security/cve/CVE-2025-21735"
},
{
"category": "external",
"summary": "SUSE Bug 1238497 for CVE-2025-21735",
"url": "https://bugzilla.suse.com/1238497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS: 00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21750",
"url": "https://www.suse.com/security/cve/CVE-2025-21750"
},
{
"category": "external",
"summary": "SUSE Bug 1238905 for CVE-2025-21750",
"url": "https://bugzilla.suse.com/1238905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21758",
"url": "https://www.suse.com/security/cve/CVE-2025-21758"
},
{
"category": "external",
"summary": "SUSE Bug 1238737 for CVE-2025-21758",
"url": "https://bugzilla.suse.com/1238737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels\n\nSome lwtunnels have a dst cache for post-transformation dst.\nIf the packet destination did not change we may end up recording\na reference to the lwtunnel in its own cache, and the lwtunnel\nstate will never be freed.\n\nDiscovered by the ioam6.sh test, kmemleak was recently fixed\nto catch per-cpu memory leaks. I\u0027m not sure if rpl and seg6\ncan actually hit this, but in principle I don\u0027t see why not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21768",
"url": "https://www.suse.com/security/cve/CVE-2025-21768"
},
{
"category": "external",
"summary": "SUSE Bug 1238714 for CVE-2025-21768",
"url": "https://bugzilla.suse.com/1238714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21768"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21779",
"url": "https://www.suse.com/security/cve/CVE-2025-21779"
},
{
"category": "external",
"summary": "SUSE Bug 1238768 for CVE-2025-21779",
"url": "https://bugzilla.suse.com/1238768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: let net.core.dev_weight always be non-zero\n\nThe following problem was encountered during stability test:\n\n(NULL net_device): NAPI poll function process_backlog+0x0/0x530 \\\n\treturned 1, exceeding its budget of 0.\n------------[ cut here ]------------\nlist_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \\\n\tnext=ffff88905f746e40.\nWARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \\\n\t__list_add_valid_or_report+0xf3/0x130\nCPU: 18 UID: 0 PID: 5462 Comm: ping Kdump: loaded Not tainted 6.13.0-rc7+\nRIP: 0010:__list_add_valid_or_report+0xf3/0x130\nCall Trace:\n? __warn+0xcd/0x250\n? __list_add_valid_or_report+0xf3/0x130\nenqueue_to_backlog+0x923/0x1070\nnetif_rx_internal+0x92/0x2b0\n__netif_rx+0x15/0x170\nloopback_xmit+0x2ef/0x450\ndev_hard_start_xmit+0x103/0x490\n__dev_queue_xmit+0xeac/0x1950\nip_finish_output2+0x6cc/0x1620\nip_output+0x161/0x270\nip_push_pending_frames+0x155/0x1a0\nraw_sendmsg+0xe13/0x1550\n__sys_sendto+0x3bf/0x4e0\n__x64_sys_sendto+0xdc/0x1b0\ndo_syscall_64+0x5b/0x170\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe reproduction command is as follows:\n sysctl -w net.core.dev_weight=0\n ping 127.0.0.1\n\nThis is because when the napi\u0027s weight is set to 0, process_backlog() may\nreturn 0 and clear the NAPI_STATE_SCHED bit of napi-\u003estate, causing this\nnapi to be re-polled in net_rx_action() until __do_softirq() times out.\nSince the NAPI_STATE_SCHED bit has been cleared, napi_schedule_rps() can\nbe retriggered in enqueue_to_backlog(), causing this issue.\n\nMaking the napi\u0027s weight always non-zero solves this problem.\n\nTriggering this issue requires system-wide admin (setting is\nnot namespaced).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21806",
"url": "https://www.suse.com/security/cve/CVE-2025-21806"
},
{
"category": "external",
"summary": "SUSE Bug 1238746 for CVE-2025-21806",
"url": "https://bugzilla.suse.com/1238746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21806"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: Reject the shared zeropage in uprobe_write_opcode()\n\nWe triggered the following crash in syzkaller tests:\n\n BUG: Bad page state in process syz.7.38 pfn:1eff3\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3\n flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)\n raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x32/0x50\n bad_page+0x69/0xf0\n free_unref_page_prepare+0x401/0x500\n free_unref_page+0x6d/0x1b0\n uprobe_write_opcode+0x460/0x8e0\n install_breakpoint.part.0+0x51/0x80\n register_for_each_vma+0x1d9/0x2b0\n __uprobe_register+0x245/0x300\n bpf_uprobe_multi_link_attach+0x29b/0x4f0\n link_create+0x1e2/0x280\n __sys_bpf+0x75f/0xac0\n __x64_sys_bpf+0x1a/0x30\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\n BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1\n\nThe following syzkaller test case can be used to reproduce:\n\n r2 = creat(\u0026(0x7f0000000000)=\u0027./file0\\x00\u0027, 0x8)\n write$nbd(r2, \u0026(0x7f0000000580)=ANY=[], 0x10)\n r4 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x42, 0x0)\n mmap$IORING_OFF_SQ_RING(\u0026(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)\n r5 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r5, 0xc018aa3f, \u0026(0x7f0000000040)={0xaa, 0x20})\n r6 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r6, 0xc018aa3f, \u0026(0x7f0000000140))\n ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, \u0026(0x7f0000000100)={{\u0026(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})\n ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, \u0026(0x7f0000000000)={{\u0026(0x7f0000ffd000/0x1000)=nil, 0x1000}})\n r7 = bpf$PROG_LOAD(0x5, \u0026(0x7f0000000140)={0x2, 0x3, \u0026(0x7f0000000200)=ANY=[@ANYBLOB=\"1800000000120000000000000000000095\"], \u0026(0x7f0000000000)=\u0027GPL\\x00\u0027, 0x7, 0x0, 0x0, 0x0, 0x0, \u0027\\x00\u0027, 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)\n bpf$BPF_LINK_CREATE_XDP(0x1c, \u0026(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={\u0026(0x7f0000000080)=\u0027./file0\\x00\u0027, \u0026(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40)\n\nThe cause is that zero pfn is set to the PTE without increasing the RSS\ncount in mfill_atomic_pte_zeropage() and the refcount of zero folio does\nnot increase accordingly. Then, the operation on the same pfn is performed\nin uprobe_write_opcode()-\u003e__replace_page() to unconditional decrease the\nRSS count and old_folio\u0027s refcount.\n\nTherefore, two bugs are introduced:\n\n 1. The RSS count is incorrect, when process exit, the check_mm() report\n error \"Bad rss-count\".\n\n 2. The reserved folio (zero folio) is freed when folio-\u003erefcount is zero,\n then free_pages_prepare-\u003efree_page_is_bad() report error\n \"Bad page state\".\n\nThere is more, the following warning could also theoretically be triggered:\n\n __replace_page()\n -\u003e ...\n -\u003e folio_remove_rmap_pte()\n -\u003e VM_WARN_ON_FOLIO(is_zero_folio(folio), folio)\n\nConsidering that uprobe hit on the zero folio is a very rare case, just\nreject zero old folio immediately after get_user_page_vma_remote().\n\n[ mingo: Cleaned up the changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21881",
"url": "https://www.suse.com/security/cve/CVE-2025-21881"
},
{
"category": "external",
"summary": "SUSE Bug 1240185 for CVE-2025-21881",
"url": "https://bugzilla.suse.com/1240185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21881"
},
{
"cve": "CVE-2025-21909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject cooked mode if it is set along with other flags\n\nIt is possible to set both MONITOR_FLAG_COOK_FRAMES and MONITOR_FLAG_ACTIVE\nflags simultaneously on the same monitor interface from the userspace. This\ncauses a sub-interface to be created with no IEEE80211_SDATA_IN_DRIVER bit\nset because the monitor interface is in the cooked state and it takes\nprecedence over all other states. When the interface is then being deleted\nthe kernel calls WARN_ONCE() from check_sdata_in_driver() because of missing\nthat bit.\n\nFix this by rejecting MONITOR_FLAG_COOK_FRAMES if it is set along with\nother flags.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21909",
"url": "https://www.suse.com/security/cve/CVE-2025-21909"
},
{
"category": "external",
"summary": "SUSE Bug 1240590 for CVE-2025-21909",
"url": "https://bugzilla.suse.com/1240590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21909"
},
{
"cve": "CVE-2025-21910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: regulatory: improve invalid hints checking\n\nSyzbot keeps reporting an issue [1] that occurs when erroneous symbols\nsent from userspace get through into user_alpha2[] via\nregulatory_hint_user() call. Such invalid regulatory hints should be\nrejected.\n\nWhile a sanity check from commit 47caf685a685 (\"cfg80211: regulatory:\nreject invalid hints\") looks to be enough to deter these very cases,\nthere is a way to get around it due to 2 reasons.\n\n1) The way isalpha() works, symbols other than latin lower and\nupper letters may be used to determine a country/domain.\nFor instance, greek letters will also be considered upper/lower\nletters and for such characters isalpha() will return true as well.\nHowever, ISO-3166-1 alpha2 codes should only hold latin\ncharacters.\n\n2) While processing a user regulatory request, between\nreg_process_hint_user() and regulatory_hint_user() there happens to\nbe a call to queue_regulatory_request() which modifies letters in\nrequest-\u003ealpha2[] with toupper(). This works fine for latin symbols,\nless so for weird letter characters from the second part of _ctype[].\n\nSyzbot triggers a warning in is_user_regdom_saved() by first sending\nover an unexpected non-latin letter that gets malformed by toupper()\ninto a character that ends up failing isalpha() check.\n\nPrevent this by enhancing is_an_alpha2() to ensure that incoming\nsymbols are latin letters and nothing else.\n\n[1] Syzbot report:\n------------[ cut here ]------------\nUnexpected user alpha2: A\ufffd\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 is_user_regdom_saved net/wireless/reg.c:440 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_alpha2 net/wireless/reg.c:3424 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\nModules linked in:\nCPU: 1 UID: 0 PID: 964 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_power_efficient crda_timeout_work\nRIP: 0010:is_user_regdom_saved net/wireless/reg.c:440 [inline]\nRIP: 0010:restore_alpha2 net/wireless/reg.c:3424 [inline]\nRIP: 0010:restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\n...\nCall Trace:\n \u003cTASK\u003e\n crda_timeout_work+0x27/0x50 net/wireless/reg.c:542\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21910",
"url": "https://www.suse.com/security/cve/CVE-2025-21910"
},
{
"category": "external",
"summary": "SUSE Bug 1240583 for CVE-2025-21910",
"url": "https://bugzilla.suse.com/1240583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21910"
},
{
"cve": "CVE-2025-21926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix ownership in __udp_gso_segment\n\nIn __udp_gso_segment the skb destructor is removed before segmenting the\nskb but the socket reference is kept as-is. This is an issue if the\noriginal skb is later orphaned as we can hit the following bug:\n\n kernel BUG at ./include/linux/skbuff.h:3312! (skb_orphan)\n RIP: 0010:ip_rcv_core+0x8b2/0xca0\n Call Trace:\n ip_rcv+0xab/0x6e0\n __netif_receive_skb_one_core+0x168/0x1b0\n process_backlog+0x384/0x1100\n __napi_poll.constprop.0+0xa1/0x370\n net_rx_action+0x925/0xe50\n\nThe above can happen following a sequence of events when using\nOpenVSwitch, when an OVS_ACTION_ATTR_USERSPACE action precedes an\nOVS_ACTION_ATTR_OUTPUT action:\n\n1. OVS_ACTION_ATTR_USERSPACE is handled (in do_execute_actions): the skb\n goes through queue_gso_packets and then __udp_gso_segment, where its\n destructor is removed.\n2. The segments\u0027 data are copied and sent to userspace.\n3. OVS_ACTION_ATTR_OUTPUT is handled (in do_execute_actions) and the\n same original skb is sent to its path.\n4. If it later hits skb_orphan, we hit the bug.\n\nFix this by also removing the reference to the socket in\n__udp_gso_segment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21926",
"url": "https://www.suse.com/security/cve/CVE-2025-21926"
},
{
"category": "external",
"summary": "SUSE Bug 1240712 for CVE-2025-21926",
"url": "https://bugzilla.suse.com/1240712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21926"
},
{
"cve": "CVE-2025-21927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()\n\nnvme_tcp_recv_pdu() doesn\u0027t check the validity of the header length.\nWhen header digests are enabled, a target might send a packet with an\ninvalid header length (e.g. 255), causing nvme_tcp_verify_hdgst()\nto access memory outside the allocated area and cause memory corruptions\nby overwriting it with the calculated digest.\n\nFix this by rejecting packets with an unexpected header length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21927",
"url": "https://www.suse.com/security/cve/CVE-2025-21927"
},
{
"category": "external",
"summary": "SUSE Bug 1240714 for CVE-2025-21927",
"url": "https://bugzilla.suse.com/1240714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21927"
},
{
"cve": "CVE-2025-21931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio\n\nCommit b15c87263a69 (\"hwpoison, memory_hotplug: allow hwpoisoned pages to\nbe offlined) add page poison checks in do_migrate_range in order to make\noffline hwpoisoned page possible by introducing isolate_lru_page and\ntry_to_unmap for hwpoisoned page. However folio lock must be held before\ncalling try_to_unmap. Add it to fix this problem.\n\nWarning will be produced if folio is not locked during unmap:\n\n ------------[ cut here ]------------\n kernel BUG at ./include/linux/swapops.h:400!\n Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n Modules linked in:\n CPU: 4 UID: 0 PID: 411 Comm: bash Tainted: G W 6.13.0-rc1-00016-g3c434c7ee82a-dirty #41\n Tainted: [W]=WARN\n Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015\n pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : try_to_unmap_one+0xb08/0xd3c\n lr : try_to_unmap_one+0x3dc/0xd3c\n Call trace:\n try_to_unmap_one+0xb08/0xd3c (P)\n try_to_unmap_one+0x3dc/0xd3c (L)\n rmap_walk_anon+0xdc/0x1f8\n rmap_walk+0x3c/0x58\n try_to_unmap+0x88/0x90\n unmap_poisoned_folio+0x30/0xa8\n do_migrate_range+0x4a0/0x568\n offline_pages+0x5a4/0x670\n memory_block_action+0x17c/0x374\n memory_subsys_offline+0x3c/0x78\n device_offline+0xa4/0xd0\n state_store+0x8c/0xf0\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x44/0x54\n kernfs_fop_write_iter+0x118/0x1a8\n vfs_write+0x3a8/0x4bc\n ksys_write+0x6c/0xf8\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x44/0x100\n el0_svc_common.constprop.0+0x40/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xd0\n el0t_64_sync_handler+0xc8/0xcc\n el0t_64_sync+0x198/0x19c\n Code: f9407be0 b5fff320 d4210000 17ffff97 (d4210000)\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21931",
"url": "https://www.suse.com/security/cve/CVE-2025-21931"
},
{
"category": "external",
"summary": "SUSE Bug 1240709 for CVE-2025-21931",
"url": "https://bugzilla.suse.com/1240709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21931"
},
{
"cve": "CVE-2025-21941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx-\u003eplane_state\nis null. The fix adds a check to ensure \u0027pipe_ctx-\u003eplane_state\u0027 is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21941",
"url": "https://www.suse.com/security/cve/CVE-2025-21941"
},
{
"category": "external",
"summary": "SUSE Bug 1240701 for CVE-2025-21941",
"url": "https://bugzilla.suse.com/1240701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21941"
},
{
"cve": "CVE-2025-21948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: appleir: Fix potential NULL dereference at raw event handle\n\nSyzkaller reports a NULL pointer dereference issue in input_event().\n\nBUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:68 [inline]\nBUG: KASAN: null-ptr-deref in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: null-ptr-deref in is_event_supported drivers/input/input.c:67 [inline]\nBUG: KASAN: null-ptr-deref in input_event+0x42/0xa0 drivers/input/input.c:395\nRead of size 8 at addr 0000000000000028 by task syz-executor199/2949\n\nCPU: 0 UID: 0 PID: 2949 Comm: syz-executor199 Not tainted 6.13.0-rc4-syzkaller-00076-gf097a36ef88d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n instrument_atomic_read include/linux/instrumented.h:68 [inline]\n _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n is_event_supported drivers/input/input.c:67 [inline]\n input_event+0x42/0xa0 drivers/input/input.c:395\n input_report_key include/linux/input.h:439 [inline]\n key_down drivers/hid/hid-appleir.c:159 [inline]\n appleir_raw_event+0x3e5/0x5e0 drivers/hid/hid-appleir.c:232\n __hid_input_report.constprop.0+0x312/0x440 drivers/hid/hid-core.c:2111\n hid_ctrl+0x49f/0x550 drivers/hid/usbhid/hid-core.c:484\n __usb_hcd_giveback_urb+0x389/0x6e0 drivers/usb/core/hcd.c:1650\n usb_hcd_giveback_urb+0x396/0x450 drivers/usb/core/hcd.c:1734\n dummy_timer+0x17f7/0x3960 drivers/usb/gadget/udc/dummy_hcd.c:1993\n __run_hrtimer kernel/time/hrtimer.c:1739 [inline]\n __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1803\n hrtimer_run_softirq+0x17d/0x350 kernel/time/hrtimer.c:1820\n handle_softirqs+0x206/0x8d0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xfa/0x160 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n __mod_timer+0x8f6/0xdc0 kernel/time/timer.c:1185\n add_timer+0x62/0x90 kernel/time/timer.c:1295\n schedule_timeout+0x11f/0x280 kernel/time/sleep_timeout.c:98\n usbhid_wait_io+0x1c7/0x380 drivers/hid/usbhid/hid-core.c:645\n usbhid_init_reports+0x19f/0x390 drivers/hid/usbhid/hid-core.c:784\n hiddev_ioctl+0x1133/0x15b0 drivers/hid/usbhid/hiddev.c:794\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThis happens due to the malformed report items sent by the emulated device\nwhich results in a report, that has no fields, being added to the report list.\nDue to this appleir_input_configured() is never called, hidinput_connect()\nfails which results in the HID_CLAIMED_INPUT flag is not being set. However,\nit does not make appleir_probe() fail and lets the event callback to be\ncalled without the associated input device.\n\nThus, add a check for the HID_CLAIMED_INPUT flag and leave the event hook\nearly if the driver didn\u0027t claim any input_dev for some reason. Moreover,\nsome other hid drivers accessing input_dev in their event callbacks do have\nsimilar checks, too.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21948",
"url": "https://www.suse.com/security/cve/CVE-2025-21948"
},
{
"category": "external",
"summary": "SUSE Bug 1240703 for CVE-2025-21948",
"url": "https://bugzilla.suse.com/1240703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21948"
},
{
"cve": "CVE-2025-21956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Assign normalized_pix_clk when color depth = 14\n\n[WHY \u0026 HOW]\nA warning message \"WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397\ncalculate_phy_pix_clks+0xef/0x100 [amdgpu]\" occurs because the\ndisplay_color_depth == COLOR_DEPTH_141414 is not handled. This is\nobserved in Radeon RX 6600 XT.\n\nIt is fixed by assigning pix_clk * (14 * 3) / 24 - same as the rests.\n\nAlso fixes the indentation in get_norm_pix_clk.\n\n(cherry picked from commit 274a87eb389f58eddcbc5659ab0b180b37e92775)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21956",
"url": "https://www.suse.com/security/cve/CVE-2025-21956"
},
{
"category": "external",
"summary": "SUSE Bug 1240739 for CVE-2025-21956",
"url": "https://bugzilla.suse.com/1240739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21956"
},
{
"cve": "CVE-2025-21957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla1280: Fix kernel oops when debug level \u003e 2\n\nA null dereference or oops exception will eventually occur when qla1280.c\ndriver is compiled with DEBUG_QLA1280 enabled and ql_debug_level \u003e 2. I\nthink its clear from the code that the intention here is sg_dma_len(s) not\nlength of sg_next(s) when printing the debug info.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21957",
"url": "https://www.suse.com/security/cve/CVE-2025-21957"
},
{
"category": "external",
"summary": "SUSE Bug 1240742 for CVE-2025-21957",
"url": "https://bugzilla.suse.com/1240742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21957"
},
{
"cve": "CVE-2025-21963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acdirmax mount option\n\nUser-provided mount parameter acdirmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21963",
"url": "https://www.suse.com/security/cve/CVE-2025-21963"
},
{
"category": "external",
"summary": "SUSE Bug 1240717 for CVE-2025-21963",
"url": "https://bugzilla.suse.com/1240717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21963"
},
{
"cve": "CVE-2025-21964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acregmax mount option\n\nUser-provided mount parameter acregmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21964",
"url": "https://www.suse.com/security/cve/CVE-2025-21964"
},
{
"category": "external",
"summary": "SUSE Bug 1240740 for CVE-2025-21964",
"url": "https://bugzilla.suse.com/1240740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21964"
},
{
"cve": "CVE-2025-21976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21976"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: hyperv_fb: Allow graceful removal of framebuffer\n\nWhen a Hyper-V framebuffer device is unbind, hyperv_fb driver tries to\nrelease the framebuffer forcefully. If this framebuffer is in use it\nproduce the following WARN and hence this framebuffer is never released.\n\n[ 44.111220] WARNING: CPU: 35 PID: 1882 at drivers/video/fbdev/core/fb_info.c:70 framebuffer_release+0x2c/0x40\n\u003c snip \u003e\n[ 44.111289] Call Trace:\n[ 44.111290] \u003cTASK\u003e\n[ 44.111291] ? show_regs+0x6c/0x80\n[ 44.111295] ? __warn+0x8d/0x150\n[ 44.111298] ? framebuffer_release+0x2c/0x40\n[ 44.111300] ? report_bug+0x182/0x1b0\n[ 44.111303] ? handle_bug+0x6e/0xb0\n[ 44.111306] ? exc_invalid_op+0x18/0x80\n[ 44.111308] ? asm_exc_invalid_op+0x1b/0x20\n[ 44.111311] ? framebuffer_release+0x2c/0x40\n[ 44.111313] ? hvfb_remove+0x86/0xa0 [hyperv_fb]\n[ 44.111315] vmbus_remove+0x24/0x40 [hv_vmbus]\n[ 44.111323] device_remove+0x40/0x80\n[ 44.111325] device_release_driver_internal+0x20b/0x270\n[ 44.111327] ? bus_find_device+0xb3/0xf0\n\nFix this by moving the release of framebuffer and assosiated memory\nto fb_ops.fb_destroy function, so that framebuffer framework handles\nit gracefully.\n\nWhile we fix this, also replace manual registrations/unregistration of\nframebuffer with devm_register_framebuffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21976",
"url": "https://www.suse.com/security/cve/CVE-2025-21976"
},
{
"category": "external",
"summary": "SUSE Bug 1241145 for CVE-2025-21976",
"url": "https://bugzilla.suse.com/1241145"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-21976"
},
{
"cve": "CVE-2025-22004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atm: fix use after free in lec_send()\n\nThe -\u003esend() operation frees skb so save the length before calling\n-\u003esend() to avoid a use after free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22004",
"url": "https://www.suse.com/security/cve/CVE-2025-22004"
},
{
"category": "external",
"summary": "SUSE Bug 1240835 for CVE-2025-22004",
"url": "https://bugzilla.suse.com/1240835"
},
{
"category": "external",
"summary": "SUSE Bug 1241090 for CVE-2025-22004",
"url": "https://bugzilla.suse.com/1241090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "important"
}
],
"title": "CVE-2025-22004"
},
{
"cve": "CVE-2025-22008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: check that dummy regulator has been probed before using it\n\nDue to asynchronous driver probing there is a chance that the dummy\nregulator hasn\u0027t already been probed when first accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22008",
"url": "https://www.suse.com/security/cve/CVE-2025-22008"
},
{
"category": "external",
"summary": "SUSE Bug 1240942 for CVE-2025-22008",
"url": "https://bugzilla.suse.com/1240942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-22008"
},
{
"cve": "CVE-2025-22010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup during bt pages loop\n\nDriver runs a for-loop when allocating bt pages and mapping them with\nbuffer pages. When a large buffer (e.g. MR over 100GB) is being allocated,\nit may require a considerable loop count. This will lead to soft lockup:\n\n watchdog: BUG: soft lockup - CPU#27 stuck for 22s!\n ...\n Call trace:\n hem_list_alloc_mid_bt+0x124/0x394 [hns_roce_hw_v2]\n hns_roce_hem_list_request+0xf8/0x160 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x2e4/0x360 [hns_roce_hw_v2]\n alloc_mr_pbl+0xd4/0x17c [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0xf8/0x190 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x118/0x290\n\n watchdog: BUG: soft lockup - CPU#35 stuck for 23s!\n ...\n Call trace:\n hns_roce_hem_list_find_mtt+0x7c/0xb0 [hns_roce_hw_v2]\n mtr_map_bufs+0xc4/0x204 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x31c/0x3c4 [hns_roce_hw_v2]\n alloc_mr_pbl+0xb0/0x160 [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0x108/0x1c0 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x120/0x2bc\n\nAdd a cond_resched() to fix soft lockup during these loops. In order not\nto affect the allocation performance of normal-size buffer, set the loop\ncount of a 100GB MR as the threshold to call cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22010",
"url": "https://www.suse.com/security/cve/CVE-2025-22010"
},
{
"category": "external",
"summary": "SUSE Bug 1240943 for CVE-2025-22010",
"url": "https://bugzilla.suse.com/1240943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-22010"
},
{
"cve": "CVE-2025-22018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Fix NULL pointer dereference\n\nWhen MPOA_cache_impos_rcvd() receives the msg, it can trigger\nNull Pointer Dereference Vulnerability if both entry and\nholding_time are NULL. Because there is only for the situation\nwhere entry is NULL and holding_time exists, it can be passed\nwhen both entry and holding_time are NULL. If these are NULL,\nthe entry will be passd to eg_cache_put() as parameter and\nit is referenced by entry-\u003euse code in it.\n\nkasan log:\n\n[ 3.316691] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006:I\n[ 3.317568] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 3.318188] CPU: 3 UID: 0 PID: 79 Comm: ex Not tainted 6.14.0-rc2 #102\n[ 3.318601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n[ 3.319298] RIP: 0010:eg_cache_remove_entry+0xa5/0x470\n[ 3.319677] Code: c1 f7 6e fd 48 c7 c7 00 7e 38 b2 e8 95 64 54 fd 48 c7 c7 40 7e 38 b2 48 89 ee e80\n[ 3.321220] RSP: 0018:ffff88800583f8a8 EFLAGS: 00010006\n[ 3.321596] RAX: 0000000000000006 RBX: ffff888005989000 RCX: ffffffffaecc2d8e\n[ 3.322112] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000030\n[ 3.322643] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff6558b88\n[ 3.323181] R10: 0000000000000003 R11: 203a207972746e65 R12: 1ffff11000b07f15\n[ 3.323707] R13: dffffc0000000000 R14: ffff888005989000 R15: ffff888005989068\n[ 3.324185] FS: 000000001b6313c0(0000) GS:ffff88806d380000(0000) knlGS:0000000000000000\n[ 3.325042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.325545] CR2: 00000000004b4b40 CR3: 000000000248e000 CR4: 00000000000006f0\n[ 3.326430] Call Trace:\n[ 3.326725] \u003cTASK\u003e\n[ 3.326927] ? die_addr+0x3c/0xa0\n[ 3.327330] ? exc_general_protection+0x161/0x2a0\n[ 3.327662] ? asm_exc_general_protection+0x26/0x30\n[ 3.328214] ? vprintk_emit+0x15e/0x420\n[ 3.328543] ? eg_cache_remove_entry+0xa5/0x470\n[ 3.328910] ? eg_cache_remove_entry+0x9a/0x470\n[ 3.329294] ? __pfx_eg_cache_remove_entry+0x10/0x10\n[ 3.329664] ? console_unlock+0x107/0x1d0\n[ 3.329946] ? __pfx_console_unlock+0x10/0x10\n[ 3.330283] ? do_syscall_64+0xa6/0x1a0\n[ 3.330584] ? entry_SYSCALL_64_after_hwframe+0x47/0x7f\n[ 3.331090] ? __pfx_prb_read_valid+0x10/0x10\n[ 3.331395] ? down_trylock+0x52/0x80\n[ 3.331703] ? vprintk_emit+0x15e/0x420\n[ 3.331986] ? __pfx_vprintk_emit+0x10/0x10\n[ 3.332279] ? down_trylock+0x52/0x80\n[ 3.332527] ? _printk+0xbf/0x100\n[ 3.332762] ? __pfx__printk+0x10/0x10\n[ 3.333007] ? _raw_write_lock_irq+0x81/0xe0\n[ 3.333284] ? __pfx__raw_write_lock_irq+0x10/0x10\n[ 3.333614] msg_from_mpoad+0x1185/0x2750\n[ 3.333893] ? __build_skb_around+0x27b/0x3a0\n[ 3.334183] ? __pfx_msg_from_mpoad+0x10/0x10\n[ 3.334501] ? __alloc_skb+0x1c0/0x310\n[ 3.334809] ? __pfx___alloc_skb+0x10/0x10\n[ 3.335283] ? _raw_spin_lock+0xe0/0xe0\n[ 3.335632] ? finish_wait+0x8d/0x1e0\n[ 3.335975] vcc_sendmsg+0x684/0xba0\n[ 3.336250] ? __pfx_vcc_sendmsg+0x10/0x10\n[ 3.336587] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 3.337056] ? fdget+0x176/0x3e0\n[ 3.337348] __sys_sendto+0x4a2/0x510\n[ 3.337663] ? __pfx___sys_sendto+0x10/0x10\n[ 3.337969] ? ioctl_has_perm.constprop.0.isra.0+0x284/0x400\n[ 3.338364] ? sock_ioctl+0x1bb/0x5a0\n[ 3.338653] ? __rseq_handle_notify_resume+0x825/0xd20\n[ 3.339017] ? __pfx_sock_ioctl+0x10/0x10\n[ 3.339316] ? __pfx___rseq_handle_notify_resume+0x10/0x10\n[ 3.339727] ? selinux_file_ioctl+0xa4/0x260\n[ 3.340166] __x64_sys_sendto+0xe0/0x1c0\n[ 3.340526] ? syscall_exit_to_user_mode+0x123/0x140\n[ 3.340898] do_syscall_64+0xa6/0x1a0\n[ 3.341170] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 3.341533] RIP: 0033:0x44a380\n[ 3.341757] Code: 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c00\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22018",
"url": "https://www.suse.com/security/cve/CVE-2025-22018"
},
{
"category": "external",
"summary": "SUSE Bug 1241266 for CVE-2025-22018",
"url": "https://bugzilla.suse.com/1241266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-22018"
},
{
"cve": "CVE-2025-22053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ibmveth: make veth_pool_store stop hanging\n\nv2:\n- Created a single error handling unlock and exit in veth_pool_store\n- Greatly expanded commit message with previous explanatory-only text\n\nSummary: Use rtnl_mutex to synchronize veth_pool_store with itself,\nibmveth_close and ibmveth_open, preventing multiple calls in a row to\nnapi_disable.\n\nBackground: Two (or more) threads could call veth_pool_store through\nwriting to /sys/devices/vio/30000002/pool*/*. You can do this easily\nwith a little shell script. This causes a hang.\n\nI configured LOCKDEP, compiled ibmveth.c with DEBUG, and built a new\nkernel. I ran this test again and saw:\n\n Setting pool0/active to 0\n Setting pool1/active to 1\n [ 73.911067][ T4365] ibmveth 30000002 eth0: close starting\n Setting pool1/active to 1\n Setting pool1/active to 0\n [ 73.911367][ T4366] ibmveth 30000002 eth0: close starting\n [ 73.916056][ T4365] ibmveth 30000002 eth0: close complete\n [ 73.916064][ T4365] ibmveth 30000002 eth0: open starting\n [ 110.808564][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 230.808495][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 243.683786][ T123] INFO: task stress.sh:4365 blocked for more than 122 seconds.\n [ 243.683827][ T123] Not tainted 6.14.0-01103-g2df0c02dab82-dirty #8\n [ 243.683833][ T123] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n [ 243.683838][ T123] task:stress.sh state:D stack:28096 pid:4365 tgid:4365 ppid:4364 task_flags:0x400040 flags:0x00042000\n [ 243.683852][ T123] Call Trace:\n [ 243.683857][ T123] [c00000000c38f690] [0000000000000001] 0x1 (unreliable)\n [ 243.683868][ T123] [c00000000c38f840] [c00000000001f908] __switch_to+0x318/0x4e0\n [ 243.683878][ T123] [c00000000c38f8a0] [c000000001549a70] __schedule+0x500/0x12a0\n [ 243.683888][ T123] [c00000000c38f9a0] [c00000000154a878] schedule+0x68/0x210\n [ 243.683896][ T123] [c00000000c38f9d0] [c00000000154ac80] schedule_preempt_disabled+0x30/0x50\n [ 243.683904][ T123] [c00000000c38fa00] [c00000000154dbb0] __mutex_lock+0x730/0x10f0\n [ 243.683913][ T123] [c00000000c38fb10] [c000000001154d40] napi_enable+0x30/0x60\n [ 243.683921][ T123] [c00000000c38fb40] [c000000000f4ae94] ibmveth_open+0x68/0x5dc\n [ 243.683928][ T123] [c00000000c38fbe0] [c000000000f4aa20] veth_pool_store+0x220/0x270\n [ 243.683936][ T123] [c00000000c38fc70] [c000000000826278] sysfs_kf_write+0x68/0xb0\n [ 243.683944][ T123] [c00000000c38fcb0] [c0000000008240b8] kernfs_fop_write_iter+0x198/0x2d0\n [ 243.683951][ T123] [c00000000c38fd00] [c00000000071b9ac] vfs_write+0x34c/0x650\n [ 243.683958][ T123] [c00000000c38fdc0] [c00000000071bea8] ksys_write+0x88/0x150\n [ 243.683966][ T123] [c00000000c38fe10] [c0000000000317f4] system_call_exception+0x124/0x340\n [ 243.683973][ T123] [c00000000c38fe50] [c00000000000d05c] system_call_vectored_common+0x15c/0x2ec\n ...\n [ 243.684087][ T123] Showing all locks held in the system:\n [ 243.684095][ T123] 1 lock held by khungtaskd/123:\n [ 243.684099][ T123] #0: c00000000278e370 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x50/0x248\n [ 243.684114][ T123] 4 locks held by stress.sh/4365:\n [ 243.684119][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.684132][ T123] #1: c000000041aea888 (\u0026of-\u003emutex#2){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x154/0x2d0\n [ 243.684143][ T123] #2: c0000000366fb9a8 (kn-\u003eactive#64){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x160/0x2d0\n [ 243.684155][ T123] #3: c000000035ff4cb8 (\u0026dev-\u003elock){+.+.}-{3:3}, at: napi_enable+0x30/0x60\n [ 243.684166][ T123] 5 locks held by stress.sh/4366:\n [ 243.684170][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22053",
"url": "https://www.suse.com/security/cve/CVE-2025-22053"
},
{
"category": "external",
"summary": "SUSE Bug 1241373 for CVE-2025-22053",
"url": "https://bugzilla.suse.com/1241373"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-22053"
},
{
"cve": "CVE-2025-22055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix geneve_opt length integer overflow\n\nstruct geneve_opt uses 5 bit length for each single option, which\nmeans every vary size option should be smaller than 128 bytes.\n\nHowever, all current related Netlink policies cannot promise this\nlength condition and the attacker can exploit a exact 128-byte size\noption to *fake* a zero length option and confuse the parsing logic,\nfurther achieve heap out-of-bounds read.\n\nOne example crash log is like below:\n\n[ 3.905425] ==================================================================\n[ 3.905925] BUG: KASAN: slab-out-of-bounds in nla_put+0xa9/0xe0\n[ 3.906255] Read of size 124 at addr ffff888005f291cc by task poc/177\n[ 3.906646]\n[ 3.906775] CPU: 0 PID: 177 Comm: poc-oob-read Not tainted 6.1.132 #1\n[ 3.907131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 3.907784] Call Trace:\n[ 3.907925] \u003cTASK\u003e\n[ 3.908048] dump_stack_lvl+0x44/0x5c\n[ 3.908258] print_report+0x184/0x4be\n[ 3.909151] kasan_report+0xc5/0x100\n[ 3.909539] kasan_check_range+0xf3/0x1a0\n[ 3.909794] memcpy+0x1f/0x60\n[ 3.909968] nla_put+0xa9/0xe0\n[ 3.910147] tunnel_key_dump+0x945/0xba0\n[ 3.911536] tcf_action_dump_1+0x1c1/0x340\n[ 3.912436] tcf_action_dump+0x101/0x180\n[ 3.912689] tcf_exts_dump+0x164/0x1e0\n[ 3.912905] fw_dump+0x18b/0x2d0\n[ 3.913483] tcf_fill_node+0x2ee/0x460\n[ 3.914778] tfilter_notify+0xf4/0x180\n[ 3.915208] tc_new_tfilter+0xd51/0x10d0\n[ 3.918615] rtnetlink_rcv_msg+0x4a2/0x560\n[ 3.919118] netlink_rcv_skb+0xcd/0x200\n[ 3.919787] netlink_unicast+0x395/0x530\n[ 3.921032] netlink_sendmsg+0x3d0/0x6d0\n[ 3.921987] __sock_sendmsg+0x99/0xa0\n[ 3.922220] __sys_sendto+0x1b7/0x240\n[ 3.922682] __x64_sys_sendto+0x72/0x90\n[ 3.922906] do_syscall_64+0x5e/0x90\n[ 3.923814] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 3.924122] RIP: 0033:0x7e83eab84407\n[ 3.924331] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 3.925330] RSP: 002b:00007ffff505e370 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\n[ 3.925752] RAX: ffffffffffffffda RBX: 00007e83eaafa740 RCX: 00007e83eab84407\n[ 3.926173] RDX: 00000000000001a8 RSI: 00007ffff505e3c0 RDI: 0000000000000003\n[ 3.926587] RBP: 00007ffff505f460 R08: 00007e83eace1000 R09: 000000000000000c\n[ 3.926977] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffff505f3c0\n[ 3.927367] R13: 00007ffff505f5c8 R14: 00007e83ead1b000 R15: 00005d4fbbe6dcb8\n\nFix these issues by enforing correct length condition in related\npolicies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22055",
"url": "https://www.suse.com/security/cve/CVE-2025-22055"
},
{
"category": "external",
"summary": "SUSE Bug 1241371 for CVE-2025-22055",
"url": "https://bugzilla.suse.com/1241371"
},
{
"category": "external",
"summary": "SUSE Bug 1241372 for CVE-2025-22055",
"url": "https://bugzilla.suse.com/1241372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "important"
}
],
"title": "CVE-2025-22055"
},
{
"cve": "CVE-2025-22060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: Prevent parser TCAM memory corruption\n\nProtect the parser TCAM/SRAM memory, and the cached (shadow) SRAM\ninformation, from concurrent modifications.\n\nBoth the TCAM and SRAM tables are indirectly accessed by configuring\nan index register that selects the row to read or write to. This means\nthat operations must be atomic in order to, e.g., avoid spreading\nwrites across multiple rows. Since the shadow SRAM array is used to\nfind free rows in the hardware table, it must also be protected in\norder to avoid TOCTOU errors where multiple cores allocate the same\nrow.\n\nThis issue was detected in a situation where `mvpp2_set_rx_mode()` ran\nconcurrently on two CPUs. In this particular case the\nMVPP2_PE_MAC_UC_PROMISCUOUS entry was corrupted, causing the\nclassifier unit to drop all incoming unicast - indicated by the\n`rx_classifier_drops` counter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22060",
"url": "https://www.suse.com/security/cve/CVE-2025-22060"
},
{
"category": "external",
"summary": "SUSE Bug 1241526 for CVE-2025-22060",
"url": "https://bugzilla.suse.com/1241526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-22060"
},
{
"cve": "CVE-2025-22086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow\n\nWhen cur_qp isn\u0027t NULL, in order to avoid fetching the QP from\nthe radix tree again we check if the next cqe QP is identical to\nthe one we already have.\n\nThe bug however is that we are checking if the QP is identical by\nchecking the QP number inside the CQE against the QP number inside the\nmlx5_ib_qp, but that\u0027s wrong since the QP number from the CQE is from\nFW so it should be matched against mlx5_core_qp which is our FW QP\nnumber.\n\nOtherwise we could use the wrong QP when handling a CQE which could\ncause the kernel trace below.\n\nThis issue is mainly noticeable over QPs 0 \u0026 1, since for now they are\nthe only QPs in our driver whereas the QP number inside mlx5_ib_qp\ndoesn\u0027t match the QP number inside mlx5_core_qp.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000012\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP\n CPU: 0 UID: 0 PID: 7927 Comm: kworker/u62:1 Not tainted 6.14.0-rc3+ #189\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n Workqueue: ib-comp-unb-wq ib_cq_poll_work [ib_core]\n RIP: 0010:mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n Code: 03 00 00 8d 58 ff 21 cb 66 39 d3 74 39 48 c7 c7 3c 89 6e a0 0f b7 db e8 b7 d2 b3 e0 49 8b 86 60 03 00 00 48 c7 c7 4a 89 6e a0 \u003c0f\u003e b7 5c 98 02 e8 9f d2 b3 e0 41 0f b7 86 78 03 00 00 83 e8 01 21\n RSP: 0018:ffff88810511bd60 EFLAGS: 00010046\n RAX: 0000000000000010 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff88885fa1b3c0 RDI: ffffffffa06e894a\n RBP: 00000000000000b0 R08: 0000000000000000 R09: ffff88810511bc10\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff88810d593000\n R13: ffff88810e579108 R14: ffff888105146000 R15: 00000000000000b0\n FS: 0000000000000000(0000) GS:ffff88885fa00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000012 CR3: 00000001077e6001 CR4: 0000000000370eb0\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n __ib_process_cq+0x5a/0x150 [ib_core]\n ib_cq_poll_work+0x31/0x90 [ib_core]\n process_one_work+0x169/0x320\n worker_thread+0x288/0x3a0\n ? work_busy+0xb0/0xb0\n kthread+0xd7/0x1f0\n ? kthreads_online_cpu+0x130/0x130\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork+0x2d/0x50\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22086",
"url": "https://www.suse.com/security/cve/CVE-2025-22086"
},
{
"category": "external",
"summary": "SUSE Bug 1241458 for CVE-2025-22086",
"url": "https://bugzilla.suse.com/1241458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-22086"
},
{
"cve": "CVE-2025-23131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: prevent NPD when writing a positive value to event_done\n\ndo_uevent returns the value written to event_done. In case it is a\npositive value, new_lockspace would undo all the work, and lockspace\nwould not be set. __dlm_new_lockspace, however, would treat that\npositive value as a success due to commit 8511a2728ab8 (\"dlm: fix use\ncount with multiple joins\").\n\nDown the line, device_create_lockspace would pass that NULL lockspace to\ndlm_find_lockspace_local, leading to a NULL pointer dereference.\n\nTreating such positive values as successes prevents the problem. Given\nthis has been broken for so long, this is unlikely to break userspace\nexpectations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23131",
"url": "https://www.suse.com/security/cve/CVE-2025-23131"
},
{
"category": "external",
"summary": "SUSE Bug 1241601 for CVE-2025-23131",
"url": "https://bugzilla.suse.com/1241601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-23131"
},
{
"cve": "CVE-2025-37785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains \u0027.\u0027 dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least \u0027.\u0027\nand \u0027..\u0027 as directory entries in the first data block. It first loads\nthe \u0027.\u0027 dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of \u0027..\u0027 dir\nentry (in ext4_next_entry). It assumes the \u0027..\u0027 dir entry fits into the\nsame data block.\n\nIf the rec_len of \u0027.\u0027 is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for \u0027.\u0027 dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \u003cTASK\u003e\n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37785",
"url": "https://www.suse.com/security/cve/CVE-2025-37785"
},
{
"category": "external",
"summary": "SUSE Bug 1241640 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "external",
"summary": "SUSE Bug 1241698 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kernel-default-kgraft-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.s390x",
"SUSE Linux Enterprise Live Patching 12 SP5:kgraft-patch-4_12_14-122_258-default-1-8.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-default-man-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:ocfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:cluster-md-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:dlm-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:gfs2-kmp-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-base-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-default-devel-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-devel-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-macros-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-source-4.12.14-122.258.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:kernel-syms-4.12.14-122.258.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:ocfs2-kmp-default-4.12.14-122.258.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-20T11:49:32Z",
"details": "moderate"
}
],
"title": "CVE-2025-37785"
}
]
}
SUSE-SU-2025:1177-1
Vulnerability from csaf_suse - Published: 2025-04-08 15:36 - Updated: 2025-04-08 15:36Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56638: kABI fix for 'netfilter: nft_inner: incorrect percpu area handling under softirq' (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
The following non-security bugs were fixed:
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- Reapply 'wifi: ath11k: restore country code during resume' (bsc#1207948).
- Revert 'dm: requeue IO if mapping table not yet available' (git-fixes).
- Revert 'drivers/card_reader/rtsx_usb: Restore interrupt based detection' (git-fixes).
- Revert 'leds-pca955x: Remove the unused function pca95xx_num_led_regs()' (stable-fixes).
- Revert 'wifi: ath11k: restore country code during resume' (bsc#1207948).
- Revert 'wifi: ath11k: support hibernation' (bsc#1207948).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acpi: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- acpi: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- alsa: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- alsa: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- alsa: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Always honor no_shutup_pins (git-fixes).
- alsa: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- alsa: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- alsa: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- alsa: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- alsa: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- alsa: hda/realtek: update ALC222 depop optimize (stable-fixes).
- alsa: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- alsa: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- alsa: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- alsa: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- alsa: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- alsa: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- alsa: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- alsa: usx2y: validate nrpacks module parameter on probe (git-fixes).
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- asoc: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- asoc: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- asoc: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- asoc: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- asoc: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- asoc: cs35l41: check the return value from spi_setup() (git-fixes).
- asoc: ops: Consistently treat platform_max as control value (git-fixes).
- asoc: rt722-sdca: add missing readable registers (git-fixes).
- asoc: tas2764: Fix power control mask (stable-fixes).
- asoc: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- asoc: tas2770: Fix volume scale (stable-fixes).
- asoc: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake 'Invalide' -> 'Invalid' (jsc#PED-12416).
- crypto: qat - Fix typo 'accelaration' (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix 'Full Going True' macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- disable CRYPTO_DEV_QAT_420XX
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes). mwilck: some hand editing because d95e2c34a3ca ('dm verity: Fix IO priority lost when reading FEC and hash') is missing
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- documentation: qat: fix auto_reset attribute details (git-fixes).
- documentation: qat: fix auto_reset section (git-fixes).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake 'gettin' -> 'getting' (git-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- hid: Enable playstation driver independently of sony driver (git-fixes).
- hid: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- hid: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- hid: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- hid: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- hid: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- hid: hid-steam: Fix use-after-free when detaching device (git-fixes).
- hid: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- hid: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- hid: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- hid: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- hid: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- hid: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- hid: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- ib/mad: Check available slots before posting receive WRs (git-fixes)
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- input: ads7846 - fix gpiod allocation (git-fixes).
- input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- input: iqs7222 - preserve system status register (git-fixes).
- input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- input: xpad - add multiple supported devices (stable-fixes).
- input: xpad - add support for TECNO Pocket Go (stable-fixes).
- input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- input: xpad - rename QH controller to Legion Go S (stable-fixes).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: '__ALIGN_KERNEL' redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).
- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).
- padata: fix sysfs store callback check (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- pci/acs: Fix 'pci=config_acs=' parameter (git-fixes).
- pci/aspm: Fix link state exit during switch upstream function removal (git-fixes).
- pci/doe: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- pci/doe: Support discovery version 2 (bsc#1237853)
- pci/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- pci: Avoid reset when disabled via sysfs (git-fixes).
- pci: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- pci: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- pci: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- pci: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- pci: brcmstb: Fix potential premature regulator disabling (git-fixes).
- pci: brcmstb: Set generation limit before PCIe link up (git-fixes).
- pci: brcmstb: Use internal register to change link capability (git-fixes).
- pci: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- pci: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- pci: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- pci: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pm: sleep: Adjust check before setting power.must_resume (git-fixes).
- pm: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc: Stop using no_llseek (bsc#1239573).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- rdma/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- rdma/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- rdma/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- rdma/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- rdma/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- rdma/hns: Fix missing xa_destroy() (git-fixes)
- rdma/hns: Fix soft lockup during bt pages loop (git-fixes)
- rdma/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- rdma/hns: Fix wrong value of max_sge_rd (git-fixes)
- rdma/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- rdma/mlx5: Fix MR cache initialization error flow (git-fixes)
- rdma/mlx5: Fix cache entry update on dereg error (git-fixes)
- rdma/mlx5: Fix calculation of total invalidated pages (git-fixes)
- rdma/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- rdma/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- rdma/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- sunrpc: Handle -ETIMEDOUT return from tlshd (git-fixes).
- sunrpc: Prevent looping due to rpc_signal_task() races (git-fixes).
- sunrpc: convert RPC_TASK_* constants to enum (git-fixes).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- upstream: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- usb: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- usb: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- usb: serial: option: match on interface class for Telit FN990B (stable-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle 'nosmt' correctly (git-fixes).
- x86/microcode: Handle 'offline' CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
Patchnames
SUSE-2025-1177,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1177,openSUSE-SLE-15.6-2025-1177
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56638: kABI fix for \u0027netfilter: nft_inner: incorrect percpu area handling under softirq\u0027 (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n\nThe following non-security bugs were fixed:\n\n- Move upstreamed PCI and initramfs patches into sorted section\n- Move upstreamed nfsd and sunrpc patches into sorted section\n- Move upstreamed powerpc and SCSI patches into sorted section\n- Reapply \u0027wifi: ath11k: restore country code during resume\u0027 (bsc#1207948).\n- Revert \u0027dm: requeue IO if mapping table not yet available\u0027 (git-fixes).\n- Revert \u0027drivers/card_reader/rtsx_usb: Restore interrupt based detection\u0027 (git-fixes).\n- Revert \u0027leds-pca955x: Remove the unused function pca95xx_num_led_regs()\u0027 (stable-fixes).\n- Revert \u0027wifi: ath11k: restore country code during resume\u0027 (bsc#1207948).\n- Revert \u0027wifi: ath11k: support hibernation\u0027 (bsc#1207948).\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acpi: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- acpi: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- af_unix: Annotate data-race of sk-\u003esk_state in unix_stream_read_skb() (bsc#1239435).\n- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- alsa: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).\n- alsa: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- alsa: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).\n- alsa: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- alsa: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).\n- alsa: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).\n- alsa: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- alsa: hda/realtek: update ALC222 depop optimize (stable-fixes).\n- alsa: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- alsa: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).\n- alsa: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).\n- alsa: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- alsa: seq: Avoid module auto-load handling at event delivery (stable-fixes).\n- alsa: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- alsa: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- alsa: usx2y: validate nrpacks module parameter on probe (git-fixes).\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- asoc: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- asoc: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- asoc: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- asoc: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- asoc: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- asoc: cs35l41: check the return value from spi_setup() (git-fixes).\n- asoc: ops: Consistently treat platform_max as control value (git-fixes).\n- asoc: rt722-sdca: add missing readable registers (git-fixes).\n- asoc: tas2764: Fix power control mask (stable-fixes).\n- asoc: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- asoc: tas2770: Fix volume scale (stable-fixes).\n- asoc: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- block: cleanup and fix batch completion adding conditions (git-fixes).\n- block: do not revert iter for -EIOCBQUEUED (git-fixes).\n- bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).\n- bpf: Fix a verifier verbose message (git-fixes).\n- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).\n- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).\n- bpf: prevent r10 register from being marked as precise (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdx: Fix possible UAF error in driver_override_show() (git-fixes).\n- char: misc: deallocate static minor in error path (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)\n- cpufreq/cppc: Move and rename (bsc#1237856)\n- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)\n- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \u0027Invalide\u0027 -\u003e \u0027Invalid\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo \u0027accelaration\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416). \n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \u0027Full Going True\u0027 macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- disable CRYPTO_DEV_QAT_420XX\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes). mwilck: some hand editing because d95e2c34a3ca (\u0027dm verity: Fix IO priority lost when reading FEC and hash\u0027) is missing\n- dm: Fix typo in error message (git-fixes).\n- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).\n- documentation: qat: fix auto_reset attribute details (git-fixes).\n- documentation: qat: fix auto_reset section (git-fixes).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).\n- drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Fix HPD after gpu reset (stable-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \u0027gettin\u0027 -\u003e \u0027getting\u0027 (git-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Remove async regmap writes (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).\n- gpio: rcar: Fix missing of_node_put() call (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- hid: Enable playstation driver independently of sony driver (git-fixes).\n- hid: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- hid: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- hid: appleir: Fix potential NULL dereference at raw event handle (git-fixes).\n- hid: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).\n- hid: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- hid: hid-steam: Fix use-after-free when detaching device (git-fixes).\n- hid: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).\n- hid: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- hid: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).\n- hid: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- hid: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- hid: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- hid: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).\n- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).\n- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).\n- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- ib/mad: Check available slots before posting receive WRs (git-fixes)\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).\n- iio: dac: ad3552r: clear reset status flag (git-fixes).\n- iio: filter: admv8818: Force initialization of SDO (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- init: add initramfs_internal.h (bsc#1232848).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- input: ads7846 - fix gpiod allocation (git-fixes).\n- input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- input: iqs7222 - preserve system status register (git-fixes).\n- input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- input: xpad - add multiple supported devices (stable-fixes).\n- input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).\n- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).\n- l2tp: fix lockdep splat (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- memblock tests: fix warning: \u0027__ALIGN_KERNEL\u0027 redefined (git-fixes). \n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- net l2tp: drop flow hash on forward (git-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- nfsd: clear acl_access/acl_default after releasing them (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649). \n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- orangefs: fix a oob in orangefs_debug_write (git-fixes).\n- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).\n- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251). \n- padata: fix sysfs store callback check (git-fixes).\n- partitions: mac: fix handling of bogus partition table (git-fixes).\n- pci/acs: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- pci/aspm: Fix link state exit during switch upstream function removal (git-fixes).\n- pci/doe: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)\n- pci/doe: Support discovery version 2 (bsc#1237853)\n- pci/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- pci: Avoid reset when disabled via sysfs (git-fixes).\n- pci: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- pci: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- pci: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- pci: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- pci: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- pci: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- pci: brcmstb: Use internal register to change link capability (git-fixes).\n- pci: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- pci: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- pci: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- pci: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- pm: sleep: Adjust check before setting power.must_resume (git-fixes).\n- pm: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).\n- rapidio: fix an API misues when rio_add_net() fails (git-fixes).\n- ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).\n- ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). \n- rdma/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- rdma/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- rdma/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- rdma/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- rdma/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- rdma/hns: Fix missing xa_destroy() (git-fixes)\n- rdma/hns: Fix soft lockup during bt pages loop (git-fixes)\n- rdma/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- rdma/hns: Fix wrong value of max_sge_rd (git-fixes)\n- rdma/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- rdma/mlx5: Fix MR cache initialization error flow (git-fixes)\n- rdma/mlx5: Fix cache entry update on dereg error (git-fixes)\n- rdma/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- rdma/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- rdma/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- rdma/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).\n- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).\n- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).\n- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).\n- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- sunrpc: Handle -ETIMEDOUT return from tlshd (git-fixes).\n- sunrpc: Prevent looping due to rpc_signal_task() races (git-fixes).\n- sunrpc: convert RPC_TASK_* constants to enum (git-fixes).\n- sunrpc: suppress warnings for unused procfs functions (git-fixes).\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: Update window clamping condition (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).\n- tools: move alignment-related macros to new \u0026lt;linux/align.h\u003e (git-fixes). \n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- upstream: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).\n- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).\n- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).\n- usb: gadget: Fix setting self-powered state on suspend (git-fixes).\n- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).\n- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).\n- usb: hub: lack of clearing xHC resources (git-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: renesas_usbhs: Call clk_put() (git-fixes).\n- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).\n- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).\n- usb: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- usb: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- usb: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- usb: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).\n- usb: typec: ucsi: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \u0027nosmt\u0027 correctly (git-fixes).\n- x86/microcode: Handle \u0027offline\u0027 CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1177,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-1177,openSUSE-SLE-15.6-2025-1177",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1177-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1177-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251177-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1177-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020670.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215211",
"url": "https://bugzilla.suse.com/1215211"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1221651",
"url": "https://bugzilla.suse.com/1221651"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1223047",
"url": "https://bugzilla.suse.com/1223047"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224610",
"url": "https://bugzilla.suse.com/1224610"
},
{
"category": "self",
"summary": "SUSE Bug 1225533",
"url": "https://bugzilla.suse.com/1225533"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1228653",
"url": "https://bugzilla.suse.com/1228653"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1229361",
"url": "https://bugzilla.suse.com/1229361"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230728",
"url": "https://bugzilla.suse.com/1230728"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1230832",
"url": "https://bugzilla.suse.com/1230832"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231432",
"url": "https://bugzilla.suse.com/1231432"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232421",
"url": "https://bugzilla.suse.com/1232421"
},
{
"category": "self",
"summary": "SUSE Bug 1232743",
"url": "https://bugzilla.suse.com/1232743"
},
{
"category": "self",
"summary": "SUSE Bug 1232812",
"url": "https://bugzilla.suse.com/1232812"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1233033",
"url": "https://bugzilla.suse.com/1233033"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233259",
"url": "https://bugzilla.suse.com/1233259"
},
{
"category": "self",
"summary": "SUSE Bug 1233260",
"url": "https://bugzilla.suse.com/1233260"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233749",
"url": "https://bugzilla.suse.com/1233749"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235698",
"url": "https://bugzilla.suse.com/1235698"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235761",
"url": "https://bugzilla.suse.com/1235761"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236099",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236692",
"url": "https://bugzilla.suse.com/1236692"
},
{
"category": "self",
"summary": "SUSE Bug 1237029",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237558",
"url": "https://bugzilla.suse.com/1237558"
},
{
"category": "self",
"summary": "SUSE Bug 1237562",
"url": "https://bugzilla.suse.com/1237562"
},
{
"category": "self",
"summary": "SUSE Bug 1237565",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "self",
"summary": "SUSE Bug 1237571",
"url": "https://bugzilla.suse.com/1237571"
},
{
"category": "self",
"summary": "SUSE Bug 1237853",
"url": "https://bugzilla.suse.com/1237853"
},
{
"category": "self",
"summary": "SUSE Bug 1237856",
"url": "https://bugzilla.suse.com/1237856"
},
{
"category": "self",
"summary": "SUSE Bug 1237873",
"url": "https://bugzilla.suse.com/1237873"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237876",
"url": "https://bugzilla.suse.com/1237876"
},
{
"category": "self",
"summary": "SUSE Bug 1237877",
"url": "https://bugzilla.suse.com/1237877"
},
{
"category": "self",
"summary": "SUSE Bug 1237881",
"url": "https://bugzilla.suse.com/1237881"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237890",
"url": "https://bugzilla.suse.com/1237890"
},
{
"category": "self",
"summary": "SUSE Bug 1237894",
"url": "https://bugzilla.suse.com/1237894"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237900",
"url": "https://bugzilla.suse.com/1237900"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1237907",
"url": "https://bugzilla.suse.com/1237907"
},
{
"category": "self",
"summary": "SUSE Bug 1237911",
"url": "https://bugzilla.suse.com/1237911"
},
{
"category": "self",
"summary": "SUSE Bug 1237912",
"url": "https://bugzilla.suse.com/1237912"
},
{
"category": "self",
"summary": "SUSE Bug 1237950",
"url": "https://bugzilla.suse.com/1237950"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238474",
"url": "https://bugzilla.suse.com/1238474"
},
{
"category": "self",
"summary": "SUSE Bug 1238475",
"url": "https://bugzilla.suse.com/1238475"
},
{
"category": "self",
"summary": "SUSE Bug 1238479",
"url": "https://bugzilla.suse.com/1238479"
},
{
"category": "self",
"summary": "SUSE Bug 1238497",
"url": "https://bugzilla.suse.com/1238497"
},
{
"category": "self",
"summary": "SUSE Bug 1238500",
"url": "https://bugzilla.suse.com/1238500"
},
{
"category": "self",
"summary": "SUSE Bug 1238501",
"url": "https://bugzilla.suse.com/1238501"
},
{
"category": "self",
"summary": "SUSE Bug 1238502",
"url": "https://bugzilla.suse.com/1238502"
},
{
"category": "self",
"summary": "SUSE Bug 1238503",
"url": "https://bugzilla.suse.com/1238503"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238507",
"url": "https://bugzilla.suse.com/1238507"
},
{
"category": "self",
"summary": "SUSE Bug 1238510",
"url": "https://bugzilla.suse.com/1238510"
},
{
"category": "self",
"summary": "SUSE Bug 1238511",
"url": "https://bugzilla.suse.com/1238511"
},
{
"category": "self",
"summary": "SUSE Bug 1238512",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "self",
"summary": "SUSE Bug 1238523",
"url": "https://bugzilla.suse.com/1238523"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238529",
"url": "https://bugzilla.suse.com/1238529"
},
{
"category": "self",
"summary": "SUSE Bug 1238531",
"url": "https://bugzilla.suse.com/1238531"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238715",
"url": "https://bugzilla.suse.com/1238715"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238734",
"url": "https://bugzilla.suse.com/1238734"
},
{
"category": "self",
"summary": "SUSE Bug 1238735",
"url": "https://bugzilla.suse.com/1238735"
},
{
"category": "self",
"summary": "SUSE Bug 1238736",
"url": "https://bugzilla.suse.com/1238736"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238747",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238757",
"url": "https://bugzilla.suse.com/1238757"
},
{
"category": "self",
"summary": "SUSE Bug 1238760",
"url": "https://bugzilla.suse.com/1238760"
},
{
"category": "self",
"summary": "SUSE Bug 1238762",
"url": "https://bugzilla.suse.com/1238762"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238767",
"url": "https://bugzilla.suse.com/1238767"
},
{
"category": "self",
"summary": "SUSE Bug 1238768",
"url": "https://bugzilla.suse.com/1238768"
},
{
"category": "self",
"summary": "SUSE Bug 1238771",
"url": "https://bugzilla.suse.com/1238771"
},
{
"category": "self",
"summary": "SUSE Bug 1238772",
"url": "https://bugzilla.suse.com/1238772"
},
{
"category": "self",
"summary": "SUSE Bug 1238773",
"url": "https://bugzilla.suse.com/1238773"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238781",
"url": "https://bugzilla.suse.com/1238781"
},
{
"category": "self",
"summary": "SUSE Bug 1238785",
"url": "https://bugzilla.suse.com/1238785"
},
{
"category": "self",
"summary": "SUSE Bug 1238864",
"url": "https://bugzilla.suse.com/1238864"
},
{
"category": "self",
"summary": "SUSE Bug 1238865",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1238903",
"url": "https://bugzilla.suse.com/1238903"
},
{
"category": "self",
"summary": "SUSE Bug 1238904",
"url": "https://bugzilla.suse.com/1238904"
},
{
"category": "self",
"summary": "SUSE Bug 1238905",
"url": "https://bugzilla.suse.com/1238905"
},
{
"category": "self",
"summary": "SUSE Bug 1238909",
"url": "https://bugzilla.suse.com/1238909"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238917",
"url": "https://bugzilla.suse.com/1238917"
},
{
"category": "self",
"summary": "SUSE Bug 1238958",
"url": "https://bugzilla.suse.com/1238958"
},
{
"category": "self",
"summary": "SUSE Bug 1238959",
"url": "https://bugzilla.suse.com/1238959"
},
{
"category": "self",
"summary": "SUSE Bug 1238963",
"url": "https://bugzilla.suse.com/1238963"
},
{
"category": "self",
"summary": "SUSE Bug 1238964",
"url": "https://bugzilla.suse.com/1238964"
},
{
"category": "self",
"summary": "SUSE Bug 1238969",
"url": "https://bugzilla.suse.com/1238969"
},
{
"category": "self",
"summary": "SUSE Bug 1238971",
"url": "https://bugzilla.suse.com/1238971"
},
{
"category": "self",
"summary": "SUSE Bug 1238973",
"url": "https://bugzilla.suse.com/1238973"
},
{
"category": "self",
"summary": "SUSE Bug 1238975",
"url": "https://bugzilla.suse.com/1238975"
},
{
"category": "self",
"summary": "SUSE Bug 1238978",
"url": "https://bugzilla.suse.com/1238978"
},
{
"category": "self",
"summary": "SUSE Bug 1238979",
"url": "https://bugzilla.suse.com/1238979"
},
{
"category": "self",
"summary": "SUSE Bug 1238981",
"url": "https://bugzilla.suse.com/1238981"
},
{
"category": "self",
"summary": "SUSE Bug 1238984",
"url": "https://bugzilla.suse.com/1238984"
},
{
"category": "self",
"summary": "SUSE Bug 1238986",
"url": "https://bugzilla.suse.com/1238986"
},
{
"category": "self",
"summary": "SUSE Bug 1238993",
"url": "https://bugzilla.suse.com/1238993"
},
{
"category": "self",
"summary": "SUSE Bug 1238994",
"url": "https://bugzilla.suse.com/1238994"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239027",
"url": "https://bugzilla.suse.com/1239027"
},
{
"category": "self",
"summary": "SUSE Bug 1239029",
"url": "https://bugzilla.suse.com/1239029"
},
{
"category": "self",
"summary": "SUSE Bug 1239030",
"url": "https://bugzilla.suse.com/1239030"
},
{
"category": "self",
"summary": "SUSE Bug 1239033",
"url": "https://bugzilla.suse.com/1239033"
},
{
"category": "self",
"summary": "SUSE Bug 1239034",
"url": "https://bugzilla.suse.com/1239034"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239037",
"url": "https://bugzilla.suse.com/1239037"
},
{
"category": "self",
"summary": "SUSE Bug 1239038",
"url": "https://bugzilla.suse.com/1239038"
},
{
"category": "self",
"summary": "SUSE Bug 1239039",
"url": "https://bugzilla.suse.com/1239039"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239065",
"url": "https://bugzilla.suse.com/1239065"
},
{
"category": "self",
"summary": "SUSE Bug 1239068",
"url": "https://bugzilla.suse.com/1239068"
},
{
"category": "self",
"summary": "SUSE Bug 1239073",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "self",
"summary": "SUSE Bug 1239076",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "self",
"summary": "SUSE Bug 1239080",
"url": "https://bugzilla.suse.com/1239080"
},
{
"category": "self",
"summary": "SUSE Bug 1239085",
"url": "https://bugzilla.suse.com/1239085"
},
{
"category": "self",
"summary": "SUSE Bug 1239087",
"url": "https://bugzilla.suse.com/1239087"
},
{
"category": "self",
"summary": "SUSE Bug 1239095",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "self",
"summary": "SUSE Bug 1239104",
"url": "https://bugzilla.suse.com/1239104"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239109",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "self",
"summary": "SUSE Bug 1239112",
"url": "https://bugzilla.suse.com/1239112"
},
{
"category": "self",
"summary": "SUSE Bug 1239114",
"url": "https://bugzilla.suse.com/1239114"
},
{
"category": "self",
"summary": "SUSE Bug 1239115",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239167",
"url": "https://bugzilla.suse.com/1239167"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239435",
"url": "https://bugzilla.suse.com/1239435"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239615",
"url": "https://bugzilla.suse.com/1239615"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52831 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52926 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26873 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46736 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58079 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21631 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21704 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21708 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21731 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21736 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21745 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21784 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21828 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-04-08T15:36:33Z",
"generator": {
"date": "2025-04-08T15:36:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1177-1",
"initial_release_date": "2025-04-08T15:36:33Z",
"revision_history": [
{
"date": "2025-04-08T15:36:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.34.2.aarch64",
"product_id": "kernel-azure-6.4.0-150600.8.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.34.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"product": {
"name": "kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"product_id": "kernel-devel-azure-6.4.0-150600.8.34.2.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"product": {
"name": "kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"product_id": "kernel-source-azure-6.4.0-150600.8.34.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.34.2.x86_64",
"product_id": "kernel-azure-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"product_id": "kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.34.2.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.34.2.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.34.2.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.34.2.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.34.2.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.34.2.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.34.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.34.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.34.2.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.34.2.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.34.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52831",
"url": "https://www.suse.com/security/cve/CVE-2023-52831"
},
{
"category": "external",
"summary": "SUSE Bug 1225533 for CVE-2023-52831",
"url": "https://bugzilla.suse.com/1225533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIORING_OP_READ did not correctly consume the provided buffer list when\nread i/o returned \u003c 0 (except for -EAGAIN and -EIOCBQUEUED return).\nThis can lead to a potential use-after-free when the completion via\nio_rw_done runs at separate context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52926",
"url": "https://www.suse.com/security/cve/CVE-2023-52926"
},
{
"category": "external",
"summary": "SUSE Bug 1237565 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "external",
"summary": "SUSE Bug 1237567 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-26634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26634",
"url": "https://www.suse.com/security/cve/CVE-2024-26634"
},
{
"category": "external",
"summary": "SUSE Bug 1221651 for CVE-2024-26634",
"url": "https://bugzilla.suse.com/1221651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix a deadlock issue related to automatic dump\n\nIf we issue a disabling PHY command, the device attached with it will go\noffline, if a 2 bit ECC error occurs at the same time, a hung task may be\nfound:\n\n[ 4613.652388] INFO: task kworker/u256:0:165233 blocked for more than 120 seconds.\n[ 4613.666297] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.674809] task:kworker/u256:0 state:D stack: 0 pid:165233 ppid: 2 flags:0x00000208\n[ 4613.683959] Workqueue: 0000:74:02.0_disco_q sas_revalidate_domain [libsas]\n[ 4613.691518] Call trace:\n[ 4613.694678] __switch_to+0xf8/0x17c\n[ 4613.698872] __schedule+0x660/0xee0\n[ 4613.703063] schedule+0xac/0x240\n[ 4613.706994] schedule_timeout+0x500/0x610\n[ 4613.711705] __down+0x128/0x36c\n[ 4613.715548] down+0x240/0x2d0\n[ 4613.719221] hisi_sas_internal_abort_timeout+0x1bc/0x260 [hisi_sas_main]\n[ 4613.726618] sas_execute_internal_abort+0x144/0x310 [libsas]\n[ 4613.732976] sas_execute_internal_abort_dev+0x44/0x60 [libsas]\n[ 4613.739504] hisi_sas_internal_task_abort_dev.isra.0+0xbc/0x1b0 [hisi_sas_main]\n[ 4613.747499] hisi_sas_dev_gone+0x174/0x250 [hisi_sas_main]\n[ 4613.753682] sas_notify_lldd_dev_gone+0xec/0x2e0 [libsas]\n[ 4613.759781] sas_unregister_common_dev+0x4c/0x7a0 [libsas]\n[ 4613.765962] sas_destruct_devices+0xb8/0x120 [libsas]\n[ 4613.771709] sas_do_revalidate_domain.constprop.0+0x1b8/0x31c [libsas]\n[ 4613.778930] sas_revalidate_domain+0x60/0xa4 [libsas]\n[ 4613.784716] process_one_work+0x248/0x950\n[ 4613.789424] worker_thread+0x318/0x934\n[ 4613.793878] kthread+0x190/0x200\n[ 4613.797810] ret_from_fork+0x10/0x18\n[ 4613.802121] INFO: task kworker/u256:4:316722 blocked for more than 120 seconds.\n[ 4613.816026] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.824538] task:kworker/u256:4 state:D stack: 0 pid:316722 ppid: 2 flags:0x00000208\n[ 4613.833670] Workqueue: 0000:74:02.0 hisi_sas_rst_work_handler [hisi_sas_main]\n[ 4613.841491] Call trace:\n[ 4613.844647] __switch_to+0xf8/0x17c\n[ 4613.848852] __schedule+0x660/0xee0\n[ 4613.853052] schedule+0xac/0x240\n[ 4613.856984] schedule_timeout+0x500/0x610\n[ 4613.861695] __down+0x128/0x36c\n[ 4613.865542] down+0x240/0x2d0\n[ 4613.869216] hisi_sas_controller_prereset+0x58/0x1fc [hisi_sas_main]\n[ 4613.876324] hisi_sas_rst_work_handler+0x40/0x8c [hisi_sas_main]\n[ 4613.883019] process_one_work+0x248/0x950\n[ 4613.887732] worker_thread+0x318/0x934\n[ 4613.892204] kthread+0x190/0x200\n[ 4613.896118] ret_from_fork+0x10/0x18\n[ 4613.900423] INFO: task kworker/u256:1:348985 blocked for more than 121 seconds.\n[ 4613.914341] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.922852] task:kworker/u256:1 state:D stack: 0 pid:348985 ppid: 2 flags:0x00000208\n[ 4613.931984] Workqueue: 0000:74:02.0_event_q sas_port_event_worker [libsas]\n[ 4613.939549] Call trace:\n[ 4613.942702] __switch_to+0xf8/0x17c\n[ 4613.946892] __schedule+0x660/0xee0\n[ 4613.951083] schedule+0xac/0x240\n[ 4613.955015] schedule_timeout+0x500/0x610\n[ 4613.959725] wait_for_common+0x200/0x610\n[ 4613.964349] wait_for_completion+0x3c/0x5c\n[ 4613.969146] flush_workqueue+0x198/0x790\n[ 4613.973776] sas_porte_broadcast_rcvd+0x1e8/0x320 [libsas]\n[ 4613.979960] sas_port_event_worker+0x54/0xa0 [libsas]\n[ 4613.985708] process_one_work+0x248/0x950\n[ 4613.990420] worker_thread+0x318/0x934\n[ 4613.994868] kthread+0x190/0x200\n[ 4613.998800] ret_from_fork+0x10/0x18\n\nThis is because when the device goes offline, we obtain the hisi_hba\nsemaphore and send the ABORT_DEV command to the device. However, the\ninternal abort timed out due to the 2 bit ECC error and triggers automatic\ndump. In addition, since the hisi_hba semaphore has been obtained, the dump\ncannot be executed and the controller cannot be reset.\n\nTherefore, the deadlocks occur on the following circular dependencies\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26873",
"url": "https://www.suse.com/security/cve/CVE-2024-26873"
},
{
"category": "external",
"summary": "SUSE Bug 1223047 for CVE-2024-26873",
"url": "https://bugzilla.suse.com/1223047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-35826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix page refcounts for unaligned buffers in __bio_release_pages()\n\nFix an incorrect number of pages being released for buffers that do not\nstart at the beginning of a page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35826",
"url": "https://www.suse.com/security/cve/CVE-2024-35826"
},
{
"category": "external",
"summary": "SUSE Bug 1224610 for CVE-2024-35826",
"url": "https://bugzilla.suse.com/1224610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix validation of block size\n\nBlock size should be between 512 and PAGE_SIZE and be a power of 2. The current\ncheck does not validate this, so update the check.\n\nWithout this patch, null_blk would Oops due to a null pointer deref when\nloaded with bs=1536 [1].\n\n\n[axboe: remove unnecessary braces and != 0 check]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41077",
"url": "https://www.suse.com/security/cve/CVE-2024-41077"
},
{
"category": "external",
"summary": "SUSE Bug 1228653 for CVE-2024-41077",
"url": "https://bugzilla.suse.com/1228653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41149",
"url": "https://www.suse.com/security/cve/CVE-2024-41149"
},
{
"category": "external",
"summary": "SUSE Bug 1235698 for CVE-2024-41149",
"url": "https://bugzilla.suse.com/1235698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n fs/smb/client/cifsfs.c:1981 init_cifs()\n error: we previously assumed \u0027serverclose_wq\u0027 could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42307",
"url": "https://www.suse.com/security/cve/CVE-2024-42307"
},
{
"category": "external",
"summary": "SUSE Bug 1229361 for CVE-2024-42307",
"url": "https://bugzilla.suse.com/1229361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-46736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46736",
"url": "https://www.suse.com/security/cve/CVE-2024-46736"
},
{
"category": "external",
"summary": "SUSE Bug 1230728 for CVE-2024-46736",
"url": "https://bugzilla.suse.com/1230728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n CIFS: Attempting to mount //w22-fs0/scratch\n run fstests generic/013 at 2024-09-02 19:48:59\n ==================================================================\n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n 04/01/2014\n Workqueue: cifsoplockd cifs_oplock_break [cifs]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? detach_if_pending+0xab/0x200\n print_report+0x156/0x4d9\n ? detach_if_pending+0xab/0x200\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? detach_if_pending+0xab/0x200\n kasan_report+0xda/0x110\n ? detach_if_pending+0xab/0x200\n detach_if_pending+0xab/0x200\n timer_delete+0x96/0xe0\n ? __pfx_timer_delete+0x10/0x10\n ? rcu_is_watching+0x20/0x50\n try_to_grab_pending+0x46/0x3b0\n __cancel_work+0x89/0x1b0\n ? __pfx___cancel_work+0x10/0x10\n ? kasan_save_track+0x14/0x30\n cifs_close_deferred_file+0x110/0x2c0 [cifs]\n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n ? __pfx_down_read+0x10/0x10\n cifs_oplock_break+0x4c1/0xa50 [cifs]\n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n ? lock_is_held_type+0x85/0xf0\n ? mark_held_locks+0x1a/0x90\n process_one_work+0x4c6/0x9f0\n ? find_held_lock+0x8a/0xa0\n ? __pfx_process_one_work+0x10/0x10\n ? lock_acquired+0x220/0x550\n ? __list_add_valid_or_report+0x37/0x100\n worker_thread+0x2e4/0x570\n ? __kthread_parkme+0xd1/0xf0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x17f/0x1c0\n ? kthread+0xda/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 1118:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n cifs_atomic_open+0x467/0x770 [cifs]\n lookup_open.isra.0+0x665/0x8b0\n path_openat+0x4c3/0x1380\n do_filp_open+0x167/0x270\n do_sys_openat2+0x129/0x160\n __x64_sys_creat+0xad/0xe0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 83:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n poison_slab_object+0xe9/0x160\n __kasan_slab_free+0x32/0x50\n kfree+0xf2/0x300\n process_one_work+0x4c6/0x9f0\n worker_thread+0x2e4/0x570\n kthread+0x17f/0x1c0\n ret_from_fork+0x31/0x60\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x30/0x50\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x29/0xe0\n __queue_work+0x5ea/0x760\n queue_work_on+0x6d/0x90\n _cifsFileInfo_put+0x3f6/0x770 [cifs]\n smb2_compound_op+0x911/0x3940 [cifs]\n smb2_set_path_size+0x228/0x270 [cifs]\n cifs_set_file_size+0x197/0x460 [cifs]\n cifs_setattr+0xd9c/0x14b0 [cifs]\n notify_change+0x4e3/0x740\n do_truncate+0xfa/0x180\n vfs_truncate+0x195/0x200\n __x64_sys_truncate+0x109/0x150\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46796",
"url": "https://www.suse.com/security/cve/CVE-2024-46796"
},
{
"category": "external",
"summary": "SUSE Bug 1230832 for CVE-2024-46796",
"url": "https://bugzilla.suse.com/1230832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session-\u003etunnel is non-NULL. However, session-\u003etunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession-\u003etunnel is non-NULL when the tunnel refcount hasn\u0027t been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession-\u003etunnel to get the tunnel\u0027s encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session-\u003etunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn\u0027t yet have session-\u003etunnel set. Add a check for\nthis case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49940",
"url": "https://www.suse.com/security/cve/CVE-2024-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1232812 for CVE-2024-49940",
"url": "https://bugzilla.suse.com/1232812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n\u0027ea is initialized to NULL\u0027 -\u003e \u0027first successful memory allocation for\nea\u0027 -\u003e \u0027something failed, goto sea_exit\u0027 -\u003e \u0027first memory release for ea\u0027\n-\u003e \u0027goto replay_again\u0027 -\u003e \u0027second goto sea_exit before allocate memory\nfor ea\u0027 -\u003e \u0027second memory release for ea resulted in double free\u0027.\n\nRe-initialie \u0027ea\u0027 to NULL near to the replay_again label, it can fix this\ndouble free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50152",
"url": "https://www.suse.com/security/cve/CVE-2024-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1233033 for CVE-2024-50152",
"url": "https://bugzilla.suse.com/1233033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-52559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52559",
"url": "https://www.suse.com/security/cve/CVE-2024-52559"
},
{
"category": "external",
"summary": "SUSE Bug 1238507 for CVE-2024-52559",
"url": "https://bugzilla.suse.com/1238507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core-indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a \u0027possible circular locking dependency detected\u0027 warning\n CPU0 CPU1\n ---- ----\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n\nFix this by temporarily releasing the reset_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57807",
"url": "https://www.suse.com/security/cve/CVE-2024-57807"
},
{
"category": "external",
"summary": "SUSE Bug 1235761 for CVE-2024-57807",
"url": "https://bugzilla.suse.com/1235761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread\n\nsyzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1]\n\nIf dvb-\u003emux is not initialized successfully by vidtv_mux_init() in the\nvidtv_start_streaming(), it will trigger null pointer dereference about mux\nin vidtv_mux_stop_thread().\n\nAdjust the timing of streaming initialization and check it before\nstopping it.\n\n[1]\nKASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]\nCPU: 0 UID: 0 PID: 5842 Comm: syz-executor248 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:vidtv_mux_stop_thread+0x26/0x80 drivers/media/test-drivers/vidtv/vidtv_mux.c:471\nCode: 90 90 90 90 66 0f 1f 00 55 53 48 89 fb e8 82 2e c8 f9 48 8d bb 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 02 7e 3b 0f b6 ab 28 01 00 00 31 ff 89 ee e8\nRSP: 0018:ffffc90003f2faa8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87cfb125\nRDX: 0000000000000025 RSI: ffffffff87d120ce RDI: 0000000000000128\nRBP: ffff888029b8d220 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000003 R12: ffff888029b8d188\nR13: ffffffff8f590aa0 R14: ffffc9000581c5c8 R15: ffff888029a17710\nFS: 00007f7eef5156c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7eef5e635c CR3: 0000000076ca6000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vidtv_stop_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:209 [inline]\n vidtv_stop_feed+0x151/0x250 drivers/media/test-drivers/vidtv/vidtv_bridge.c:252\n dmx_section_feed_stop_filtering+0x90/0x160 drivers/media/dvb-core/dvb_demux.c:1000\n dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270 drivers/media/dvb-core/dmxdev.c:486\n dvb_dmxdev_filter_stop+0x22a/0x3a0 drivers/media/dvb-core/dmxdev.c:559\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3f8/0xb60 fs/file_table.c:450\n task_work_run+0x14e/0x250 kernel/task_work.c:239\n get_signal+0x1d3/0x2610 kernel/signal.c:2790\n arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218\n do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57834",
"url": "https://www.suse.com/security/cve/CVE-2024-57834"
},
{
"category": "external",
"summary": "SUSE Bug 1238993 for CVE-2024-57834",
"url": "https://bugzilla.suse.com/1238993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user. It comes from\nprocess_responses(). On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug. Use size_add() to prevent this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57973",
"url": "https://www.suse.com/security/cve/CVE-2024-57973"
},
{
"category": "external",
"summary": "SUSE Bug 1238531 for CVE-2024-57973",
"url": "https://bugzilla.suse.com/1238531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Fix potential error pointer dereference in detach_pm()\n\nThe proble is on the first line:\n\n\tif (jpeg-\u003epd_dev[i] \u0026\u0026 !pm_runtime_suspended(jpeg-\u003epd_dev[i]))\n\nIf jpeg-\u003epd_dev[i] is an error pointer, then passing it to\npm_runtime_suspended() will lead to an Oops. The other conditions\ncheck for both error pointers and NULL, but it would be more clear to\nuse the IS_ERR_OR_NULL() check for that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57978",
"url": "https://www.suse.com/security/cve/CVE-2024-57978"
},
{
"category": "external",
"summary": "SUSE Bug 1238523 for CVE-2024-57978",
"url": "https://bugzilla.suse.com/1238523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57980",
"url": "https://www.suse.com/security/cve/CVE-2024-57980"
},
{
"category": "external",
"summary": "SUSE Bug 1237911 for CVE-2024-57980",
"url": "https://bugzilla.suse.com/1237911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57981",
"url": "https://www.suse.com/security/cve/CVE-2024-57981"
},
{
"category": "external",
"summary": "SUSE Bug 1237912 for CVE-2024-57981",
"url": "https://bugzilla.suse.com/1237912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Fix assumption that Resolution Multipliers must be in Logical Collections\n\nA report in 2019 by the syzbot fuzzer was found to be connected to two\nerrors in the HID core associated with Resolution Multipliers. One of\nthe errors was fixed by commit ea427a222d8b (\"HID: core: Fix deadloop\nin hid_apply_multiplier.\"), but the other has not been fixed.\n\nThis error arises because hid_apply_multipler() assumes that every\nResolution Multiplier control is contained in a Logical Collection,\ni.e., there\u0027s no way the routine can ever set multiplier_collection to\nNULL. This is in spite of the fact that the function starts with a\nbig comment saying:\n\n\t * \"The Resolution Multiplier control must be contained in the same\n\t * Logical Collection as the control(s) to which it is to be applied.\n\t ...\n\t * If no Logical Collection is\n\t * defined, the Resolution Multiplier is associated with all\n\t * controls in the report.\"\n\t * HID Usage Table, v1.12, Section 4.3.1, p30\n\t *\n\t * Thus, search from the current collection upwards until we find a\n\t * logical collection...\n\nThe comment and the code overlook the possibility that none of the\ncollections found may be a Logical Collection.\n\nThe fix is to set the multiplier_collection pointer to NULL if the\ncollection found isn\u0027t a Logical Collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57986",
"url": "https://www.suse.com/security/cve/CVE-2024-57986"
},
{
"category": "external",
"summary": "SUSE Bug 1237907 for CVE-2024-57986",
"url": "https://bugzilla.suse.com/1237907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: fix off by one in mt7925_load_clc()\n\nThis comparison should be \u003e= instead of \u003e to prevent an out of bounds\nread and write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57990",
"url": "https://www.suse.com/security/cve/CVE-2024-57990"
},
{
"category": "external",
"summary": "SUSE Bug 1237900 for CVE-2024-57990",
"url": "https://bugzilla.suse.com/1237900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check\n\nsyzbot has found a type mismatch between a USB pipe and the transfer\nendpoint, which is triggered by the hid-thrustmaster driver[1].\nThere is a number of similar, already fixed issues [2].\nIn this case as in others, implementing check for endpoint type fixes the issue.\n\n[1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470\n[2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57993",
"url": "https://www.suse.com/security/cve/CVE-2024-57993"
},
{
"category": "external",
"summary": "SUSE Bug 1237894 for CVE-2024-57993",
"url": "https://bugzilla.suse.com/1237894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wcn36xx: fix channel survey memory allocation size\n\nKASAN reported a memory allocation issue in wcn-\u003echan_survey\ndue to incorrect size calculation.\nThis commit uses kcalloc to allocate memory for wcn-\u003echan_survey,\nensuring proper initialization and preventing the use of uninitialized\nvalues when there are no frames on the channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57997",
"url": "https://www.suse.com/security/cve/CVE-2024-57997"
},
{
"category": "external",
"summary": "SUSE Bug 1238529 for CVE-2024-57997",
"url": "https://bugzilla.suse.com/1238529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58002",
"url": "https://www.suse.com/security/cve/CVE-2024-58002"
},
{
"category": "external",
"summary": "SUSE Bug 1238503 for CVE-2024-58002",
"url": "https://bugzilla.suse.com/1238503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58005",
"url": "https://www.suse.com/security/cve/CVE-2024-58005"
},
{
"category": "external",
"summary": "SUSE Bug 1237873 for CVE-2024-58005",
"url": "https://bugzilla.suse.com/1237873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()\n\nIn commit 4284c88fff0e (\"PCI: designware-ep: Allow pci_epc_set_bar() update\ninbound map address\") set_bar() was modified to support dynamically\nchanging the backing physical address of a BAR that was already configured.\n\nThis means that set_bar() can be called twice, without ever calling\nclear_bar() (as calling clear_bar() would clear the BAR\u0027s PCI address\nassigned by the host).\n\nThis can only be done if the new BAR size/flags does not differ from the\nexisting BAR configuration. Add these missing checks.\n\nIf we allow set_bar() to set e.g. a new BAR size that differs from the\nexisting BAR size, the new address translation range will be smaller than\nthe BAR size already determined by the host, which would mean that a read\npast the new BAR size would pass the iATU untranslated, which could allow\nthe host to read memory not belonging to the new struct pci_epf_bar.\n\nWhile at it, add comments which clarifies the support for dynamically\nchanging the physical address of a BAR. (Which was also missing.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58006",
"url": "https://www.suse.com/security/cve/CVE-2024-58006"
},
{
"category": "external",
"summary": "SUSE Bug 1238772 for CVE-2024-58006",
"url": "https://bugzilla.suse.com/1238772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It\u0027s always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it\u0027s\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58007",
"url": "https://www.suse.com/security/cve/CVE-2024-58007"
},
{
"category": "external",
"summary": "SUSE Bug 1238511 for CVE-2024-58007",
"url": "https://bugzilla.suse.com/1238511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58009",
"url": "https://www.suse.com/security/cve/CVE-2024-58009"
},
{
"category": "external",
"summary": "SUSE Bug 1238760 for CVE-2024-58009",
"url": "https://bugzilla.suse.com/1238760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58011",
"url": "https://www.suse.com/security/cve/CVE-2024-58011"
},
{
"category": "external",
"summary": "SUSE Bug 1239080 for CVE-2024-58011",
"url": "https://bugzilla.suse.com/1239080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params\n\nEach cpu DAI should associate with a widget. However, the topology might\nnot create the right number of DAI widgets for aggregated amps. And it\nwill cause NULL pointer deference.\nCheck that the DAI widget associated with the CPU DAI is valid to prevent\nNULL pointer deference due to missing DAI widgets in topologies with\naggregated amps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58012",
"url": "https://www.suse.com/security/cve/CVE-2024-58012"
},
{
"category": "external",
"summary": "SUSE Bug 1239104 for CVE-2024-58012",
"url": "https://bugzilla.suse.com/1239104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58013",
"url": "https://www.suse.com/security/cve/CVE-2024-58013"
},
{
"category": "external",
"summary": "SUSE Bug 1239095 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "external",
"summary": "SUSE Bug 1239096 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58014",
"url": "https://www.suse.com/security/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "SUSE Bug 1239109 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "external",
"summary": "SUSE Bug 1239110 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58017",
"url": "https://www.suse.com/security/cve/CVE-2024-58017"
},
{
"category": "external",
"summary": "SUSE Bug 1239112 for CVE-2024-58017",
"url": "https://bugzilla.suse.com/1239112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()\n\nAs of_find_node_by_name() release the reference of the argument device\nnode, tegra_emc_find_node_by_ram_code() releases some device nodes while\nstill in use, resulting in possible UAFs. According to the bindings and\nthe in-tree DTS files, the \"emc-tables\" node is always device\u0027s child\nnode with the property \"nvidia,use-ram-code\", and the \"lpddr2\" node is a\nchild of the \"emc-tables\" node. Thus utilize the\nfor_each_child_of_node() macro and of_get_child_by_name() instead of\nof_find_node_by_name() to simplify the code.\n\nThis bug was found by an experimental verification tool that I am\ndeveloping.\n\n[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58034",
"url": "https://www.suse.com/security/cve/CVE-2024-58034"
},
{
"category": "external",
"summary": "SUSE Bug 1238773 for CVE-2024-58034",
"url": "https://bugzilla.suse.com/1238773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: ipmb: Add check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this\nreturned value is not checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58051",
"url": "https://www.suse.com/security/cve/CVE-2024-58051"
},
{
"category": "external",
"summary": "SUSE Bug 1238963 for CVE-2024-58051",
"url": "https://bugzilla.suse.com/1238963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58052",
"url": "https://www.suse.com/security/cve/CVE-2024-58052"
},
{
"category": "external",
"summary": "SUSE Bug 1238986 for CVE-2024-58052",
"url": "https://bugzilla.suse.com/1238986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: max96712: fix kernel oops when removing module\n\nThe following kernel oops is thrown when trying to remove the max96712\nmodule:\n\nUnable to handle kernel paging request at virtual address 00007375746174db\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000\n[00007375746174db] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan\n snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2\n imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev\n snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils\n max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse\n [last unloaded: imx8_isi]\nCPU: 0 UID: 0 PID: 754 Comm: rmmod\n\t Tainted: G C 6.12.0-rc6-06364-g327fec852c31 #17\nTainted: [C]=CRAP\nHardware name: NXP i.MX95 19X19 board (DT)\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : led_put+0x1c/0x40\nlr : v4l2_subdev_put_privacy_led+0x48/0x58\nsp : ffff80008699bbb0\nx29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000\nx26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8\nx20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000\nx11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010\nx8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\nx5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1\nx2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473\nCall trace:\n led_put+0x1c/0x40\n v4l2_subdev_put_privacy_led+0x48/0x58\n v4l2_async_unregister_subdev+0x2c/0x1a4\n max96712_remove+0x1c/0x38 [max96712]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x4c/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n max96712_i2c_driver_exit+0x18/0x1d0 [max96712]\n __arm64_sys_delete_module+0x1a4/0x290\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xd8\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\nCode: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400)\n---[ end trace 0000000000000000 ]---\n\nThis happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata()\nis called again and the data is overwritten to point to sd, instead of\npriv. So, in remove(), the wrong pointer is passed to\nv4l2_async_unregister_subdev(), leading to a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58054",
"url": "https://www.suse.com/security/cve/CVE-2024-58054"
},
{
"category": "external",
"summary": "SUSE Bug 1238975 for CVE-2024-58054",
"url": "https://bugzilla.suse.com/1238975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don\u0027t free command immediately\n\nDon\u0027t prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58055",
"url": "https://www.suse.com/security/cve/CVE-2024-58055"
},
{
"category": "external",
"summary": "SUSE Bug 1238959 for CVE-2024-58055",
"url": "https://bugzilla.suse.com/1238959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been initialized to 0.\nida_free() is called reporting a warning:\n[ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[ 4.188854] ida_free called for id=0 which is not allocated.\n[ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[ 4.231481] Hardware name: STM32 (Device Tree Support)\n[ 4.236627] Workqueue: events_unbound deferred_probe_work_func\n[ 4.242504] Call trace:\n[ 4.242522] unwind_backtrace from show_stack+0x10/0x14\n[ 4.250218] show_stack from dump_stack_lvl+0x50/0x64\n[ 4.255274] dump_stack_lvl from __warn+0x80/0x12c\n[ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188\n[ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164\n[ 4.270565] ida_free from rproc_type_release+0x38/0x60\n[ 4.275832] rproc_type_release from device_release+0x30/0xa0\n[ 4.281601] device_release from kobject_put+0xc4/0x294\n[ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c\n[ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58056",
"url": "https://www.suse.com/security/cve/CVE-2024-58056"
},
{
"category": "external",
"summary": "SUSE Bug 1238981 for CVE-2024-58056",
"url": "https://bugzilla.suse.com/1238981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert workqueues to unbound\n\nWhen a workqueue is created with `WQ_UNBOUND`, its work items are\nserved by special worker-pools, whose host workers are not bound to\nany specific CPU. In the default configuration (i.e. when\n`queue_delayed_work` and friends do not specify which CPU to run the\nwork item on), `WQ_UNBOUND` allows the work item to be executed on any\nCPU in the same node of the CPU it was enqueued on. While this\nsolution potentially sacrifices locality, it avoids contention with\nother processes that might dominate the CPU time of the processor the\nwork item was scheduled on.\n\nThis is not just a theoretical problem: in a particular scenario\nmisconfigured process was hogging most of the time from CPU0, leaving\nless than 0.5% of its CPU time to the kworker. The IDPF workqueues\nthat were using the kworker on CPU0 suffered large completion delays\nas a result, causing performance degradation, timeouts and eventual\nsystem crash.\n\n\n* I have also run a manual test to gauge the performance\n improvement. The test consists of an antagonist process\n (`./stress --cpu 2`) consuming as much of CPU 0 as possible. This\n process is run under `taskset 01` to bind it to CPU0, and its\n priority is changed with `chrt -pQ 9900 10000 ${pid}` and\n `renice -n -20 ${pid}` after start.\n\n Then, the IDPF driver is forced to prefer CPU0 by editing all calls\n to `queue_delayed_work`, `mod_delayed_work`, etc... to use CPU 0.\n\n Finally, `ktraces` for the workqueue events are collected.\n\n Without the current patch, the antagonist process can force\n arbitrary delays between `workqueue_queue_work` and\n `workqueue_execute_start`, that in my tests were as high as\n `30ms`. With the current patch applied, the workqueue can be\n migrated to another unloaded CPU in the same node, and, keeping\n everything else equal, the maximum delay I could see was `6us`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58057",
"url": "https://www.suse.com/security/cve/CVE-2024-58057"
},
{
"category": "external",
"summary": "SUSE Bug 1238969 for CVE-2024-58057",
"url": "https://bugzilla.suse.com/1238969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58058",
"url": "https://www.suse.com/security/cve/CVE-2024-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1238979 for CVE-2024-58058",
"url": "https://bugzilla.suse.com/1238979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58061",
"url": "https://www.suse.com/security/cve/CVE-2024-58061"
},
{
"category": "external",
"summary": "SUSE Bug 1238973 for CVE-2024-58061",
"url": "https://bugzilla.suse.com/1238973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58063",
"url": "https://www.suse.com/security/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "SUSE Bug 1238984 for CVE-2024-58063",
"url": "https://bugzilla.suse.com/1238984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read\n\nThe nvmem interface supports variable buffer sizes, while the regmap\ninterface operates with fixed-size storage. If an nvmem client uses a\nbuffer size less than 4 bytes, regmap_read will write out of bounds\nas it expects the buffer to point at an unsigned int.\n\nFix this by using an intermediary unsigned int to hold the value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58069",
"url": "https://www.suse.com/security/cve/CVE-2024-58069"
},
{
"category": "external",
"summary": "SUSE Bug 1238978 for CVE-2024-58069",
"url": "https://bugzilla.suse.com/1238978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58072",
"url": "https://www.suse.com/security/cve/CVE-2024-58072"
},
{
"category": "external",
"summary": "SUSE Bug 1238964 for CVE-2024-58072",
"url": "https://bugzilla.suse.com/1238964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58076",
"url": "https://www.suse.com/security/cve/CVE-2024-58076"
},
{
"category": "external",
"summary": "SUSE Bug 1239037 for CVE-2024-58076",
"url": "https://bugzilla.suse.com/1239037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n\u003e \u003e WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n\u003e \u003e ida_free called for id=127 which is not allocated.\n\u003e \u003e \u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\n...\n\u003e \u003e [\u003c60941eb4\u003e] ida_free+0x3e0/0x41f\n\u003e \u003e [\u003c605ac993\u003e] misc_minor_free+0x3e/0xbc\n\u003e \u003e [\u003c605acb82\u003e] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58078",
"url": "https://www.suse.com/security/cve/CVE-2024-58078"
},
{
"category": "external",
"summary": "SUSE Bug 1239034 for CVE-2024-58078",
"url": "https://bugzilla.suse.com/1239034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58079",
"url": "https://www.suse.com/security/cve/CVE-2024-58079"
},
{
"category": "external",
"summary": "SUSE Bug 1239029 for CVE-2024-58079",
"url": "https://bugzilla.suse.com/1239029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58080",
"url": "https://www.suse.com/security/cve/CVE-2024-58080"
},
{
"category": "external",
"summary": "SUSE Bug 1239027 for CVE-2024-58080",
"url": "https://bugzilla.suse.com/1239027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don\u0027t emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58085",
"url": "https://www.suse.com/security/cve/CVE-2024-58085"
},
{
"category": "external",
"summary": "SUSE Bug 1239085 for CVE-2024-58085",
"url": "https://bugzilla.suse.com/1239085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58086",
"url": "https://www.suse.com/security/cve/CVE-2024-58086"
},
{
"category": "external",
"summary": "SUSE Bug 1239038 for CVE-2024-58086",
"url": "https://bugzilla.suse.com/1239038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2025-21631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix waker_bfqq UAF after bfq_split_bfqq()\n\nOur syzkaller report a following UAF for v6.6:\n\nBUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\nRead of size 8 at addr ffff8881b57147d8 by task fsstress/232726\n\nCPU: 2 PID: 232726 Comm: fsstress Not tainted 6.6.0-g3629d1885222 #39\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\n print_report+0x3e/0x70 mm/kasan/report.c:475\n kasan_report+0xb8/0xf0 mm/kasan/report.c:588\n hlist_add_head include/linux/list.h:1023 [inline]\n bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh+0x15e/0x2e0 fs/ext4/super.c:230\n __read_extent_tree_block+0x304/0x6f0 fs/ext4/extents.c:567\n ext4_find_extent+0x479/0xd20 fs/ext4/extents.c:947\n ext4_ext_map_blocks+0x1a3/0x2680 fs/ext4/extents.c:4182\n ext4_map_blocks+0x929/0x15a0 fs/ext4/inode.c:660\n ext4_iomap_begin_report+0x298/0x480 fs/ext4/inode.c:3569\n iomap_iter+0x3dd/0x1010 fs/iomap/iter.c:91\n iomap_fiemap+0x1f4/0x360 fs/iomap/fiemap.c:80\n ext4_fiemap+0x181/0x210 fs/ext4/extents.c:5051\n ioctl_fiemap.isra.0+0x1b4/0x290 fs/ioctl.c:220\n do_vfs_ioctl+0x31c/0x11a0 fs/ioctl.c:811\n __do_sys_ioctl fs/ioctl.c:869 [inline]\n __se_sys_ioctl+0xae/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nAllocated by task 232719:\n kasan_save_stack+0x22/0x50 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:768 [inline]\n slab_alloc_node mm/slub.c:3492 [inline]\n kmem_cache_alloc_node+0x1b8/0x6f0 mm/slub.c:3537\n bfq_get_queue+0x215/0x1f00 block/bfq-iosched.c:5869\n bfq_get_bfqq_handle_split+0x167/0x5f0 block/bfq-iosched.c:6776\n bfq_init_rq+0x13a4/0x17a0 block/bfq-iosched.c:6938\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh_nowait+0x15a/0x240 fs/ext4/super.c:217\n ext4_read_bh_lock+0xac/0xd0 fs/ext4/super.c:242\n ext4_bread_batch+0x268/0x500 fs/ext4/inode.c:958\n __ext4_find_entry+0x448/0x10f0 fs/ext4/namei.c:1671\n ext4_lookup_entry fs/ext4/namei.c:1774 [inline]\n ext4_lookup.part.0+0x359/0x6f0 fs/ext4/namei.c:1842\n ext4_lookup+0x72/0x90 fs/ext4/namei.c:1839\n __lookup_slow+0x257/0x480 fs/namei.c:1696\n lookup_slow fs/namei.c:1713 [inline]\n walk_component+0x454/0x5c0 fs/namei.c:2004\n link_path_walk.part.0+0x773/0xda0 fs/namei.c:2331\n link_path_walk fs/namei.c:3826 [inline]\n path_openat+0x1b9/0x520 fs/namei.c:3826\n do_filp_open+0x1b7/0x400 fs/namei.c:3857\n do_sys_openat2+0x5dc/0x6e0 fs/open.c:1428\n do_sys_open fs/open.c:1443 [inline]\n __do_sys_openat fs/open.c:1459 [inline]\n __se_sys_openat fs/open.c:1454 [inline]\n __x64_sys_openat+0x148/0x200 fs/open.c:1454\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_6\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21631",
"url": "https://www.suse.com/security/cve/CVE-2025-21631"
},
{
"category": "external",
"summary": "SUSE Bug 1236099 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "external",
"summary": "SUSE Bug 1236100 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram-\u003etable without\nsetting it NULL. Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21671",
"url": "https://www.suse.com/security/cve/CVE-2025-21671"
},
{
"category": "external",
"summary": "SUSE Bug 1236692 for CVE-2025-21671",
"url": "https://bugzilla.suse.com/1236692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that\u0027s discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21693",
"url": "https://www.suse.com/security/cve/CVE-2025-21693"
},
{
"category": "external",
"summary": "SUSE Bug 1237029 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "external",
"summary": "SUSE Bug 1237047 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdc-acm: Check control transfer buffer size before access\n\nIf the first fragment is shorter than struct usb_cdc_notification, we can\u0027t\ncalculate an expected_size. Log an error and discard the notification\ninstead of reading lengths from memory outside the received data, which can\nlead to memory corruption when the expected_size decreases between\nfragments, causing `expected_size - acm-\u003enb_index` to wrap.\n\nThis issue has been present since the beginning of git history; however,\nit only leads to memory corruption since commit ea2583529cd1\n(\"cdc-acm: reassemble fragmented notifications\").\n\nA mitigating factor is that acm_ctrl_irq() can only execute after userspace\nhas opened /dev/ttyACM*; but if ModemManager is running, ModemManager will\ndo that automatically depending on the USB device\u0027s vendor/product IDs and\nits other interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21704",
"url": "https://www.suse.com/security/cve/CVE-2025-21704"
},
{
"category": "external",
"summary": "SUSE Bug 1237571 for CVE-2025-21704",
"url": "https://bugzilla.suse.com/1237571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: enable basic endpoint checking\n\nSyzkaller reports [1] encountering a common issue of utilizing a wrong\nusb endpoint type during URB submitting stage. This, in turn, triggers\na warning shown below.\n\nFor now, enable simple endpoint checking (specifically, bulk and\ninterrupt eps, testing control one is not essential) to mitigate\nthe issue with a view to do other related cosmetic changes later,\nif they are necessary.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 1 PID: 2586 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 driv\u003e\nModules linked in:\nCPU: 1 UID: 0 PID: 2586 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00069-gfc88bb11617\u003e\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nCode: 84 3c 02 00 00 e8 05 e4 fc fc 4c 89 ef e8 fd 25 d7 fe 45 89 e0 89 e9 4c 89 f2 48 8\u003e\nRSP: 0018:ffffc9000441f740 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888112487a00 RCX: ffffffff811a99a9\nRDX: ffff88810df6ba80 RSI: ffffffff811a99b6 RDI: 0000000000000001\nRBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff8881023bf0a8 R14: ffff888112452a20 R15: ffff888112487a7c\nFS: 00007fc04eea5740(0000) GS:ffff8881f6300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0a1de9f870 CR3: 000000010dbd0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rtl8150_open+0x300/0xe30 drivers/net/usb/rtl8150.c:733\n __dev_open+0x2d4/0x4e0 net/core/dev.c:1474\n __dev_change_flags+0x561/0x720 net/core/dev.c:8838\n dev_change_flags+0x8f/0x160 net/core/dev.c:8910\n devinet_ioctl+0x127a/0x1f10 net/ipv4/devinet.c:1177\n inet_ioctl+0x3aa/0x3f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x116/0x280 net/socket.c:1222\n sock_ioctl+0x22e/0x6c0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fc04ef73d49\n...\n\nThis change has not been tested on real hardware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21708",
"url": "https://www.suse.com/security/cve/CVE-2025-21708"
},
{
"category": "external",
"summary": "SUSE Bug 1239087 for CVE-2025-21708",
"url": "https://bugzilla.suse.com/1239087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rose: prevent integer overflows in rose_setsockopt()\n\nIn case of possible unpredictably large arguments passed to\nrose_setsockopt() and multiplied by extra values on top of that,\ninteger overflows may occur.\n\nDo the safest minimum and fix these issues by checking the\ncontents of \u0027opt\u0027 and returning -EINVAL if they are too large. Also,\nswitch to unsigned int and remove useless check for negative \u0027opt\u0027\nin ROSE_IDLE case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21711",
"url": "https://www.suse.com/security/cve/CVE-2025-21711"
},
{
"category": "external",
"summary": "SUSE Bug 1239114 for CVE-2025-21711",
"url": "https://bugzilla.suse.com/1239114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP use after free\n\nPrevent double queueing of implicit ODP mr destroy work by using\n__xa_cmpxchg() to make sure this is the only time we are destroying this\nspecific mr.\n\nWithout this change, we could try to invalidate this mr twice, which in\nturn could result in queuing a MR work destroy twice, and eventually the\nsecond work could execute after the MR was freed due to the first work,\ncausing a user after free and trace below.\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 2 PID: 12178 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x130\n Modules linked in: bonding ib_ipoib vfio_pci ip_gre geneve nf_tables ip6_gre gre ip6_tunnel tunnel6 ipip tunnel4 ib_umad rdma_ucm mlx5_vfio_pci vfio_pci_core vfio_iommu_type1 mlx5_ib vfio ib_uverbs mlx5_core iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\n CPU: 2 PID: 12178 Comm: kworker/u20:5 Not tainted 6.5.0-rc1_net_next_mlx5_58c644e #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events_unbound free_implicit_child_mr_work [mlx5_ib]\n RIP: 0010:refcount_warn_saturate+0x12b/0x130\n Code: 48 c7 c7 38 95 2a 82 c6 05 bc c6 fe 00 01 e8 0c 66 aa ff 0f 0b 5b c3 48 c7 c7 e0 94 2a 82 c6 05 a7 c6 fe 00 01 e8 f5 65 aa ff \u003c0f\u003e 0b 5b c3 90 8b 07 3d 00 00 00 c0 74 12 83 f8 01 74 13 8d 50 ff\n RSP: 0018:ffff8881008e3e40 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000027\n RDX: ffff88852c91b5c8 RSI: 0000000000000001 RDI: ffff88852c91b5c0\n RBP: ffff8881dacd4e00 R08: 00000000ffffffff R09: 0000000000000019\n R10: 000000000000072e R11: 0000000063666572 R12: ffff88812bfd9e00\n R13: ffff8881c792d200 R14: ffff88810011c005 R15: ffff8881002099c0\n FS: 0000000000000000(0000) GS:ffff88852c900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5694b5e000 CR3: 00000001153f6003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0x12b/0x130\n free_implicit_child_mr_work+0x180/0x1b0 [mlx5_ib]\n process_one_work+0x1cc/0x3c0\n worker_thread+0x218/0x3c0\n kthread+0xc6/0xf0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21714",
"url": "https://www.suse.com/security/cve/CVE-2025-21714"
},
{
"category": "external",
"summary": "SUSE Bug 1237890 for CVE-2025-21714",
"url": "https://bugzilla.suse.com/1237890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21718",
"url": "https://www.suse.com/security/cve/CVE-2025-21718"
},
{
"category": "external",
"summary": "SUSE Bug 1239073 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "external",
"summary": "SUSE Bug 1239074 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239074"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix possible crash when setting up bsg fails\n\nIf bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.\nConsequently, in mpi3mr_bsg_exit(), the condition \"if(!mrioc-\u003ebsg_queue)\"\nwill not be satisfied, preventing execution from entering\nbsg_remove_queue(), which could lead to the following crash:\n\nBUG: kernel NULL pointer dereference, address: 000000000000041c\nCall Trace:\n \u003cTASK\u003e\n mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr]\n mpi3mr_remove+0x6f/0x340 [mpi3mr]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x19d/0x220\n unbind_store+0xa4/0xb0\n kernfs_fop_write_iter+0x11f/0x200\n vfs_write+0x1fc/0x3e0\n ksys_write+0x67/0xe0\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0xe2",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21723",
"url": "https://www.suse.com/security/cve/CVE-2025-21723"
},
{
"category": "external",
"summary": "SUSE Bug 1238864 for CVE-2025-21723",
"url": "https://bugzilla.suse.com/1238864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: avoid UAF for reorder_work\n\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\n\ncrypto_request\t\t\tcrypto_request\t\tcrypto_del_alg\npadata_do_serial\n ...\n padata_reorder\n // processes all remaining\n // requests then breaks\n while (1) {\n if (!padata)\n break;\n ...\n }\n\n\t\t\t\tpadata_do_serial\n\t\t\t\t // new request added\n\t\t\t\t list_add\n // sees the new request\n queue_work(reorder_work)\n\t\t\t\t padata_reorder\n\t\t\t\t queue_work_on(squeue-\u003ework)\n...\n\n\t\t\t\t\u003ckworker context\u003e\n\t\t\t\tpadata_serial_worker\n\t\t\t\t// completes new request,\n\t\t\t\t// no more outstanding\n\t\t\t\t// requests\n\n\t\t\t\t\t\t\tcrypto_del_alg\n\t\t\t\t\t\t\t // free pd\n\n\u003ckworker context\u003e\ninvoke_padata_reorder\n // UAF of pd\n\nTo avoid UAF for \u0027reorder_work\u0027, get \u0027pd\u0027 ref before put \u0027reorder_work\u0027\ninto the \u0027serial_wq\u0027 and put \u0027pd\u0027 ref until the \u0027serial_wq\u0027 finish.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21726",
"url": "https://www.suse.com/security/cve/CVE-2025-21726"
},
{
"category": "external",
"summary": "SUSE Bug 1238865 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "external",
"summary": "SUSE Bug 1240837 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1240837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf \u0027mdelay(10)\u0027 is added before calling \u0027padata_find_next\u0027 in the\n\u0027padata_reorder\u0027 function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(\u0026pd-\u003erefcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps-\u003epd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in \u0027while\u0027, if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n\u0027padata_find_next\u0027, which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in \u0027padata_free_shell\u0027 wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21727",
"url": "https://www.suse.com/security/cve/CVE-2025-21727"
},
{
"category": "external",
"summary": "SUSE Bug 1237876 for CVE-2025-21727",
"url": "https://bugzilla.suse.com/1237876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd-\u003erecv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -\u003e succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -\u003e succeed\n nbd_reconnect_socket\n queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -\u003e nbd_config is freed\n atomic_dec(\u0026config-\u003erecv_threads)\n -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21731",
"url": "https://www.suse.com/security/cve/CVE-2025-21731"
},
{
"category": "external",
"summary": "SUSE Bug 1237881 for CVE-2025-21731",
"url": "https://bugzilla.suse.com/1237881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error\n\nThis patch addresses a race condition for an ODP MR that can result in a\nCQE with an error on the UMR QP.\n\nDuring the __mlx5_ib_dereg_mr() flow, the following sequence of calls\noccurs:\n\nmlx5_revoke_mr()\n mlx5r_umr_revoke_mr()\n mlx5r_umr_post_send_wait()\n\nAt this point, the lkey is freed from the hardware\u0027s perspective.\n\nHowever, concurrently, mlx5_ib_invalidate_range() might be triggered by\nanother task attempting to invalidate a range for the same freed lkey.\n\nThis task will:\n - Acquire the umem_odp-\u003eumem_mutex lock.\n - Call mlx5r_umr_update_xlt() on the UMR QP.\n - Since the lkey has already been freed, this can lead to a CQE error,\n causing the UMR QP to enter an error state [1].\n\nTo resolve this race condition, the umem_odp-\u003eumem_mutex lock is now also\nacquired as part of the mlx5_revoke_mr() scope. Upon successful revoke,\nwe set umem_odp-\u003eprivate which points to that MR to NULL, preventing any\nfurther invalidation attempts on its lkey.\n\n[1] From dmesg:\n\n infiniband rocep8s0f0: dump_cqe:277:(pid 0): WC error: 6, Message: memory bind operation error\n cqe_dump: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000030: 00 00 00 00 08 00 78 06 25 00 11 b9 00 0e dd d2\n\n WARNING: CPU: 15 PID: 1506 at drivers/infiniband/hw/mlx5/umr.c:394 mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n Modules linked in: ip6table_mangle ip6table_natip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\n CPU: 15 UID: 0 PID: 1506 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1626\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n [..]\n Call Trace:\n \u003cTASK\u003e\n mlx5r_umr_update_xlt+0x23c/0x3e0 [mlx5_ib]\n mlx5_ib_invalidate_range+0x2e1/0x330 [mlx5_ib]\n __mmu_notifier_invalidate_range_start+0x1e1/0x240\n zap_page_range_single+0xf1/0x1a0\n madvise_vma_behavior+0x677/0x6e0\n do_madvise+0x1a2/0x4b0\n __x64_sys_madvise+0x25/0x30\n do_syscall_64+0x6b/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21732",
"url": "https://www.suse.com/security/cve/CVE-2025-21732"
},
{
"category": "external",
"summary": "SUSE Bug 1237877 for CVE-2025-21732",
"url": "https://bugzilla.suse.com/1237877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21734",
"url": "https://www.suse.com/security/cve/CVE-2025-21734"
},
{
"category": "external",
"summary": "SUSE Bug 1238734 for CVE-2025-21734",
"url": "https://bugzilla.suse.com/1238734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21735",
"url": "https://www.suse.com/security/cve/CVE-2025-21735"
},
{
"category": "external",
"summary": "SUSE Bug 1238497 for CVE-2025-21735",
"url": "https://bugzilla.suse.com/1238497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix possible int overflows in nilfs_fiemap()\n\nSince nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result\nby being prepared to go through potentially maxblocks == INT_MAX blocks,\nthe value in n may experience an overflow caused by left shift of blkbits.\n\nWhile it is extremely unlikely to occur, play it safe and cast right hand\nexpression to wider type to mitigate the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with static analysis\ntool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21736",
"url": "https://www.suse.com/security/cve/CVE-2025-21736"
},
{
"category": "external",
"summary": "SUSE Bug 1238715 for CVE-2025-21736",
"url": "https://bugzilla.suse.com/1238715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21738",
"url": "https://www.suse.com/security/cve/CVE-2025-21738"
},
{
"category": "external",
"summary": "SUSE Bug 1238917 for CVE-2025-21738",
"url": "https://bugzilla.suse.com/1238917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21741",
"url": "https://www.suse.com/security/cve/CVE-2025-21741"
},
{
"category": "external",
"summary": "SUSE Bug 1238767 for CVE-2025-21741",
"url": "https://bugzilla.suse.com/1238767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21742",
"url": "https://www.suse.com/security/cve/CVE-2025-21742"
},
{
"category": "external",
"summary": "SUSE Bug 1238771 for CVE-2025-21742",
"url": "https://bugzilla.suse.com/1238771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix possible overflow in DPE length check\n\nOriginally, it was possible for the DPE length check to overflow if\nwDatagramIndex + wDatagramLength \u003e U16_MAX. This could lead to an OoB\nread.\n\nMove the wDatagramIndex term to the other side of the inequality.\n\nAn existing condition ensures that wDatagramIndex \u003c urb-\u003eactual_length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21743",
"url": "https://www.suse.com/security/cve/CVE-2025-21743"
},
{
"category": "external",
"summary": "SUSE Bug 1238781 for CVE-2025-21743",
"url": "https://bugzilla.suse.com/1238781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr-\u003eif2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp-\u003endev-\u003estats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21744",
"url": "https://www.suse.com/security/cve/CVE-2025-21744"
},
{
"category": "external",
"summary": "SUSE Bug 1238903 for CVE-2025-21744",
"url": "https://bugzilla.suse.com/1238903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21745",
"url": "https://www.suse.com/security/cve/CVE-2025-21745"
},
{
"category": "external",
"summary": "SUSE Bug 1238785 for CVE-2025-21745",
"url": "https://bugzilla.suse.com/1238785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21749",
"url": "https://www.suse.com/security/cve/CVE-2025-21749"
},
{
"category": "external",
"summary": "SUSE Bug 1238904 for CVE-2025-21749",
"url": "https://bugzilla.suse.com/1238904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "low"
}
],
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS: 00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21750",
"url": "https://www.suse.com/security/cve/CVE-2025-21750"
},
{
"category": "external",
"summary": "SUSE Bug 1238905 for CVE-2025-21750",
"url": "https://bugzilla.suse.com/1238905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial\n\nThe driver assumed that es58x_dev-\u003eudev-\u003eserial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev-\u003eudev-\u003eserial before accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21773",
"url": "https://www.suse.com/security/cve/CVE-2025-21773"
},
{
"category": "external",
"summary": "SUSE Bug 1238762 for CVE-2025-21773",
"url": "https://bugzilla.suse.com/1238762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21775",
"url": "https://www.suse.com/security/cve/CVE-2025-21775"
},
{
"category": "external",
"summary": "SUSE Bug 1238501 for CVE-2025-21775",
"url": "https://bugzilla.suse.com/1238501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: hub: Ignore non-compliant devices with too many configs or interfaces\n\nRobert Morris created a test program which can cause\nusb_hub_to_struct_hub() to dereference a NULL or inappropriate\npointer:\n\nOops: general protection fault, probably for non-canonical address\n0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI\nCPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14\nHardware name: FreeBSD BHYVE/BHYVE, BIOS 14.0 10/17/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_hub_adjust_deviceremovable+0x78/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x31/0x80\n ? exc_general_protection+0x1b4/0x3c0\n ? asm_exc_general_protection+0x26/0x30\n ? usb_hub_adjust_deviceremovable+0x78/0x110\n hub_probe+0x7c7/0xab0\n usb_probe_interface+0x14b/0x350\n really_probe+0xd0/0x2d0\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x6e/0x110\n driver_probe_device+0x1a/0x90\n __device_attach_driver+0x7e/0xc0\n bus_for_each_drv+0x7f/0xd0\n __device_attach+0xaa/0x1a0\n bus_probe_device+0x8b/0xa0\n device_add+0x62e/0x810\n usb_set_configuration+0x65d/0x990\n usb_generic_driver_probe+0x4b/0x70\n usb_probe_device+0x36/0xd0\n\nThe cause of this error is that the device has two interfaces, and the\nhub driver binds to interface 1 instead of interface 0, which is where\nusb_hub_to_struct_hub() looks.\n\nWe can prevent the problem from occurring by refusing to accept hub\ndevices that violate the USB spec by having more than one\nconfiguration or interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21776",
"url": "https://www.suse.com/security/cve/CVE-2025-21776"
},
{
"category": "external",
"summary": "SUSE Bug 1238909 for CVE-2025-21776",
"url": "https://bugzilla.suse.com/1238909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21779",
"url": "https://www.suse.com/security/cve/CVE-2025-21779"
},
{
"category": "external",
"summary": "SUSE Bug 1238768 for CVE-2025-21779",
"url": "https://bugzilla.suse.com/1238768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21780",
"url": "https://www.suse.com/security/cve/CVE-2025-21780"
},
{
"category": "external",
"summary": "SUSE Bug 1239115 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "external",
"summary": "SUSE Bug 1239116 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn\u0027t a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh-\u003ebat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21781",
"url": "https://www.suse.com/security/cve/CVE-2025-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1238735 for CVE-2025-21781",
"url": "https://bugzilla.suse.com/1238735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21784",
"url": "https://www.suse.com/security/cve/CVE-2025-21784"
},
{
"category": "external",
"summary": "SUSE Bug 1238510 for CVE-2025-21784",
"url": "https://bugzilla.suse.com/1238510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21785",
"url": "https://www.suse.com/security/cve/CVE-2025-21785"
},
{
"category": "external",
"summary": "SUSE Bug 1238747 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "external",
"summary": "SUSE Bug 1240745 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1240745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21793",
"url": "https://www.suse.com/security/cve/CVE-2025-21793"
},
{
"category": "external",
"summary": "SUSE Bug 1238500 for CVE-2025-21793",
"url": "https://bugzilla.suse.com/1238500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()\n\nSyzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from\nhid-thrustmaster driver. This array is passed to usb_check_int_endpoints\nfunction from usb.c core driver, which executes a for loop that iterates\nover the elements of the passed array. Not finding a null element at the end of\nthe array, it tries to read the next, non-existent element, crashing the kernel.\n\nTo fix this, a 0 element was added at the end of the array to break the for\nloop.\n\n[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21794",
"url": "https://www.suse.com/security/cve/CVE-2025-21794"
},
{
"category": "external",
"summary": "SUSE Bug 1238502 for CVE-2025-21794",
"url": "https://bugzilla.suse.com/1238502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n $ cat /proc/iomem\n 30000000-37ffffff :\n 38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n $ cat /proc/iomem\n 30000000-37ffffff : memory2\n 38000000-3fffffff : memory3\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21804",
"url": "https://www.suse.com/security/cve/CVE-2025-21804"
},
{
"category": "external",
"summary": "SUSE Bug 1238736 for CVE-2025-21804",
"url": "https://bugzilla.suse.com/1238736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: class: Fix wild pointer dereferences in API class_dev_iter_next()\n\nThere are a potential wild pointer dereferences issue regarding APIs\nclass_dev_iter_(init|next|exit)(), as explained by below typical usage:\n\n// All members of @iter are wild pointers.\nstruct class_dev_iter iter;\n\n// class_dev_iter_init(@iter, @class, ...) checks parameter @class for\n// potential class_to_subsys() error, and it returns void type and does\n// not initialize its output parameter @iter, so caller can not detect\n// the error and continues to invoke class_dev_iter_next(@iter) even if\n// @iter still contains wild pointers.\nclass_dev_iter_init(\u0026iter, ...);\n\n// Dereference these wild pointers in @iter here once suffer the error.\nwhile (dev = class_dev_iter_next(\u0026iter)) { ... };\n\n// Also dereference these wild pointers here.\nclass_dev_iter_exit(\u0026iter);\n\nActually, all callers of these APIs have such usage pattern in kernel tree.\nFix by:\n- Initialize output parameter @iter by memset() in class_dev_iter_init()\n and give callers prompt by pr_crit() for the error.\n- Check if @iter is valid in class_dev_iter_next().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21810",
"url": "https://www.suse.com/security/cve/CVE-2025-21810"
},
{
"category": "external",
"summary": "SUSE Bug 1238757 for CVE-2025-21810",
"url": "https://bugzilla.suse.com/1238757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/compaction: fix UBSAN shift-out-of-bounds warning\n\nsyzkaller reported a UBSAN shift-out-of-bounds warning of (1UL \u003c\u003c order)\nin isolate_freepages_block(). The bogus compound_order can be any value\nbecause it is union with flags. Add back the MAX_PAGE_ORDER check to fix\nthe warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21815",
"url": "https://www.suse.com/security/cve/CVE-2025-21815"
},
{
"category": "external",
"summary": "SUSE Bug 1238474 for CVE-2025-21815",
"url": "https://bugzilla.suse.com/1238474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/display: Use HW lock mgr for PSR1\"\n\nThis reverts commit\na2b5a9956269 (\"drm/amd/display: Use HW lock mgr for PSR1\")\n\nBecause it may cause system hang while connect with two edp panel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21819",
"url": "https://www.suse.com/security/cve/CVE-2025-21819"
},
{
"category": "external",
"summary": "SUSE Bug 1238994 for CVE-2025-21819",
"url": "https://bugzilla.suse.com/1238994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port-\u003esysrq)\n uart_port_lock(port)\n uart_handle_break()\n port-\u003esysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port-\u003esysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port-\u003esysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21820",
"url": "https://www.suse.com/security/cve/CVE-2025-21820"
},
{
"category": "external",
"summary": "SUSE Bug 1238479 for CVE-2025-21820",
"url": "https://bugzilla.suse.com/1238479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21823",
"url": "https://www.suse.com/security/cve/CVE-2025-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1238475 for CVE-2025-21823",
"url": "https://bugzilla.suse.com/1238475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Cancel the running bpf_timer through kworker for PREEMPT_RT\n\nDuring the update procedure, when overwrite element in a pre-allocated\nhtab, the freeing of old_element is protected by the bucket lock. The\nreason why the bucket lock is necessary is that the old_element has\nalready been stashed in htab-\u003eextra_elems after alloc_htab_elem()\nreturns. If freeing the old_element after the bucket lock is unlocked,\nthe stashed element may be reused by concurrent update procedure and the\nfreeing of old_element will run concurrently with the reuse of the\nold_element. However, the invocation of check_and_free_fields() may\nacquire a spin-lock which violates the lockdep rule because its caller\nhas already held a raw-spin-lock (bucket lock). The following warning\nwill be reported when such race happens:\n\n BUG: scheduling while atomic: test_progs/676/0x00000003\n 3 locks held by test_progs/676:\n #0: ffffffff864b0240 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830\n #1: ffff88810e961188 (\u0026htab-\u003elockdep_key){....}-{2:2}, at: htab_map_update_elem+0x306/0x1500\n #2: ffff8881f4eac1b8 (\u0026base-\u003esoftirq_expiry_lock){....}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0\n Modules linked in: bpf_testmod(O)\n Preemption disabled at:\n [\u003cffffffff817837a3\u003e] htab_map_update_elem+0x293/0x1500\n CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G ... 6.12.0+ #11\n Tainted: [W]=WARN, [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n __schedule_bug+0x120/0x170\n __schedule+0x300c/0x4800\n schedule_rtlock+0x37/0x60\n rtlock_slowlock_locked+0x6d9/0x54c0\n rt_spin_lock+0x168/0x230\n hrtimer_cancel_wait_running+0xe9/0x1b0\n hrtimer_cancel+0x24/0x30\n bpf_timer_delete_work+0x1d/0x40\n bpf_timer_cancel_and_free+0x5e/0x80\n bpf_obj_free_fields+0x262/0x4a0\n check_and_free_fields+0x1d0/0x280\n htab_map_update_elem+0x7fc/0x1500\n bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43\n bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e\n bpf_prog_test_run_syscall+0x322/0x830\n __sys_bpf+0x135d/0x3ca0\n __x64_sys_bpf+0x75/0xb0\n x64_sys_call+0x1b5/0xa10\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n ...\n \u003c/TASK\u003e\n\nIt seems feasible to break the reuse and refill of per-cpu extra_elems\ninto two independent parts: reuse the per-cpu extra_elems with bucket\nlock being held and refill the old_element as per-cpu extra_elems after\nthe bucket lock is unlocked. However, it will make the concurrent\noverwrite procedures on the same CPU return unexpected -E2BIG error when\nthe map is full.\n\nTherefore, the patch fixes the lock problem by breaking the cancelling\nof bpf_timer into two steps for PREEMPT_RT:\n1) use hrtimer_try_to_cancel() and check its return value\n2) if the timer is running, use hrtimer_cancel() through a kworker to\n cancel it again\nConsidering that the current implementation of hrtimer_cancel() will try\nto acquire a being held softirq_expiry_lock when the current timer is\nrunning, these steps above are reasonable. However, it also has\ndownside. When the timer is running, the cancelling of the timer is\ndelayed when releasing the last map uref. The delay is also fixable\n(e.g., break the cancelling of bpf timer into two parts: one part in\nlocked scope, another one in unlocked scope), it can be revised later if\nnecessary.\n\nIt is a bit hard to decide the right fix tag. One reason is that the\nproblem depends on PREEMPT_RT which is enabled in v6.12. Considering the\nsoftirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced\nin v5.15, the bpf_timer commit is used in the fixes tag and an extra\ndepends-on tag is added to state the dependency on PREEMPT_RT.\n\nDepends-on: v6.12+ with PREEMPT_RT enabled",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21825",
"url": "https://www.suse.com/security/cve/CVE-2025-21825"
},
{
"category": "external",
"summary": "SUSE Bug 1238971 for CVE-2025-21825",
"url": "https://bugzilla.suse.com/1238971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t flush non-uploaded STAs\n\nIf STA state is pre-moved to AUTHORIZED (such as in IBSS\nscenarios) and insertion fails, the station is freed.\nIn this case, the driver never knew about the station,\nso trying to flush it is unexpected and may crash.\n\nCheck if the sta was uploaded to the driver before and\nfix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21828",
"url": "https://www.suse.com/security/cve/CVE-2025-21828"
},
{
"category": "external",
"summary": "SUSE Bug 1238958 for CVE-2025-21828",
"url": "https://bugzilla.suse.com/1238958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n \u003cTASK\u003e\n ? show_regs.cold+0x1a/0x1f\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __warn+0x84/0xd0\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? report_bug+0x105/0x180\n ? handle_bug+0x46/0x80\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n ib_destroy_qp_user+0x118/0x190 [ib_core]\n rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n process_one_work+0x21d/0x3f0\n worker_thread+0x4a/0x3c0\n ? process_one_work+0x3f0/0x3f0\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21829",
"url": "https://www.suse.com/security/cve/CVE-2025-21829"
},
{
"category": "external",
"summary": "SUSE Bug 1239030 for CVE-2025-21829",
"url": "https://bugzilla.suse.com/1239030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21830",
"url": "https://www.suse.com/security/cve/CVE-2025-21830"
},
{
"category": "external",
"summary": "SUSE Bug 1239033 for CVE-2025-21830",
"url": "https://bugzilla.suse.com/1239033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won\u0027t be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21831",
"url": "https://www.suse.com/security/cve/CVE-2025-21831"
},
{
"category": "external",
"summary": "SUSE Bug 1239039 for CVE-2025-21831",
"url": "https://bugzilla.suse.com/1239039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21835",
"url": "https://www.suse.com/security/cve/CVE-2025-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1239068 for CVE-2025-21835",
"url": "https://bugzilla.suse.com/1239068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget-\u003ework\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(\u0026gadget-\u003ework)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21838",
"url": "https://www.suse.com/security/cve/CVE-2025-21838"
},
{
"category": "external",
"summary": "SUSE Bug 1239065 for CVE-2025-21838",
"url": "https://bugzilla.suse.com/1239065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.34.2.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.34.2.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.34.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T15:36:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
}
]
}
SUSE-SU-2025:20190-1
Vulnerability from csaf_suse - Published: 2025-04-17 10:48 - Updated: 2025-04-17 10:48Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).
- CVE-2024-56638: kABI fix for "netfilter: nft_inner: incorrect percpu area handling under softirq" (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).
- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).
- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).
- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
- CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).
- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).
- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).
- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).
- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).
- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).
- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).
- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).
- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
The following non-security bugs were fixed:
- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-fixes).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).
- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- Fix memory-hotplug regression (bsc#1237504)
- Grab mm lock before grabbing pt lock (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).
- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).
- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).
- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes).
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).
- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).
- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes).
- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).
- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).
- Move upstreamed ACPI patch into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: Use downstream bridges for distributing resources (bsc#1237325).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/efa: Reset device on probe failure (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Reapply "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes).
- Revert "dm: requeue IO if mapping table not yet available" (git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes).
- Revert "leds-pca955x: Remove the unused function pca95xx_num_led_regs()" (stable-fixes).
- Revert "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).
- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).
- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- add nf_tables for iptables non-legacy network handling.
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- bio-integrity: do not restrict the size of integrity metadata (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).
- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).
- blk-mq: add number of queue calc helper (bsc#1236897).
- blk-mq: create correct map for fallback case (bsc#1236896).
- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).
- blk_iocost: remove some duplicate irq disable/enables (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).
- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).
- block: change rq_integrity_vec to respect the iterator (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- block: ensure we hold a queue reference when using queue limits (git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).
- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).
- block: retry call probe after request_module in blk_request_module (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- block: use the right type for stub rq_integrity_vec() (git-fixes).
- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).
- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).
- cifs: Remove intermediate object of failed create reparse call (git-fixes).
- cifs: commands that are retried should have replay flag set (bsc#1231432).
- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).
- cifs: helper function to check replayable error codes (bsc#1231432).
- cifs: new mount option called retrans (bsc#1231432).
- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).
- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).
- cifs: update desired access while requesting for directory lease (git-fixes).
- cifs: update the same create_guid on replay (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- config: Set gcc version (jsc#PED-12251).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).
- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).
- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- doc/README.SUSE: Point to the updated version of LKMPG
- doc: update managed_irq documentation (bsc#1236897).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).
- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting" (git-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- drm/i915/selftests: avoid using uninitialized context (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).
- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).
- eth: gve: use appropriate helper to set xdp_features (git-fixes).
- exfat: convert to ctime accessor functions (git-fixes).
- exfat: do not zero the extended part (bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).
- exfat: fix file being changed by unaligned direct write (git-fixes).
- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).
- exfat: fix zero the unwritten part for dio read (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- futex: Do not include process MM in futex key on no-MMU (git-fixes).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
- gup: make the stack expansion warning a bit more targeted (bsc#1238214).
- hfs: Sanity check the root record (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).
- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).
- ice: put Rx buffers after being done with current frame (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).
- igc: return early when failing to read EECD register (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kabi: fix bus type (bsc#1236896).
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).
- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).
- kernel-source: Also replace bin/env
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).
- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: stackinit: hide never-taken branch from compiler (stable-fixes).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).
- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).
- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/raid0: do not free conf on raid0_run failure (git-fixes).
- md/raid1: do not free conf on raid0_run failure (git-fixes).
- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).
- md: Do not flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).
- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mptcp: export local_address (git-fixes)
- mptcp: fix NL PM announced address accounting (git-fixes)
- mptcp: fix data races on local_id (git-fixes)
- mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- mptcp: pm: do not try to create sf if alloc failed (git-fixes)
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- mptcp: pm: reduce indentation blocks (git-fixes)
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- mptcp: unify pm get_local_id interfaces (git-fixes)
- mptcp: unify pm set_flags interfaces (git-fixes)
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions (git-fixes).
- nbd: do not allow reconnect after disconnect (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).
- net: Fix undefined behavior in netdev name allocation (bsc#1233749).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns (bsc#1233749).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- net: do not send a MOVE event when netdev changes netns (bsc#1233749).
- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: fix removing a namespace with conflicting altnames (bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: move altnames together with the netdevice (bsc#1233749).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).
- net: remove else after return in dev_prep_valid_name() (bsc#1233749).
- net: rose: lock the socket in rose_bind() (git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).
- net: smc: fix spurious error message from __sock_release() (bsc#1237126).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).
- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).
- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- padata: fix sysfs store callback check (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).
- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (ltc#210895 bsc#1235933 ltc#210896
bsc#1235932).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).
- powerpc: Stop using no_llseek (bsc#1239573).
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).
- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).
- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).
- rbd: do not move requests to the running list on errors (git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).
- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).
- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices (bsc#1236752).
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/topology: Improve topology detection (bsc#1236591).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).
- scsi: core: Clear driver private data when retrying request (git-fixes).
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- scsi: core: Handle depopulation and restoration in progress (git-fixes).
- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).
- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).
- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).
- scsi: myrb: Remove dead code (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- scsi: sg: Enable runtime power management (git-fixes).
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).
- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- selftest: hugetlb_dio: fix test naming (git-fixes).
- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).
- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).
- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes).
- smb3: request handle caching when caching directories (bsc#1231432).
- smb3: retrying on failed server close (bsc#1231432).
- smb: cached directories can be more than root file handle (bsc#1231432).
- smb: cilent: set reparse mount points as automounts (git-fixes).
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).
- smb: client: Fix minor whitespace errors and warnings (git-fixes).
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).
- smb: client: add support for WSL reparse points (git-fixes).
- smb: client: allow creating special files via reparse points (git-fixes).
- smb: client: allow creating symlinks via reparse points (git-fixes).
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: do not query reparse points twice on symlinks (git-fixes).
- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).
- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).
- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).
- smb: client: fix hardlinking of reparse points (git-fixes).
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- smb: client: fix possible double free in smb2_set_ea() (git-fixes).
- smb: client: fix potential broken compound request (git-fixes).
- smb: client: fix renaming of reparse points (git-fixes).
- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).
- smb: client: handle path separator of created SMB symlinks (git-fixes).
- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).
- smb: client: ignore unhandled reparse tags (git-fixes).
- smb: client: implement ->query_reparse_point() for SMB1 (git-fixes).
- smb: client: instantiate when creating SFU files (git-fixes).
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- smb: client: introduce reparse mount option (git-fixes).
- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).
- smb: client: move most of reparse point handling code to common file (git-fixes).
- smb: client: move some params to cifs_open_info_data (bsc#1231432).
- smb: client: optimise reparse point querying (git-fixes).
- smb: client: parse owner/group when creating reparse points (git-fixes).
- smb: client: parse reparse point flag in create response (bsc#1231432).
- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).
- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).
- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).
- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- smb: client: retry compound request without reusing lease (git-fixes).
- smb: client: return reparse type in /proc/mounts (git-fixes).
- smb: client: reuse file lease key in compound operations (git-fixes).
- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).
- smb: client: set correct file type from NFS reparse points (git-fixes).
- smb: client: stop revalidating reparse points unnecessarily (git-fixes).
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes).
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).
- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).
- usbnet: ipheth: document scope of NCM implementation (stable-fixes).
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- virtio-mem: check if the config changed before fake offlining memory (git-fixes).
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).
- vsock/virtio: cancel close work in the destructor (git-fixes)
- vsock: Keep the binding until socket destruction (git-fixes)
- vsock: reset socket state when de-assigning the transport (git-fixes)
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/asm: Make serialize() always_inline (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
- xen/swiotlb: relax alignment requirements (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- zram: fix potential UAF of zram table (git-fixes).
- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).
- zram: refuse to use zero sized block device as backing device (git-fixes).
- zram: split memory-tracking and ac-time tracking (git-fixes).
Patchnames
SUSE-SLE-Micro-6.0-kernel-8
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).\n- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).\n- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).\n- CVE-2024-45010: mptcp: pm: only mark \u0027subflow\u0027 endp as available (bsc#1230439).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).\n- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).\n- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-50142: xfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset (bsc#1233028).\n- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).\n- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).\n- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).\n- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).\n- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).\n- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).\n- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).\n- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).\n- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).\n- CVE-2024-56638: kABI fix for \"netfilter: nft_inner: incorrect percpu area handling under softirq\" (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).\n- CVE-2024-56658: net: defer final \u0027struct net\u0027 free in netns dismantle (bsc#1235441).\n- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).\n- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current-\u003ensproxy (bsc#1236113).\n- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current-\u003ensproxy (bsc#1236114).\n- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current-\u003ensproxy (bsc#1236115).\n- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current-\u003ensproxy (bsc#1236122).\n- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy (bsc#1236123).\n- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).\n- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).\n- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).\n- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).\n- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).\n- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).\n- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).\n- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).\n- CVE-2025-21678: gtp: Destroy device along with udp socket\u0027s netns dismantle (bsc#1236698).\n- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).\n- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).\n- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).\n- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).\n- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).\n- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).\n- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).\n- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).\n- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).\n- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).\n- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).\n- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).\n- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).\n- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n\nThe following non-security bugs were fixed:\n\n- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).\n- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).\n- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).\n- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).\n- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).\n- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).\n- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).\n- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).\n- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).\n- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).\n- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).\n- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).\n- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).\n- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).\n- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).\n- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).\n- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).\n- ALSA: seq: Make dependency on UMP clearer (git-fixes).\n- ALSA: seq: remove redundant \u0027tristate\u0027 for SND_SEQ_UMP_CLIENT (stable-fixes).\n- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).\n- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).\n- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).\n- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).\n- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).\n- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).\n- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).\n- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).\n- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).\n- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).\n- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).\n- ASoC: es8328: fix route from DAC to output (git-fixes).\n- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).\n- ASoC: ops: Consistently treat platform_max as control value (git-fixes).\n- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).\n- ASoC: rt722-sdca: add missing readable registers (git-fixes).\n- ASoC: tas2764: Fix power control mask (stable-fixes).\n- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- ASoC: tas2770: Fix volume scale (stable-fixes).\n- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).\n- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).\n- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).\n- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- Documentation: qat: fix auto_reset attribute details (git-fixes).\n- Documentation: qat: fix auto_reset section (git-fixes).\n- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- Fix memory-hotplug regression (bsc#1237504)\n- Grab mm lock before grabbing pt lock (git-fixes).\n- HID: Enable playstation driver independently of sony driver (git-fixes).\n- HID: Wacom: Add PCI Wacom device support (stable-fixes).\n- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).\n- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).\n- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- HID: hid-steam: Add Deck IMU support (stable-fixes).\n- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).\n- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).\n- HID: hid-steam: Clean up locking (stable-fixes).\n- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).\n- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).\n- HID: hid-steam: Fix cleanup in probe() (git-fixes).\n- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).\n- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).\n- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).\n- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).\n- HID: hid-steam: remove pointless error message (stable-fixes).\n- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).\n- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).\n- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).\n- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).\n- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- IB/mad: Check available slots before posting receive WRs (git-fixes)\n- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)\n- Input: ads7846 - fix gpiod allocation (git-fixes).\n- Input: allocate keycode for phone linking (stable-fixes).\n- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- Input: iqs7222 - preserve system status register (git-fixes).\n- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- Input: xpad - add multiple supported devices (stable-fixes).\n- Input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- Input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).\n- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).\n- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).\n- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).\n- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).\n- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).\n- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).\n- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)\n- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).\n- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).\n- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).\n- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).\n- KVM: x86/mmu: Skip the \"try unsync\" path iff the old SPTE was a leaf SPTE (git-fixes).\n- KVM: x86: AMD\u0027s IBPB is not equivalent to Intel\u0027s IBPB (git-fixes).\n- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).\n- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).\n- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).\n- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).\n- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).\n- KVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel (git-fixes).\n- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).\n- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).\n- Move upstreamed ACPI patch into sorted section\n- Move upstreamed PCI and initramfs patches into sorted section\n- Move upstreamed nfsd and sunrpc patches into sorted section\n- Move upstreamed powerpc and SCSI patches into sorted section\n- PCI/ACS: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).\n- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)\n- PCI/DOE: Support discovery version 2 (bsc#1237853)\n- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).\n- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- PCI: Avoid reset when disabled via sysfs (git-fixes).\n- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- PCI: Use downstream bridges for distributing resources (bsc#1237325).\n- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- PCI: brcmstb: Use internal register to change link capability (git-fixes).\n- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- PCI: hookup irq_get_affinity callback (bsc#1236896).\n- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).\n- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).\n- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- PM: sleep: Adjust check before setting power.must_resume (git-fixes).\n- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).\n- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)\n- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)\n- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- RDMA/efa: Reset device on probe failure (git-fixes)\n- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)\n- RDMA/hns: Fix missing xa_destroy() (git-fixes)\n- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)\n- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)\n- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).\n- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- RDMA/mlx5: Fix AH static rate parsing (git-fixes)\n- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)\n- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)\n- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)\n- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)\n- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)\n- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)\n- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)\n- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- RDMA/rxe: Improve newline in printing messages (git-fixes)\n- Reapply \"wifi: ath11k: restore country code during resume\" (bsc#1207948).\n- Revert \"blk-throttle: Fix IO hang for a corner case\" (git-fixes).\n- Revert \"dm: requeue IO if mapping table not yet available\" (git-fixes).\n- Revert \"drivers/card_reader/rtsx_usb: Restore interrupt based detection\" (git-fixes).\n- Revert \"drm/amd/display: Use HW lock mgr for PSR1\" (stable-fixes).\n- Revert \"leds-pca955x: Remove the unused function pca95xx_num_led_regs()\" (stable-fixes).\n- Revert \"wifi: ath11k: restore country code during resume\" (bsc#1207948).\n- Revert \"wifi: ath11k: support hibernation\" (bsc#1207948).\n- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).\n- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).\n- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).\n- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).\n- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).\n- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).\n- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).\n- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).\n- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).\n- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).\n- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).\n- USB: serial: option: drop MeiG Smart defines (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).\n- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- Update \"drm/mgag200: Added support for the new device G200eH5\" (jsc#PED-12094)\n- Use gcc-13 for build on SLE16 (jsc#PED-10028).\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acct: block access to kernel internal filesystems (git-fixes).\n- acct: perform last write from workqueue (git-fixes).\n- add nf_tables for iptables non-legacy network handling.\n- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).\n- af_unix: Annotate data-race of sk-\u003esk_state in unix_stream_read_skb() (bsc#1239435).\n- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).\n- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)\n- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)\n- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)\n- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)\n- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- batman-adv: Drop unmanaged ELP metric worker (git-fixes).\n- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- batman-adv: fix panic during interface removal (git-fixes).\n- bio-integrity: do not restrict the size of integrity metadata (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- blk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage (bsc#1237558).\n- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).\n- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).\n- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).\n- blk-mq: add number of queue calc helper (bsc#1236897).\n- blk-mq: create correct map for fallback case (bsc#1236896).\n- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).\n- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).\n- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).\n- blk-mq: move cpuhp callback registering out of q-\u003esysfs_lock (git-fixes).\n- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).\n- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).\n- blk_iocost: remove some duplicate irq disable/enables (git-fixes).\n- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).\n- block: Clear zone limits for a non-zoned stacked queue (git-fixes).\n- block: Fix elevator_get_default() checking for NULL q-\u003etag_set (git-fixes).\n- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).\n- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).\n- block: Provide bdev_open_* functions (git-fixes).\n- block: Remove special-casing of compound pages (git-fixes).\n- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).\n- block: add a disk_has_partscan helper (git-fixes).\n- block: add a partscan sysfs attribute for disks (git-fixes).\n- block: add check of \u0027minors\u0027 and \u0027first_minor\u0027 in device_add_disk() (git-fixes).\n- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).\n- block: change rq_integrity_vec to respect the iterator (git-fixes).\n- block: cleanup and fix batch completion adding conditions (git-fixes).\n- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).\n- block: do not revert iter for -EIOCBQUEUED (git-fixes).\n- block: ensure we hold a queue reference when using queue limits (git-fixes).\n- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).\n- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).\n- block: fix integer overflow in BLKSECDISCARD (git-fixes).\n- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).\n- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).\n- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).\n- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).\n- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).\n- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).\n- block: retry call probe after request_module in blk_request_module (git-fixes).\n- block: return unsigned int from bdev_io_min (git-fixes).\n- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).\n- block: support to account io_ticks precisely (git-fixes).\n- block: use the right type for stub rq_integrity_vec() (git-fixes).\n- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).\n- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).\n- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).\n- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).\n- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).\n- bpf: Fix a verifier verbose message (git-fixes).\n- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).\n- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).\n- bpf: prevent r10 register from being marked as precise (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).\n- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).\n- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).\n- can: ctucanfd: handle skb allocation failure (git-fixes).\n- can: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdx: Fix possible UAF error in driver_override_show() (git-fixes).\n- char: misc: deallocate static minor in error path (git-fixes).\n- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).\n- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).\n- cifs: Remove intermediate object of failed create reparse call (git-fixes).\n- cifs: commands that are retried should have replay flag set (bsc#1231432).\n- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).\n- cifs: helper function to check replayable error codes (bsc#1231432).\n- cifs: new mount option called retrans (bsc#1231432).\n- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).\n- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).\n- cifs: update desired access while requesting for directory lease (git-fixes).\n- cifs: update the same create_guid on replay (git-fixes).\n- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).\n- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).\n- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).\n- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).\n- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).\n- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).\n- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- config: Set gcc version (jsc#PED-12251).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)\n- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).\n- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)\n- cpufreq/cppc: Move and rename (bsc#1237856)\n- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)\n- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)\n- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).\n- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).\n- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).\n- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).\n- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).\n- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).\n- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).\n- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).\n- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).\n- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).\n- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).\n- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).\n- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).\n- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \"Invalide\" -\u003e \"Invalid\" (jsc#PED-12416).\n- crypto: qat - Fix typo \"accelaration\" (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \"Full Going True\" macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- cxgb4: Avoid removal of uninserted tid (git-fixes).\n- cxgb4: use port number to set mac addr (git-fixes).\n- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).\n- dlm: fix srcu_read_lock() return type to int (git-fixes).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).\n- dm: Fix typo in error message (git-fixes).\n- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).\n- doc/README.SUSE: Point to the updated version of LKMPG\n- doc: update managed_irq documentation (bsc#1236897).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).\n- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).\n- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Fix HPD after gpu reset (stable-fixes).\n- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).\n- drm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params (git-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).\n- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).\n- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).\n- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/amdkfd: only flush the validate MES contex (stable-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \"gettin\" -\u003e \"getting\" (git-fixes).\n- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).\n- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).\n- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).\n- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).\n- drm/i915/selftests: avoid using uninitialized context (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).\n- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).\n- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).\n- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)\n- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).\n- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).\n- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).\n- drm/msm: Avoid rounding up to one jiffy (git-fixes).\n- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).\n- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).\n- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).\n- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).\n- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/sched: Fix preprocessor guard (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/virtio: New fence for every plane update (stable-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).\n- efi: libstub: Use \u0027-std=gnu11\u0027 to fix build with GCC 15 (stable-fixes).\n- eth: gve: use appropriate helper to set xdp_features (git-fixes).\n- exfat: convert to ctime accessor functions (git-fixes).\n- exfat: do not zero the extended part (bsc#1237356).\n- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).\n- exfat: fix file being changed by unaligned direct write (git-fixes).\n- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).\n- exfat: fix zero the unwritten part for dio read (git-fixes).\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Remove async regmap writes (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- futex: Do not include process MM in futex key on no-MMU (git-fixes).\n- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).\n- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).\n- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).\n- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).\n- gpio: pca953x: Improve interrupt support (git-fixes).\n- gpio: rcar: Fix missing of_node_put() call (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).\n- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).\n- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).\n- gup: make the stack expansion warning a bit more targeted (bsc#1238214).\n- hfs: Sanity check the root record (git-fixes).\n- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).\n- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).\n- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).\n- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).\n- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: ls2x: Fix frequency division register access (git-fixes).\n- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- iavf: allow changing VLAN state without calling PF (git-fixes).\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).\n- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).\n- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).\n- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).\n- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).\n- ice: fix max values for dpll pin phase adjust (git-fixes).\n- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).\n- ice: gather page_count()\u0027s of each frag right before XDP prog call (git-fixes).\n- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).\n- ice: put Rx buffers after being done with current frame (git-fixes).\n- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).\n- ice: use internal pf id instead of function number (git-fixes).\n- idpf: add read memory barrier when checking descriptor done bit (git-fixes).\n- idpf: call set_real_num_queues in idpf_open (bsc#1236661).\n- idpf: convert workqueues to unbound (git-fixes).\n- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).\n- idpf: fix handling rsc packet with a single segment (git-fixes).\n- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).\n- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).\n- igc: return early when failing to read EECD register (git-fixes).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).\n- iio: dac: ad3552r: clear reset status flag (git-fixes).\n- iio: filter: admv8818: Force initialization of SDO (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- init: add initramfs_internal.h (bsc#1232848).\n- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kabi: fix bus type (bsc#1236896).\n- kabi: fix group_cpus_evenly (bsc#1236897).\n- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).\n- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).\n- kernel-source: Also replace bin/env\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).\n- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).\n- l2tp: fix lockdep splat (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).\n- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).\n- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lib: stackinit: hide never-taken branch from compiler (stable-fixes).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).\n- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).\n- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).\n- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).\n- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).\n- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).\n- md/md-bitmap: add \u0027sync_size\u0027 into struct md_bitmap_stats (git-fixes).\n- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).\n- md/md-cluster: fix spares warnings for __le64 (git-fixes).\n- md/raid0: do not free conf on raid0_run failure (git-fixes).\n- md/raid1: do not free conf on raid0_run failure (git-fixes).\n- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).\n- md: Do not flush sync_work in md_write_start() (git-fixes).\n- md: convert comma to semicolon (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).\n- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).\n- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: ov08x40: Fix hblank out of range issue (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).\n- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).\n- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- memblock tests: fix warning: \"__ALIGN_KERNEL\" redefined (git-fixes).\n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).\n- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- mptcp: export local_address (git-fixes)\n- mptcp: fix NL PM announced address accounting (git-fixes)\n- mptcp: fix data races on local_id (git-fixes)\n- mptcp: fix inconsistent state on fastopen race (bsc#1222672).\n- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)\n- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)\n- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)\n- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)\n- mptcp: pm: deny endp with signal + subflow + port (git-fixes)\n- mptcp: pm: do not ignore \u0027subflow\u0027 if \u0027signal\u0027 flag is also set (git-fixes)\n- mptcp: pm: do not try to create sf if alloc failed (git-fixes)\n- mptcp: pm: fullmesh: select the right ID later (git-fixes)\n- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)\n- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)\n- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)\n- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)\n- mptcp: pm: re-using ID of unused removed subflows (git-fixes)\n- mptcp: pm: reduce indentation blocks (git-fixes)\n- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)\n- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)\n- mptcp: unify pm get_local_id interfaces (git-fixes)\n- mptcp: unify pm set_flags interfaces (git-fixes)\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).\n- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).\n- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).\n- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).\n- nbd: Fix signal handling (git-fixes).\n- nbd: Improve the documentation of the locking assumptions (git-fixes).\n- nbd: do not allow reconnect after disconnect (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- net l2tp: drop flow hash on forward (git-fixes).\n- net/mlx5: Correct TASR typo into TSAR (git-fixes).\n- net/mlx5: Fix RDMA TX steering prio (git-fixes).\n- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).\n- net/mlx5: SF, Fix add port error handling (git-fixes).\n- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).\n- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).\n- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).\n- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).\n- net: Fix undefined behavior in netdev name allocation (bsc#1233749).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: avoid UAF on deleted altname (bsc#1233749).\n- net: check for altname conflicts when changing netdev\u0027s netns (bsc#1233749).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).\n- net: do not send a MOVE event when netdev changes netns (bsc#1233749).\n- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).\n- net: fix ifname in netlink ntf during netns move (bsc#1233749).\n- net: fix removing a namespace with conflicting altnames (bsc#1233749).\n- net: free altname using an RCU callback (bsc#1233749).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: Cleanup \"mana\" debugfs dir after cleanup of all children (bsc#1236760).\n- net: mana: Enable debugfs files for MANA device (bsc#1236758).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: move altnames together with the netdevice (bsc#1233749).\n- net: netvsc: Update default VMBus channels (bsc#1236757).\n- net: reduce indentation of __dev_alloc_name() (bsc#1233749).\n- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).\n- net: remove else after return in dev_prep_valid_name() (bsc#1233749).\n- net: rose: lock the socket in rose_bind() (git-fixes).\n- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).\n- net: smc: fix spurious error message from __sock_release() (bsc#1237126).\n- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- nfsd: clear acl_access/acl_default after releasing them (git-fixes).\n- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).\n- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).\n- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).\n- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).\n- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).\n- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).\n- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).\n- null_blk: fix validation of block size (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).\n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-fc: use ctrl state getter (git-fixes).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).\n- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme/ioctl: add missing space in err message (git-fixes).\n- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: make nvme_tls_attrs_group static (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- nvme: tcp: Fix compilation warning with W=1 (git-fixes).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet: Fix crash when a namespace is disabled (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- orangefs: fix a oob in orangefs_debug_write (git-fixes).\n- padata: Clean up in padata_do_multithreaded() (bsc#1237563).\n- padata: Honor the caller\u0027s alignment in case of chunk_size 0 (bsc#1237563).\n- padata: fix sysfs store callback check (git-fixes).\n- partitions: ldm: remove the initial kernel-doc notation (git-fixes).\n- partitions: mac: fix handling of bogus partition table (git-fixes).\n- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).\n- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).\n- phy: tegra: xusb: reset VBUS \u0026 ID OVERRIDE (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).\n- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).\n- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- platform/x86: ISST: Ignore minor version change (bsc#1237452).\n- platform/x86: acer-wmi: Ignore AC events (stable-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: int3472: Check for adev == NULL (stable-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).\n- power: supply: da9150-fg: fix potential overflow (git-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).\n- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).\n- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).\n- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid mode (ltc#210895 bsc#1235933 ltc#210896\n bsc#1235932).\n- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).\n- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).\n- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).\n- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).\n- rapidio: fix an API misues when rio_add_net() fails (git-fixes).\n- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).\n- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).\n- rbd: do not move requests to the running list on errors (git-fixes).\n- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).\n- regmap-irq: Add missing kfree() (git-fixes).\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)\n- s390/cio: rename bitmap_size() -\u003e idset_bitmap_size() (git-fixes bsc#1236205).\n- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).\n- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).\n- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).\n- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).\n- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).\n- s390/pci: Ignore RID for isolated VFs (bsc#1236752).\n- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).\n- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).\n- s390/pci: Use topology ID for multi-function devices (bsc#1236752).\n- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/topology: Improve topology detection (bsc#1236591).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).\n- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).\n- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).\n- scsi: core: Clear driver private data when retrying request (git-fixes).\n- scsi: core: Do not retry I/Os during depopulation (git-fixes).\n- scsi: core: Handle depopulation and restoration in progress (git-fixes).\n- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).\n- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).\n- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).\n- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).\n- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).\n- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).\n- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).\n- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).\n- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).\n- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).\n- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).\n- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).\n- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).\n- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).\n- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).\n- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).\n- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).\n- scsi: myrb: Remove dead code (git-fixes).\n- scsi: qedi: Fix potential deadlock on \u0026qedi_percpu-\u003ep_work_lock (git-fixes).\n- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).\n- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).\n- scsi: sg: Enable runtime power management (git-fixes).\n- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).\n- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).\n- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).\n- scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- selftest: hugetlb_dio: fix test naming (git-fixes).\n- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).\n- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).\n- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).\n- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).\n- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).\n- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).\n- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).\n- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: connect: -f: no reconnect (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- serial: 8250: Fix fifo underflow on flush (git-fixes).\n- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).\n- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).\n- smb3: fix creating FIFOs when mounting with \"sfu\" mount option (git-fixes).\n- smb3: request handle caching when caching directories (bsc#1231432).\n- smb3: retrying on failed server close (bsc#1231432).\n- smb: cached directories can be more than root file handle (bsc#1231432).\n- smb: cilent: set reparse mount points as automounts (git-fixes).\n- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).\n- smb: client: Fix minor whitespace errors and warnings (git-fixes).\n- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).\n- smb: client: add support for WSL reparse points (git-fixes).\n- smb: client: allow creating special files via reparse points (git-fixes).\n- smb: client: allow creating symlinks via reparse points (git-fixes).\n- smb: client: cleanup smb2_query_reparse_point() (git-fixes).\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- smb: client: do not query reparse points twice on symlinks (git-fixes).\n- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).\n- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).\n- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).\n- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).\n- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).\n- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).\n- smb: client: fix hardlinking of reparse points (git-fixes).\n- smb: client: fix missing mode bits for SMB symlinks (git-fixes).\n- smb: client: fix possible double free in smb2_set_ea() (git-fixes).\n- smb: client: fix potential broken compound request (git-fixes).\n- smb: client: fix renaming of reparse points (git-fixes).\n- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).\n- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).\n- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).\n- smb: client: handle path separator of created SMB symlinks (git-fixes).\n- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).\n- smb: client: ignore unhandled reparse tags (git-fixes).\n- smb: client: implement -\u003equery_reparse_point() for SMB1 (git-fixes).\n- smb: client: instantiate when creating SFU files (git-fixes).\n- smb: client: introduce -\u003eparse_reparse_point() (git-fixes).\n- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).\n- smb: client: introduce cifs_sfu_make_node() (git-fixes).\n- smb: client: introduce reparse mount option (git-fixes).\n- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).\n- smb: client: move most of reparse point handling code to common file (git-fixes).\n- smb: client: move some params to cifs_open_info_data (bsc#1231432).\n- smb: client: optimise reparse point querying (git-fixes).\n- smb: client: parse owner/group when creating reparse points (git-fixes).\n- smb: client: parse reparse point flag in create response (bsc#1231432).\n- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).\n- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).\n- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).\n- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).\n- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).\n- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).\n- smb: client: retry compound request without reusing lease (git-fixes).\n- smb: client: return reparse type in /proc/mounts (git-fixes).\n- smb: client: reuse file lease key in compound operations (git-fixes).\n- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).\n- smb: client: set correct file type from NFS reparse points (git-fixes).\n- smb: client: stop revalidating reparse points unnecessarily (git-fixes).\n- smb: use kernel_connect() and kernel_bind() (git-fixes).\n- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).\n- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).\n- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).\n- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- spi: sn-f-ospi: Fix division by zero (git-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- sunrpc: suppress warnings for unused procfs functions (git-fixes).\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: Update window clamping condition (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).\n- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).\n- tools: fix annoying \"mkdir -p ...\" logs when building tools in parallel (git-fixes).\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- tty: xilinx_uartps: split sysrq handling (git-fixes).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- ublk: fix error code for unsupported command (git-fixes).\n- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).\n- ublk: move ublk_cancel_dev() out of ub-\u003emutex (git-fixes).\n- ublk: move zone report data out of request pdu (git-fixes).\n- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).\n- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).\n- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).\n- usb: chipidea: ci_hdrc_imx: decrement device\u0027s refcount in .remove() and in the error path of .probe() (git-fixes).\n- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).\n- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).\n- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).\n- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).\n- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).\n- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).\n- usb: gadget: Fix setting self-powered state on suspend (git-fixes).\n- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).\n- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).\n- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).\n- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).\n- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).\n- usb: hub: lack of clearing xHC resources (git-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).\n- usb: renesas_usbhs: Call clk_put() (git-fixes).\n- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).\n- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).\n- usb: roles: set switch registered flag early on (git-fixes).\n- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).\n- usb: typec: ucsi: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).\n- usbnet: ipheth: document scope of NCM implementation (stable-fixes).\n- util_macros.h: fix/rework find_closest() macros (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- vfio/pci: Lock external INTx masking ops (bsc#1222803).\n- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).\n- virtio-mem: check if the config changed before fake offlining memory (git-fixes).\n- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).\n- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).\n- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).\n- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- virtio: hookup irq_get_affinity callback (bsc#1236896).\n- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).\n- vsock/virtio: cancel close work in the destructor (git-fixes)\n- vsock: Keep the binding until socket destruction (git-fixes)\n- vsock: reset socket state when de-assigning the transport (git-fixes)\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).\n- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).\n- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).\n- wifi: iwlwifi: avoid memory leak (stable-fixes).\n- wifi: iwlwifi: limit printed string from FW file (git-fixes).\n- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).\n- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).\n- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).\n- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/asm: Make serialize() always_inline (git-fixes).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).\n- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \"nosmt\" correctly (git-fixes).\n- x86/microcode: Handle \"offline\" CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).\n- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).\n- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).\n- xen/swiotlb: relax alignment requirements (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n- zram: clear IDLE flag after recompression (git-fixes).\n- zram: clear IDLE flag in mark_idle() (git-fixes).\n- zram: do not mark idle slots that cannot be idle (git-fixes).\n- zram: fix potential UAF of zram table (git-fixes).\n- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).\n- zram: refuse to use zero sized block device as backing device (git-fixes).\n- zram: split memory-tracking and ac-time tracking (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-8",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20190-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20190-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520190-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20190-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021154.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215211",
"url": "https://bugzilla.suse.com/1215211"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1219367",
"url": "https://bugzilla.suse.com/1219367"
},
{
"category": "self",
"summary": "SUSE Bug 1221651",
"url": "https://bugzilla.suse.com/1221651"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1222672",
"url": "https://bugzilla.suse.com/1222672"
},
{
"category": "self",
"summary": "SUSE Bug 1222803",
"url": "https://bugzilla.suse.com/1222803"
},
{
"category": "self",
"summary": "SUSE Bug 1223047",
"url": "https://bugzilla.suse.com/1223047"
},
{
"category": "self",
"summary": "SUSE Bug 1224049",
"url": "https://bugzilla.suse.com/1224049"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224610",
"url": "https://bugzilla.suse.com/1224610"
},
{
"category": "self",
"summary": "SUSE Bug 1225533",
"url": "https://bugzilla.suse.com/1225533"
},
{
"category": "self",
"summary": "SUSE Bug 1225606",
"url": "https://bugzilla.suse.com/1225606"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1225981",
"url": "https://bugzilla.suse.com/1225981"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1227937",
"url": "https://bugzilla.suse.com/1227937"
},
{
"category": "self",
"summary": "SUSE Bug 1228521",
"url": "https://bugzilla.suse.com/1228521"
},
{
"category": "self",
"summary": "SUSE Bug 1228653",
"url": "https://bugzilla.suse.com/1228653"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1229361",
"url": "https://bugzilla.suse.com/1229361"
},
{
"category": "self",
"summary": "SUSE Bug 1230235",
"url": "https://bugzilla.suse.com/1230235"
},
{
"category": "self",
"summary": "SUSE Bug 1230438",
"url": "https://bugzilla.suse.com/1230438"
},
{
"category": "self",
"summary": "SUSE Bug 1230439",
"url": "https://bugzilla.suse.com/1230439"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230728",
"url": "https://bugzilla.suse.com/1230728"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1230832",
"url": "https://bugzilla.suse.com/1230832"
},
{
"category": "self",
"summary": "SUSE Bug 1231088",
"url": "https://bugzilla.suse.com/1231088"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231432",
"url": "https://bugzilla.suse.com/1231432"
},
{
"category": "self",
"summary": "SUSE Bug 1231912",
"url": "https://bugzilla.suse.com/1231912"
},
{
"category": "self",
"summary": "SUSE Bug 1231920",
"url": "https://bugzilla.suse.com/1231920"
},
{
"category": "self",
"summary": "SUSE Bug 1231949",
"url": "https://bugzilla.suse.com/1231949"
},
{
"category": "self",
"summary": "SUSE Bug 1232159",
"url": "https://bugzilla.suse.com/1232159"
},
{
"category": "self",
"summary": "SUSE Bug 1232198",
"url": "https://bugzilla.suse.com/1232198"
},
{
"category": "self",
"summary": "SUSE Bug 1232201",
"url": "https://bugzilla.suse.com/1232201"
},
{
"category": "self",
"summary": "SUSE Bug 1232299",
"url": "https://bugzilla.suse.com/1232299"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232421",
"url": "https://bugzilla.suse.com/1232421"
},
{
"category": "self",
"summary": "SUSE Bug 1232508",
"url": "https://bugzilla.suse.com/1232508"
},
{
"category": "self",
"summary": "SUSE Bug 1232520",
"url": "https://bugzilla.suse.com/1232520"
},
{
"category": "self",
"summary": "SUSE Bug 1232743",
"url": "https://bugzilla.suse.com/1232743"
},
{
"category": "self",
"summary": "SUSE Bug 1232812",
"url": "https://bugzilla.suse.com/1232812"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1233028",
"url": "https://bugzilla.suse.com/1233028"
},
{
"category": "self",
"summary": "SUSE Bug 1233033",
"url": "https://bugzilla.suse.com/1233033"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233109",
"url": "https://bugzilla.suse.com/1233109"
},
{
"category": "self",
"summary": "SUSE Bug 1233221",
"url": "https://bugzilla.suse.com/1233221"
},
{
"category": "self",
"summary": "SUSE Bug 1233248",
"url": "https://bugzilla.suse.com/1233248"
},
{
"category": "self",
"summary": "SUSE Bug 1233259",
"url": "https://bugzilla.suse.com/1233259"
},
{
"category": "self",
"summary": "SUSE Bug 1233260",
"url": "https://bugzilla.suse.com/1233260"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233483",
"url": "https://bugzilla.suse.com/1233483"
},
{
"category": "self",
"summary": "SUSE Bug 1233522",
"url": "https://bugzilla.suse.com/1233522"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233749",
"url": "https://bugzilla.suse.com/1233749"
},
{
"category": "self",
"summary": "SUSE Bug 1234070",
"url": "https://bugzilla.suse.com/1234070"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234853",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "self",
"summary": "SUSE Bug 1234857",
"url": "https://bugzilla.suse.com/1234857"
},
{
"category": "self",
"summary": "SUSE Bug 1234891",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "self",
"summary": "SUSE Bug 1234894",
"url": "https://bugzilla.suse.com/1234894"
},
{
"category": "self",
"summary": "SUSE Bug 1234895",
"url": "https://bugzilla.suse.com/1234895"
},
{
"category": "self",
"summary": "SUSE Bug 1234896",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1234963",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "self",
"summary": "SUSE Bug 1235054",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "self",
"summary": "SUSE Bug 1235061",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "self",
"summary": "SUSE Bug 1235073",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "self",
"summary": "SUSE Bug 1235244",
"url": "https://bugzilla.suse.com/1235244"
},
{
"category": "self",
"summary": "SUSE Bug 1235435",
"url": "https://bugzilla.suse.com/1235435"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235441",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235485",
"url": "https://bugzilla.suse.com/1235485"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235592",
"url": "https://bugzilla.suse.com/1235592"
},
{
"category": "self",
"summary": "SUSE Bug 1235599",
"url": "https://bugzilla.suse.com/1235599"
},
{
"category": "self",
"summary": "SUSE Bug 1235609",
"url": "https://bugzilla.suse.com/1235609"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235698",
"url": "https://bugzilla.suse.com/1235698"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235761",
"url": "https://bugzilla.suse.com/1235761"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235874",
"url": "https://bugzilla.suse.com/1235874"
},
{
"category": "self",
"summary": "SUSE Bug 1235914",
"url": "https://bugzilla.suse.com/1235914"
},
{
"category": "self",
"summary": "SUSE Bug 1235932",
"url": "https://bugzilla.suse.com/1235932"
},
{
"category": "self",
"summary": "SUSE Bug 1235933",
"url": "https://bugzilla.suse.com/1235933"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236099",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236113",
"url": "https://bugzilla.suse.com/1236113"
},
{
"category": "self",
"summary": "SUSE Bug 1236114",
"url": "https://bugzilla.suse.com/1236114"
},
{
"category": "self",
"summary": "SUSE Bug 1236115",
"url": "https://bugzilla.suse.com/1236115"
},
{
"category": "self",
"summary": "SUSE Bug 1236122",
"url": "https://bugzilla.suse.com/1236122"
},
{
"category": "self",
"summary": "SUSE Bug 1236123",
"url": "https://bugzilla.suse.com/1236123"
},
{
"category": "self",
"summary": "SUSE Bug 1236133",
"url": "https://bugzilla.suse.com/1236133"
},
{
"category": "self",
"summary": "SUSE Bug 1236138",
"url": "https://bugzilla.suse.com/1236138"
},
{
"category": "self",
"summary": "SUSE Bug 1236199",
"url": "https://bugzilla.suse.com/1236199"
},
{
"category": "self",
"summary": "SUSE Bug 1236200",
"url": "https://bugzilla.suse.com/1236200"
},
{
"category": "self",
"summary": "SUSE Bug 1236203",
"url": "https://bugzilla.suse.com/1236203"
},
{
"category": "self",
"summary": "SUSE Bug 1236205",
"url": "https://bugzilla.suse.com/1236205"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236573",
"url": "https://bugzilla.suse.com/1236573"
},
{
"category": "self",
"summary": "SUSE Bug 1236575",
"url": "https://bugzilla.suse.com/1236575"
},
{
"category": "self",
"summary": "SUSE Bug 1236576",
"url": "https://bugzilla.suse.com/1236576"
},
{
"category": "self",
"summary": "SUSE Bug 1236591",
"url": "https://bugzilla.suse.com/1236591"
},
{
"category": "self",
"summary": "SUSE Bug 1236661",
"url": "https://bugzilla.suse.com/1236661"
},
{
"category": "self",
"summary": "SUSE Bug 1236677",
"url": "https://bugzilla.suse.com/1236677"
},
{
"category": "self",
"summary": "SUSE Bug 1236680",
"url": "https://bugzilla.suse.com/1236680"
},
{
"category": "self",
"summary": "SUSE Bug 1236681",
"url": "https://bugzilla.suse.com/1236681"
},
{
"category": "self",
"summary": "SUSE Bug 1236682",
"url": "https://bugzilla.suse.com/1236682"
},
{
"category": "self",
"summary": "SUSE Bug 1236683",
"url": "https://bugzilla.suse.com/1236683"
},
{
"category": "self",
"summary": "SUSE Bug 1236684",
"url": "https://bugzilla.suse.com/1236684"
},
{
"category": "self",
"summary": "SUSE Bug 1236685",
"url": "https://bugzilla.suse.com/1236685"
},
{
"category": "self",
"summary": "SUSE Bug 1236689",
"url": "https://bugzilla.suse.com/1236689"
},
{
"category": "self",
"summary": "SUSE Bug 1236692",
"url": "https://bugzilla.suse.com/1236692"
},
{
"category": "self",
"summary": "SUSE Bug 1236694",
"url": "https://bugzilla.suse.com/1236694"
},
{
"category": "self",
"summary": "SUSE Bug 1236698",
"url": "https://bugzilla.suse.com/1236698"
},
{
"category": "self",
"summary": "SUSE Bug 1236700",
"url": "https://bugzilla.suse.com/1236700"
},
{
"category": "self",
"summary": "SUSE Bug 1236702",
"url": "https://bugzilla.suse.com/1236702"
},
{
"category": "self",
"summary": "SUSE Bug 1236752",
"url": "https://bugzilla.suse.com/1236752"
},
{
"category": "self",
"summary": "SUSE Bug 1236757",
"url": "https://bugzilla.suse.com/1236757"
},
{
"category": "self",
"summary": "SUSE Bug 1236758",
"url": "https://bugzilla.suse.com/1236758"
},
{
"category": "self",
"summary": "SUSE Bug 1236759",
"url": "https://bugzilla.suse.com/1236759"
},
{
"category": "self",
"summary": "SUSE Bug 1236760",
"url": "https://bugzilla.suse.com/1236760"
},
{
"category": "self",
"summary": "SUSE Bug 1236761",
"url": "https://bugzilla.suse.com/1236761"
},
{
"category": "self",
"summary": "SUSE Bug 1236821",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "self",
"summary": "SUSE Bug 1236822",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "self",
"summary": "SUSE Bug 1236896",
"url": "https://bugzilla.suse.com/1236896"
},
{
"category": "self",
"summary": "SUSE Bug 1236897",
"url": "https://bugzilla.suse.com/1236897"
},
{
"category": "self",
"summary": "SUSE Bug 1236952",
"url": "https://bugzilla.suse.com/1236952"
},
{
"category": "self",
"summary": "SUSE Bug 1236967",
"url": "https://bugzilla.suse.com/1236967"
},
{
"category": "self",
"summary": "SUSE Bug 1236994",
"url": "https://bugzilla.suse.com/1236994"
},
{
"category": "self",
"summary": "SUSE Bug 1237007",
"url": "https://bugzilla.suse.com/1237007"
},
{
"category": "self",
"summary": "SUSE Bug 1237017",
"url": "https://bugzilla.suse.com/1237017"
},
{
"category": "self",
"summary": "SUSE Bug 1237025",
"url": "https://bugzilla.suse.com/1237025"
},
{
"category": "self",
"summary": "SUSE Bug 1237028",
"url": "https://bugzilla.suse.com/1237028"
},
{
"category": "self",
"summary": "SUSE Bug 1237029",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "self",
"summary": "SUSE Bug 1237045",
"url": "https://bugzilla.suse.com/1237045"
},
{
"category": "self",
"summary": "SUSE Bug 1237126",
"url": "https://bugzilla.suse.com/1237126"
},
{
"category": "self",
"summary": "SUSE Bug 1237132",
"url": "https://bugzilla.suse.com/1237132"
},
{
"category": "self",
"summary": "SUSE Bug 1237139",
"url": "https://bugzilla.suse.com/1237139"
},
{
"category": "self",
"summary": "SUSE Bug 1237155",
"url": "https://bugzilla.suse.com/1237155"
},
{
"category": "self",
"summary": "SUSE Bug 1237158",
"url": "https://bugzilla.suse.com/1237158"
},
{
"category": "self",
"summary": "SUSE Bug 1237159",
"url": "https://bugzilla.suse.com/1237159"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237232",
"url": "https://bugzilla.suse.com/1237232"
},
{
"category": "self",
"summary": "SUSE Bug 1237234",
"url": "https://bugzilla.suse.com/1237234"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237325",
"url": "https://bugzilla.suse.com/1237325"
},
{
"category": "self",
"summary": "SUSE Bug 1237356",
"url": "https://bugzilla.suse.com/1237356"
},
{
"category": "self",
"summary": "SUSE Bug 1237415",
"url": "https://bugzilla.suse.com/1237415"
},
{
"category": "self",
"summary": "SUSE Bug 1237452",
"url": "https://bugzilla.suse.com/1237452"
},
{
"category": "self",
"summary": "SUSE Bug 1237504",
"url": "https://bugzilla.suse.com/1237504"
},
{
"category": "self",
"summary": "SUSE Bug 1237521",
"url": "https://bugzilla.suse.com/1237521"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237558",
"url": "https://bugzilla.suse.com/1237558"
},
{
"category": "self",
"summary": "SUSE Bug 1237562",
"url": "https://bugzilla.suse.com/1237562"
},
{
"category": "self",
"summary": "SUSE Bug 1237563",
"url": "https://bugzilla.suse.com/1237563"
},
{
"category": "self",
"summary": "SUSE Bug 1237565",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "self",
"summary": "SUSE Bug 1237571",
"url": "https://bugzilla.suse.com/1237571"
},
{
"category": "self",
"summary": "SUSE Bug 1237848",
"url": "https://bugzilla.suse.com/1237848"
},
{
"category": "self",
"summary": "SUSE Bug 1237849",
"url": "https://bugzilla.suse.com/1237849"
},
{
"category": "self",
"summary": "SUSE Bug 1237853",
"url": "https://bugzilla.suse.com/1237853"
},
{
"category": "self",
"summary": "SUSE Bug 1237856",
"url": "https://bugzilla.suse.com/1237856"
},
{
"category": "self",
"summary": "SUSE Bug 1237873",
"url": "https://bugzilla.suse.com/1237873"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237876",
"url": "https://bugzilla.suse.com/1237876"
},
{
"category": "self",
"summary": "SUSE Bug 1237877",
"url": "https://bugzilla.suse.com/1237877"
},
{
"category": "self",
"summary": "SUSE Bug 1237879",
"url": "https://bugzilla.suse.com/1237879"
},
{
"category": "self",
"summary": "SUSE Bug 1237881",
"url": "https://bugzilla.suse.com/1237881"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237889",
"url": "https://bugzilla.suse.com/1237889"
},
{
"category": "self",
"summary": "SUSE Bug 1237890",
"url": "https://bugzilla.suse.com/1237890"
},
{
"category": "self",
"summary": "SUSE Bug 1237891",
"url": "https://bugzilla.suse.com/1237891"
},
{
"category": "self",
"summary": "SUSE Bug 1237894",
"url": "https://bugzilla.suse.com/1237894"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237900",
"url": "https://bugzilla.suse.com/1237900"
},
{
"category": "self",
"summary": "SUSE Bug 1237901",
"url": "https://bugzilla.suse.com/1237901"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1237907",
"url": "https://bugzilla.suse.com/1237907"
},
{
"category": "self",
"summary": "SUSE Bug 1237911",
"url": "https://bugzilla.suse.com/1237911"
},
{
"category": "self",
"summary": "SUSE Bug 1237912",
"url": "https://bugzilla.suse.com/1237912"
},
{
"category": "self",
"summary": "SUSE Bug 1237950",
"url": "https://bugzilla.suse.com/1237950"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238214",
"url": "https://bugzilla.suse.com/1238214"
},
{
"category": "self",
"summary": "SUSE Bug 1238303",
"url": "https://bugzilla.suse.com/1238303"
},
{
"category": "self",
"summary": "SUSE Bug 1238347",
"url": "https://bugzilla.suse.com/1238347"
},
{
"category": "self",
"summary": "SUSE Bug 1238368",
"url": "https://bugzilla.suse.com/1238368"
},
{
"category": "self",
"summary": "SUSE Bug 1238474",
"url": "https://bugzilla.suse.com/1238474"
},
{
"category": "self",
"summary": "SUSE Bug 1238475",
"url": "https://bugzilla.suse.com/1238475"
},
{
"category": "self",
"summary": "SUSE Bug 1238479",
"url": "https://bugzilla.suse.com/1238479"
},
{
"category": "self",
"summary": "SUSE Bug 1238494",
"url": "https://bugzilla.suse.com/1238494"
},
{
"category": "self",
"summary": "SUSE Bug 1238496",
"url": "https://bugzilla.suse.com/1238496"
},
{
"category": "self",
"summary": "SUSE Bug 1238497",
"url": "https://bugzilla.suse.com/1238497"
},
{
"category": "self",
"summary": "SUSE Bug 1238500",
"url": "https://bugzilla.suse.com/1238500"
},
{
"category": "self",
"summary": "SUSE Bug 1238501",
"url": "https://bugzilla.suse.com/1238501"
},
{
"category": "self",
"summary": "SUSE Bug 1238502",
"url": "https://bugzilla.suse.com/1238502"
},
{
"category": "self",
"summary": "SUSE Bug 1238503",
"url": "https://bugzilla.suse.com/1238503"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238507",
"url": "https://bugzilla.suse.com/1238507"
},
{
"category": "self",
"summary": "SUSE Bug 1238509",
"url": "https://bugzilla.suse.com/1238509"
},
{
"category": "self",
"summary": "SUSE Bug 1238510",
"url": "https://bugzilla.suse.com/1238510"
},
{
"category": "self",
"summary": "SUSE Bug 1238511",
"url": "https://bugzilla.suse.com/1238511"
},
{
"category": "self",
"summary": "SUSE Bug 1238512",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "self",
"summary": "SUSE Bug 1238521",
"url": "https://bugzilla.suse.com/1238521"
},
{
"category": "self",
"summary": "SUSE Bug 1238523",
"url": "https://bugzilla.suse.com/1238523"
},
{
"category": "self",
"summary": "SUSE Bug 1238525",
"url": "https://bugzilla.suse.com/1238525"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238529",
"url": "https://bugzilla.suse.com/1238529"
},
{
"category": "self",
"summary": "SUSE Bug 1238531",
"url": "https://bugzilla.suse.com/1238531"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238570",
"url": "https://bugzilla.suse.com/1238570"
},
{
"category": "self",
"summary": "SUSE Bug 1238715",
"url": "https://bugzilla.suse.com/1238715"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238734",
"url": "https://bugzilla.suse.com/1238734"
},
{
"category": "self",
"summary": "SUSE Bug 1238735",
"url": "https://bugzilla.suse.com/1238735"
},
{
"category": "self",
"summary": "SUSE Bug 1238736",
"url": "https://bugzilla.suse.com/1238736"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238739",
"url": "https://bugzilla.suse.com/1238739"
},
{
"category": "self",
"summary": "SUSE Bug 1238747",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "self",
"summary": "SUSE Bug 1238751",
"url": "https://bugzilla.suse.com/1238751"
},
{
"category": "self",
"summary": "SUSE Bug 1238753",
"url": "https://bugzilla.suse.com/1238753"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238757",
"url": "https://bugzilla.suse.com/1238757"
},
{
"category": "self",
"summary": "SUSE Bug 1238759",
"url": "https://bugzilla.suse.com/1238759"
},
{
"category": "self",
"summary": "SUSE Bug 1238760",
"url": "https://bugzilla.suse.com/1238760"
},
{
"category": "self",
"summary": "SUSE Bug 1238762",
"url": "https://bugzilla.suse.com/1238762"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238767",
"url": "https://bugzilla.suse.com/1238767"
},
{
"category": "self",
"summary": "SUSE Bug 1238768",
"url": "https://bugzilla.suse.com/1238768"
},
{
"category": "self",
"summary": "SUSE Bug 1238771",
"url": "https://bugzilla.suse.com/1238771"
},
{
"category": "self",
"summary": "SUSE Bug 1238772",
"url": "https://bugzilla.suse.com/1238772"
},
{
"category": "self",
"summary": "SUSE Bug 1238773",
"url": "https://bugzilla.suse.com/1238773"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238781",
"url": "https://bugzilla.suse.com/1238781"
},
{
"category": "self",
"summary": "SUSE Bug 1238785",
"url": "https://bugzilla.suse.com/1238785"
},
{
"category": "self",
"summary": "SUSE Bug 1238860",
"url": "https://bugzilla.suse.com/1238860"
},
{
"category": "self",
"summary": "SUSE Bug 1238863",
"url": "https://bugzilla.suse.com/1238863"
},
{
"category": "self",
"summary": "SUSE Bug 1238864",
"url": "https://bugzilla.suse.com/1238864"
},
{
"category": "self",
"summary": "SUSE Bug 1238865",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1238877",
"url": "https://bugzilla.suse.com/1238877"
},
{
"category": "self",
"summary": "SUSE Bug 1238903",
"url": "https://bugzilla.suse.com/1238903"
},
{
"category": "self",
"summary": "SUSE Bug 1238904",
"url": "https://bugzilla.suse.com/1238904"
},
{
"category": "self",
"summary": "SUSE Bug 1238905",
"url": "https://bugzilla.suse.com/1238905"
},
{
"category": "self",
"summary": "SUSE Bug 1238909",
"url": "https://bugzilla.suse.com/1238909"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238917",
"url": "https://bugzilla.suse.com/1238917"
},
{
"category": "self",
"summary": "SUSE Bug 1238958",
"url": "https://bugzilla.suse.com/1238958"
},
{
"category": "self",
"summary": "SUSE Bug 1238959",
"url": "https://bugzilla.suse.com/1238959"
},
{
"category": "self",
"summary": "SUSE Bug 1238963",
"url": "https://bugzilla.suse.com/1238963"
},
{
"category": "self",
"summary": "SUSE Bug 1238964",
"url": "https://bugzilla.suse.com/1238964"
},
{
"category": "self",
"summary": "SUSE Bug 1238969",
"url": "https://bugzilla.suse.com/1238969"
},
{
"category": "self",
"summary": "SUSE Bug 1238971",
"url": "https://bugzilla.suse.com/1238971"
},
{
"category": "self",
"summary": "SUSE Bug 1238973",
"url": "https://bugzilla.suse.com/1238973"
},
{
"category": "self",
"summary": "SUSE Bug 1238975",
"url": "https://bugzilla.suse.com/1238975"
},
{
"category": "self",
"summary": "SUSE Bug 1238978",
"url": "https://bugzilla.suse.com/1238978"
},
{
"category": "self",
"summary": "SUSE Bug 1238979",
"url": "https://bugzilla.suse.com/1238979"
},
{
"category": "self",
"summary": "SUSE Bug 1238981",
"url": "https://bugzilla.suse.com/1238981"
},
{
"category": "self",
"summary": "SUSE Bug 1238984",
"url": "https://bugzilla.suse.com/1238984"
},
{
"category": "self",
"summary": "SUSE Bug 1238986",
"url": "https://bugzilla.suse.com/1238986"
},
{
"category": "self",
"summary": "SUSE Bug 1238993",
"url": "https://bugzilla.suse.com/1238993"
},
{
"category": "self",
"summary": "SUSE Bug 1238994",
"url": "https://bugzilla.suse.com/1238994"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239027",
"url": "https://bugzilla.suse.com/1239027"
},
{
"category": "self",
"summary": "SUSE Bug 1239029",
"url": "https://bugzilla.suse.com/1239029"
},
{
"category": "self",
"summary": "SUSE Bug 1239030",
"url": "https://bugzilla.suse.com/1239030"
},
{
"category": "self",
"summary": "SUSE Bug 1239033",
"url": "https://bugzilla.suse.com/1239033"
},
{
"category": "self",
"summary": "SUSE Bug 1239034",
"url": "https://bugzilla.suse.com/1239034"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239037",
"url": "https://bugzilla.suse.com/1239037"
},
{
"category": "self",
"summary": "SUSE Bug 1239038",
"url": "https://bugzilla.suse.com/1239038"
},
{
"category": "self",
"summary": "SUSE Bug 1239039",
"url": "https://bugzilla.suse.com/1239039"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239065",
"url": "https://bugzilla.suse.com/1239065"
},
{
"category": "self",
"summary": "SUSE Bug 1239068",
"url": "https://bugzilla.suse.com/1239068"
},
{
"category": "self",
"summary": "SUSE Bug 1239073",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "self",
"summary": "SUSE Bug 1239076",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "self",
"summary": "SUSE Bug 1239080",
"url": "https://bugzilla.suse.com/1239080"
},
{
"category": "self",
"summary": "SUSE Bug 1239085",
"url": "https://bugzilla.suse.com/1239085"
},
{
"category": "self",
"summary": "SUSE Bug 1239087",
"url": "https://bugzilla.suse.com/1239087"
},
{
"category": "self",
"summary": "SUSE Bug 1239095",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "self",
"summary": "SUSE Bug 1239104",
"url": "https://bugzilla.suse.com/1239104"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239109",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "self",
"summary": "SUSE Bug 1239112",
"url": "https://bugzilla.suse.com/1239112"
},
{
"category": "self",
"summary": "SUSE Bug 1239114",
"url": "https://bugzilla.suse.com/1239114"
},
{
"category": "self",
"summary": "SUSE Bug 1239115",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239167",
"url": "https://bugzilla.suse.com/1239167"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239435",
"url": "https://bugzilla.suse.com/1239435"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239615",
"url": "https://bugzilla.suse.com/1239615"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52831 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52924 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52925 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52926 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26708 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26810 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26873 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45010 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46736 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47701 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50036 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50142 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50185 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50251 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50258 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50294 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50304 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53123 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53147 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53173 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53176 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53177 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53178 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53226 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56539 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56548 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56579 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56592 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56647 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56658 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56720 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58079 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21631 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21636 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21638 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21639 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21640 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21647 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21666 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21666/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21667 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21668 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21669 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21675 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21680 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21681 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21684 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21687 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21688 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21689 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21690 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21692 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21697 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21699 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21700 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21704 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21708 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21715 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21716 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21719 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21724 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21731 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21733 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21736 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21745 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21784 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21802 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21828 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-04-17T10:48:21Z",
"generator": {
"date": "2025-04-17T10:48:21Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20190-1",
"initial_release_date": "2025-04-17T10:48:21Z",
"revision_history": [
{
"date": "2025-04-17T10:48:21Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-28.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-28.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-28.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-28.1.noarch",
"product_id": "kernel-source-rt-6.4.0-28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-28.1.x86_64",
"product_id": "kernel-rt-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-28.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52831",
"url": "https://www.suse.com/security/cve/CVE-2023-52831"
},
{
"category": "external",
"summary": "SUSE Bug 1225533 for CVE-2023-52831",
"url": "https://bugzilla.suse.com/1225533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t skip expired elements during walk\n\nThere is an asymmetry between commit/abort and preparation phase if the\nfollowing conditions are met:\n\n1. set is a verdict map (\"1.2.3.4 : jump foo\")\n2. timeouts are enabled\n\nIn this case, following sequence is problematic:\n\n1. element E in set S refers to chain C\n2. userspace requests removal of set S\n3. kernel does a set walk to decrement chain-\u003euse count for all elements\n from preparation phase\n4. kernel does another set walk to remove elements from the commit phase\n (or another walk to do a chain-\u003euse increment for all elements from\n abort phase)\n\nIf E has already expired in 1), it will be ignored during list walk, so its use count\nwon\u0027t have been changed.\n\nThen, when set is culled, -\u003edestroy callback will zap the element via\nnf_tables_set_elem_destroy(), but this function is only safe for\nelements that have been deactivated earlier from the preparation phase:\nlack of earlier deactivate removes the element but leaks the chain use\ncount, which results in a WARN splat when the chain gets removed later,\nplus a leak of the nft_chain structure.\n\nUpdate pipapo_get() not to skip expired elements, otherwise flush\ncommand reports bogus ENOENT errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52924",
"url": "https://www.suse.com/security/cve/CVE-2023-52924"
},
{
"category": "external",
"summary": "SUSE Bug 1236821 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "external",
"summary": "SUSE Bug 1244630 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1244630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2023-52924"
},
{
"cve": "CVE-2023-52925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t fail inserts if duplicate has expired\n\nnftables selftests fail:\nrun-tests.sh testcases/sets/0044interval_overlap_0\nExpected: 0-2 . 0-3, got:\nW: [FAILED] ./testcases/sets/0044interval_overlap_0: got 1\n\nInsertion must ignore duplicate but expired entries.\n\nMoreover, there is a strange asymmetry in nft_pipapo_activate:\n\nIt refetches the current element, whereas the other -\u003eactivate callbacks\n(bitmap, hash, rhash, rbtree) use elem-\u003epriv.\nSame for .remove: other set implementations take elem-\u003epriv,\nnft_pipapo_remove fetches elem-\u003epriv, then does a relookup,\nremove this.\n\nI suspect this was the reason for the change that prompted the\nremoval of the expired check in pipapo_get() in the first place,\nbut skipping exired elements there makes no sense to me, this helper\nis used for normal get requests, insertions (duplicate check)\nand deactivate callback.\n\nIn first two cases expired elements must be skipped.\n\nFor -\u003edeactivate(), this gets called for DELSETELEM, so it\nseems to me that expired elements should be skipped as well, i.e.\ndelete request should fail with -ENOENT error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52925",
"url": "https://www.suse.com/security/cve/CVE-2023-52925"
},
{
"category": "external",
"summary": "SUSE Bug 1236822 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "external",
"summary": "SUSE Bug 1246009 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1246009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2023-52925"
},
{
"cve": "CVE-2023-52926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIORING_OP_READ did not correctly consume the provided buffer list when\nread i/o returned \u003c 0 (except for -EAGAIN and -EIOCBQUEUED return).\nThis can lead to a potential use-after-free when the completion via\nio_rw_done runs at separate context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52926",
"url": "https://www.suse.com/security/cve/CVE-2023-52926"
},
{
"category": "external",
"summary": "SUSE Bug 1237565 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "external",
"summary": "SUSE Bug 1237567 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-26634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26634",
"url": "https://www.suse.com/security/cve/CVE-2024-26634"
},
{
"category": "external",
"summary": "SUSE Bug 1221651 for CVE-2024-26634",
"url": "https://bugzilla.suse.com/1221651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: really cope with fastopen race\n\nFastopen and PM-trigger subflow shutdown can race, as reported by\nsyzkaller.\n\nIn my first attempt to close such race, I missed the fact that\nthe subflow status can change again before the subflow_state_change\ncallback is invoked.\n\nAddress the issue additionally copying with all the states directly\nreachable from TCP_FIN_WAIT1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26708",
"url": "https://www.suse.com/security/cve/CVE-2024-26708"
},
{
"category": "external",
"summary": "SUSE Bug 1222672 for CVE-2024-26708",
"url": "https://bugzilla.suse.com/1222672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-26708"
},
{
"cve": "CVE-2024-26810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Lock external INTx masking ops\n\nMask operations through config space changes to DisINTx may race INTx\nconfiguration changes via ioctl. Create wrappers that add locking for\npaths outside of the core interrupt code.\n\nIn particular, irq_type is updated holding igate, therefore testing\nis_intx() requires holding igate. For example clearing DisINTx from\nconfig space can otherwise race changes of the interrupt configuration.\n\nThis aligns interfaces which may trigger the INTx eventfd into two\ncamps, one side serialized by igate and the other only enabled while\nINTx is configured. A subsequent patch introduces synchronization for\nthe latter flows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26810",
"url": "https://www.suse.com/security/cve/CVE-2024-26810"
},
{
"category": "external",
"summary": "SUSE Bug 1222803 for CVE-2024-26810",
"url": "https://bugzilla.suse.com/1222803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-26810"
},
{
"cve": "CVE-2024-26873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix a deadlock issue related to automatic dump\n\nIf we issue a disabling PHY command, the device attached with it will go\noffline, if a 2 bit ECC error occurs at the same time, a hung task may be\nfound:\n\n[ 4613.652388] INFO: task kworker/u256:0:165233 blocked for more than 120 seconds.\n[ 4613.666297] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.674809] task:kworker/u256:0 state:D stack: 0 pid:165233 ppid: 2 flags:0x00000208\n[ 4613.683959] Workqueue: 0000:74:02.0_disco_q sas_revalidate_domain [libsas]\n[ 4613.691518] Call trace:\n[ 4613.694678] __switch_to+0xf8/0x17c\n[ 4613.698872] __schedule+0x660/0xee0\n[ 4613.703063] schedule+0xac/0x240\n[ 4613.706994] schedule_timeout+0x500/0x610\n[ 4613.711705] __down+0x128/0x36c\n[ 4613.715548] down+0x240/0x2d0\n[ 4613.719221] hisi_sas_internal_abort_timeout+0x1bc/0x260 [hisi_sas_main]\n[ 4613.726618] sas_execute_internal_abort+0x144/0x310 [libsas]\n[ 4613.732976] sas_execute_internal_abort_dev+0x44/0x60 [libsas]\n[ 4613.739504] hisi_sas_internal_task_abort_dev.isra.0+0xbc/0x1b0 [hisi_sas_main]\n[ 4613.747499] hisi_sas_dev_gone+0x174/0x250 [hisi_sas_main]\n[ 4613.753682] sas_notify_lldd_dev_gone+0xec/0x2e0 [libsas]\n[ 4613.759781] sas_unregister_common_dev+0x4c/0x7a0 [libsas]\n[ 4613.765962] sas_destruct_devices+0xb8/0x120 [libsas]\n[ 4613.771709] sas_do_revalidate_domain.constprop.0+0x1b8/0x31c [libsas]\n[ 4613.778930] sas_revalidate_domain+0x60/0xa4 [libsas]\n[ 4613.784716] process_one_work+0x248/0x950\n[ 4613.789424] worker_thread+0x318/0x934\n[ 4613.793878] kthread+0x190/0x200\n[ 4613.797810] ret_from_fork+0x10/0x18\n[ 4613.802121] INFO: task kworker/u256:4:316722 blocked for more than 120 seconds.\n[ 4613.816026] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.824538] task:kworker/u256:4 state:D stack: 0 pid:316722 ppid: 2 flags:0x00000208\n[ 4613.833670] Workqueue: 0000:74:02.0 hisi_sas_rst_work_handler [hisi_sas_main]\n[ 4613.841491] Call trace:\n[ 4613.844647] __switch_to+0xf8/0x17c\n[ 4613.848852] __schedule+0x660/0xee0\n[ 4613.853052] schedule+0xac/0x240\n[ 4613.856984] schedule_timeout+0x500/0x610\n[ 4613.861695] __down+0x128/0x36c\n[ 4613.865542] down+0x240/0x2d0\n[ 4613.869216] hisi_sas_controller_prereset+0x58/0x1fc [hisi_sas_main]\n[ 4613.876324] hisi_sas_rst_work_handler+0x40/0x8c [hisi_sas_main]\n[ 4613.883019] process_one_work+0x248/0x950\n[ 4613.887732] worker_thread+0x318/0x934\n[ 4613.892204] kthread+0x190/0x200\n[ 4613.896118] ret_from_fork+0x10/0x18\n[ 4613.900423] INFO: task kworker/u256:1:348985 blocked for more than 121 seconds.\n[ 4613.914341] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.922852] task:kworker/u256:1 state:D stack: 0 pid:348985 ppid: 2 flags:0x00000208\n[ 4613.931984] Workqueue: 0000:74:02.0_event_q sas_port_event_worker [libsas]\n[ 4613.939549] Call trace:\n[ 4613.942702] __switch_to+0xf8/0x17c\n[ 4613.946892] __schedule+0x660/0xee0\n[ 4613.951083] schedule+0xac/0x240\n[ 4613.955015] schedule_timeout+0x500/0x610\n[ 4613.959725] wait_for_common+0x200/0x610\n[ 4613.964349] wait_for_completion+0x3c/0x5c\n[ 4613.969146] flush_workqueue+0x198/0x790\n[ 4613.973776] sas_porte_broadcast_rcvd+0x1e8/0x320 [libsas]\n[ 4613.979960] sas_port_event_worker+0x54/0xa0 [libsas]\n[ 4613.985708] process_one_work+0x248/0x950\n[ 4613.990420] worker_thread+0x318/0x934\n[ 4613.994868] kthread+0x190/0x200\n[ 4613.998800] ret_from_fork+0x10/0x18\n\nThis is because when the device goes offline, we obtain the hisi_hba\nsemaphore and send the ABORT_DEV command to the device. However, the\ninternal abort timed out due to the 2 bit ECC error and triggers automatic\ndump. In addition, since the hisi_hba semaphore has been obtained, the dump\ncannot be executed and the controller cannot be reset.\n\nTherefore, the deadlocks occur on the following circular dependencies\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26873",
"url": "https://www.suse.com/security/cve/CVE-2024-26873"
},
{
"category": "external",
"summary": "SUSE Bug 1223047 for CVE-2024-26873",
"url": "https://bugzilla.suse.com/1223047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-35826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix page refcounts for unaligned buffers in __bio_release_pages()\n\nFix an incorrect number of pages being released for buffers that do not\nstart at the beginning of a page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35826",
"url": "https://www.suse.com/security/cve/CVE-2024-35826"
},
{
"category": "external",
"summary": "SUSE Bug 1224610 for CVE-2024-35826",
"url": "https://bugzilla.suse.com/1224610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-40980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: replace spin_lock by raw_spin_lock\n\ntrace_drop_common() is called with preemption disabled, and it acquires\na spin_lock. This is problematic for RT kernels because spin_locks are\nsleeping locks in this configuration, which causes the following splat:\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 449, name: rcuc/47\npreempt_count: 1, expected: 0\nRCU nest depth: 2, expected: 2\n5 locks held by rcuc/47/449:\n #0: ff1100086ec30a60 ((softirq_ctrl.lock)){+.+.}-{2:2}, at: __local_bh_disable_ip+0x105/0x210\n #1: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: rt_spin_lock+0xbf/0x130\n #2: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: __local_bh_disable_ip+0x11c/0x210\n #3: ffffffffb394a160 (rcu_callback){....}-{0:0}, at: rcu_do_batch+0x360/0xc70\n #4: ff1100086ee07520 (\u0026data-\u003elock){+.+.}-{2:2}, at: trace_drop_common.constprop.0+0xb5/0x290\nirq event stamp: 139909\nhardirqs last enabled at (139908): [\u003cffffffffb1df2b33\u003e] _raw_spin_unlock_irqrestore+0x63/0x80\nhardirqs last disabled at (139909): [\u003cffffffffb19bd03d\u003e] trace_drop_common.constprop.0+0x26d/0x290\nsoftirqs last enabled at (139892): [\u003cffffffffb07a1083\u003e] __local_bh_enable_ip+0x103/0x170\nsoftirqs last disabled at (139898): [\u003cffffffffb0909b33\u003e] rcu_cpu_kthread+0x93/0x1f0\nPreemption disabled at:\n[\u003cffffffffb1de786b\u003e] rt_mutex_slowunlock+0xab/0x2e0\nCPU: 47 PID: 449 Comm: rcuc/47 Not tainted 6.9.0-rc2-rt1+ #7\nHardware name: Dell Inc. PowerEdge R650/0Y2G81, BIOS 1.6.5 04/15/2022\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x8c/0xd0\n dump_stack+0x14/0x20\n __might_resched+0x21e/0x2f0\n rt_spin_lock+0x5e/0x130\n ? trace_drop_common.constprop.0+0xb5/0x290\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_drop_common.constprop.0+0xb5/0x290\n ? preempt_count_sub+0x1c/0xd0\n ? _raw_spin_unlock_irqrestore+0x4a/0x80\n ? __pfx_trace_drop_common.constprop.0+0x10/0x10\n ? rt_mutex_slowunlock+0x26a/0x2e0\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_rt_mutex_slowunlock+0x10/0x10\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_kfree_skb_hit+0x15/0x20\n trace_kfree_skb+0xe9/0x150\n kfree_skb_reason+0x7b/0x110\n skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_skb_queue_purge_reason.part.0+0x10/0x10\n ? mark_lock.part.0+0x8a/0x520\n...\n\ntrace_drop_common() also disables interrupts, but this is a minor issue\nbecause we could easily replace it with a local_lock.\n\nReplace the spin_lock with raw_spin_lock to avoid sleeping in atomic\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40980",
"url": "https://www.suse.com/security/cve/CVE-2024-40980"
},
{
"category": "external",
"summary": "SUSE Bug 1227937 for CVE-2024-40980",
"url": "https://bugzilla.suse.com/1227937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-40980"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section-\u003eusage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms-\u003eusage\" to fix a race with section_deactivate() where\nms-\u003eusage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41055",
"url": "https://www.suse.com/security/cve/CVE-2024-41055"
},
{
"category": "external",
"summary": "SUSE Bug 1228521 for CVE-2024-41055",
"url": "https://bugzilla.suse.com/1228521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-41055"
},
{
"cve": "CVE-2024-41077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix validation of block size\n\nBlock size should be between 512 and PAGE_SIZE and be a power of 2. The current\ncheck does not validate this, so update the check.\n\nWithout this patch, null_blk would Oops due to a null pointer deref when\nloaded with bs=1536 [1].\n\n\n[axboe: remove unnecessary braces and != 0 check]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41077",
"url": "https://www.suse.com/security/cve/CVE-2024-41077"
},
{
"category": "external",
"summary": "SUSE Bug 1228653 for CVE-2024-41077",
"url": "https://bugzilla.suse.com/1228653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41149",
"url": "https://www.suse.com/security/cve/CVE-2024-41149"
},
{
"category": "external",
"summary": "SUSE Bug 1235698 for CVE-2024-41149",
"url": "https://bugzilla.suse.com/1235698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n fs/smb/client/cifsfs.c:1981 init_cifs()\n error: we previously assumed \u0027serverclose_wq\u0027 could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42307",
"url": "https://www.suse.com/security/cve/CVE-2024-42307"
},
{
"category": "external",
"summary": "SUSE Bug 1229361 for CVE-2024-42307",
"url": "https://bugzilla.suse.com/1229361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-44974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: avoid possible UaF when selecting endp\n\nselect_local_address() and select_signal_address() both select an\nendpoint entry from the list inside an RCU protected section, but return\na reference to it, to be read later on. If the entry is dereferenced\nafter the RCU unlock, reading info could cause a Use-after-Free.\n\nA simple solution is to copy the required info while inside the RCU\nprotected section to avoid any risk of UaF later. The address ID might\nneed to be modified later to handle the ID0 case later, so a copy seems\nOK to deal with.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44974",
"url": "https://www.suse.com/security/cve/CVE-2024-44974"
},
{
"category": "external",
"summary": "SUSE Bug 1230235 for CVE-2024-44974",
"url": "https://bugzilla.suse.com/1230235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-44974"
},
{
"cve": "CVE-2024-45009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only decrement add_addr_accepted for MPJ req\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk-\u003epm.add_addr_accepted == 0)\n\n... before decrementing the add_addr_accepted counter helped to find a\nbug when running the \"remove single subflow\" subtest from the\nmptcp_join.sh selftest.\n\nRemoving a \u0027subflow\u0027 endpoint will first trigger a RM_ADDR, then the\nsubflow closure. Before this patch, and upon the reception of the\nRM_ADDR, the other peer will then try to decrement this\nadd_addr_accepted. That\u0027s not correct because the attached subflows have\nnot been created upon the reception of an ADD_ADDR.\n\nA way to solve that is to decrement the counter only if the attached\nsubflow was an MP_JOIN to a remote id that was not 0, and initiated by\nthe host receiving the RM_ADDR.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45009",
"url": "https://www.suse.com/security/cve/CVE-2024-45009"
},
{
"category": "external",
"summary": "SUSE Bug 1230438 for CVE-2024-45009",
"url": "https://bugzilla.suse.com/1230438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-45009"
},
{
"cve": "CVE-2024-45010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only mark \u0027subflow\u0027 endp as available\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk-\u003epm.local_addr_used == 0)\n\n... before decrementing the local_addr_used counter helped to find a bug\nwhen running the \"remove single address\" subtest from the mptcp_join.sh\nselftests.\n\nRemoving a \u0027signal\u0027 endpoint will trigger the removal of all subflows\nlinked to this endpoint via mptcp_pm_nl_rm_addr_or_subflow() with\nrm_type == MPTCP_MIB_RMSUBFLOW. This will decrement the local_addr_used\ncounter, which is wrong in this case because this counter is linked to\n\u0027subflow\u0027 endpoints, and here it is a \u0027signal\u0027 endpoint that is being\nremoved.\n\nNow, the counter is decremented, only if the ID is being used outside\nof mptcp_pm_nl_rm_addr_or_subflow(), only for \u0027subflow\u0027 endpoints, and\nif the ID is not 0 -- local_addr_used is not taking into account these\nones. This marking of the ID as being available, and the decrement is\ndone no matter if a subflow using this ID is currently available,\nbecause the subflow could have been closed before.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45010",
"url": "https://www.suse.com/security/cve/CVE-2024-45010"
},
{
"category": "external",
"summary": "SUSE Bug 1230439 for CVE-2024-45010",
"url": "https://bugzilla.suse.com/1230439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-45010"
},
{
"cve": "CVE-2024-46736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46736",
"url": "https://www.suse.com/security/cve/CVE-2024-46736"
},
{
"category": "external",
"summary": "SUSE Bug 1230728 for CVE-2024-46736",
"url": "https://bugzilla.suse.com/1230728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n CIFS: Attempting to mount //w22-fs0/scratch\n run fstests generic/013 at 2024-09-02 19:48:59\n ==================================================================\n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n 04/01/2014\n Workqueue: cifsoplockd cifs_oplock_break [cifs]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? detach_if_pending+0xab/0x200\n print_report+0x156/0x4d9\n ? detach_if_pending+0xab/0x200\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? detach_if_pending+0xab/0x200\n kasan_report+0xda/0x110\n ? detach_if_pending+0xab/0x200\n detach_if_pending+0xab/0x200\n timer_delete+0x96/0xe0\n ? __pfx_timer_delete+0x10/0x10\n ? rcu_is_watching+0x20/0x50\n try_to_grab_pending+0x46/0x3b0\n __cancel_work+0x89/0x1b0\n ? __pfx___cancel_work+0x10/0x10\n ? kasan_save_track+0x14/0x30\n cifs_close_deferred_file+0x110/0x2c0 [cifs]\n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n ? __pfx_down_read+0x10/0x10\n cifs_oplock_break+0x4c1/0xa50 [cifs]\n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n ? lock_is_held_type+0x85/0xf0\n ? mark_held_locks+0x1a/0x90\n process_one_work+0x4c6/0x9f0\n ? find_held_lock+0x8a/0xa0\n ? __pfx_process_one_work+0x10/0x10\n ? lock_acquired+0x220/0x550\n ? __list_add_valid_or_report+0x37/0x100\n worker_thread+0x2e4/0x570\n ? __kthread_parkme+0xd1/0xf0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x17f/0x1c0\n ? kthread+0xda/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 1118:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n cifs_atomic_open+0x467/0x770 [cifs]\n lookup_open.isra.0+0x665/0x8b0\n path_openat+0x4c3/0x1380\n do_filp_open+0x167/0x270\n do_sys_openat2+0x129/0x160\n __x64_sys_creat+0xad/0xe0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 83:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n poison_slab_object+0xe9/0x160\n __kasan_slab_free+0x32/0x50\n kfree+0xf2/0x300\n process_one_work+0x4c6/0x9f0\n worker_thread+0x2e4/0x570\n kthread+0x17f/0x1c0\n ret_from_fork+0x31/0x60\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x30/0x50\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x29/0xe0\n __queue_work+0x5ea/0x760\n queue_work_on+0x6d/0x90\n _cifsFileInfo_put+0x3f6/0x770 [cifs]\n smb2_compound_op+0x911/0x3940 [cifs]\n smb2_set_path_size+0x228/0x270 [cifs]\n cifs_set_file_size+0x197/0x460 [cifs]\n cifs_setattr+0xd9c/0x14b0 [cifs]\n notify_change+0x4e3/0x740\n do_truncate+0xfa/0x180\n vfs_truncate+0x195/0x200\n __x64_sys_truncate+0x109/0x150\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46796",
"url": "https://www.suse.com/security/cve/CVE-2024-46796"
},
{
"category": "external",
"summary": "SUSE Bug 1230832 for CVE-2024-46796",
"url": "https://bugzilla.suse.com/1230832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-46858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: Fix uaf in __timer_delete_sync\n\nThere are two paths to access mptcp_pm_del_add_timer, result in a race\ncondition:\n\n CPU1\t\t\t\tCPU2\n ==== ====\n net_rx_action\n napi_poll netlink_sendmsg\n __napi_poll netlink_unicast\n process_backlog netlink_unicast_kernel\n __netif_receive_skb genl_rcv\n __netif_receive_skb_one_core netlink_rcv_skb\n NF_HOOK genl_rcv_msg\n ip_local_deliver_finish genl_family_rcv_msg\n ip_protocol_deliver_rcu genl_family_rcv_msg_doit\n tcp_v4_rcv mptcp_pm_nl_flush_addrs_doit\n tcp_v4_do_rcv mptcp_nl_remove_addrs_list\n tcp_rcv_established mptcp_pm_remove_addrs_and_subflows\n tcp_data_queue remove_anno_list_by_saddr\n mptcp_incoming_options mptcp_pm_del_add_timer\n mptcp_pm_del_add_timer kfree(entry)\n\nIn remove_anno_list_by_saddr(running on CPU2), after leaving the critical\nzone protected by \"pm.lock\", the entry will be released, which leads to the\noccurrence of uaf in the mptcp_pm_del_add_timer(running on CPU1).\n\nKeeping a reference to add_timer inside the lock, and calling\nsk_stop_timer_sync() with this reference, instead of \"entry-\u003eadd_timer\".\n\nMove list_del(\u0026entry-\u003elist) to mptcp_pm_del_add_timer and inside the pm lock,\ndo not directly access any members of the entry outside the pm lock, which\ncan avoid similar \"entry-\u003ex\" uaf.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46858",
"url": "https://www.suse.com/security/cve/CVE-2024-46858"
},
{
"category": "external",
"summary": "SUSE Bug 1231088 for CVE-2024-46858",
"url": "https://bugzilla.suse.com/1231088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-46858"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n \u003c/TASK\u003e\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47701",
"url": "https://www.suse.com/security/cve/CVE-2024-47701"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1231920 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1231920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path-\u003ep_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49884",
"url": "https://www.suse.com/security/cve/CVE-2024-49884"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232198 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1232198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-49884"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session-\u003etunnel is non-NULL. However, session-\u003etunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession-\u003etunnel is non-NULL when the tunnel refcount hasn\u0027t been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession-\u003etunnel to get the tunnel\u0027s encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session-\u003etunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn\u0027t yet have session-\u003etunnel set. Add a check for\nthis case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49940",
"url": "https://www.suse.com/security/cve/CVE-2024-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1232812 for CVE-2024-49940",
"url": "https://bugzilla.suse.com/1232812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49950",
"url": "https://www.suse.com/security/cve/CVE-2024-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232159 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1232159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-49950"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync\n\nThis checks if the ACL connection remains valid as it could be destroyed\nwhile hci_enhanced_setup_sync is pending on cmd_sync leading to the\nfollowing trace:\n\nBUG: KASAN: slab-use-after-free in hci_enhanced_setup_sync+0x91b/0xa60\nRead of size 1 at addr ffff888002328ffd by task kworker/u5:2/37\n\nCPU: 0 UID: 0 PID: 37 Comm: kworker/u5:2 Not tainted 6.11.0-rc6-01300-g810be445d8d6 #7099\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? hci_enhanced_setup_sync+0x91b/0xa60\n print_report+0x152/0x4c0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n ? __virt_addr_valid+0x1fa/0x420\n ? hci_enhanced_setup_sync+0x91b/0xa60\n kasan_report+0xda/0x1b0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n hci_enhanced_setup_sync+0x91b/0xa60\n ? __pfx_hci_enhanced_setup_sync+0x10/0x10\n ? __pfx___mutex_lock+0x10/0x10\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n ? __pfx_lock_acquire+0x10/0x10\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x167/0x240\n worker_thread+0x5b7/0xf60\n ? __kthread_parkme+0xac/0x1c0\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x293/0x360\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 34:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __hci_conn_add+0x187/0x17d0\n hci_connect_sco+0x2e1/0xb90\n sco_sock_connect+0x2a2/0xb80\n __sys_connect+0x227/0x2a0\n __x64_sys_connect+0x6d/0xb0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 37:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x101/0x160\n kfree+0xd0/0x250\n device_release+0x9a/0x210\n kobject_put+0x151/0x280\n hci_conn_del+0x448/0xbf0\n hci_abort_conn_sync+0x46f/0x980\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n worker_thread+0x5b7/0xf60\n kthread+0x293/0x360\n ret_from_fork+0x2f/0x70\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50029",
"url": "https://www.suse.com/security/cve/CVE-2024-50029"
},
{
"category": "external",
"summary": "SUSE Bug 1231949 for CVE-2024-50029",
"url": "https://bugzilla.suse.com/1231949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50029"
},
{
"cve": "CVE-2024-50036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not delay dst_entries_add() in dst_release()\n\ndst_entries_add() uses per-cpu data that might be freed at netns\ndismantle from ip6_route_net_exit() calling dst_entries_destroy()\n\nBefore ip6_route_net_exit() can be called, we release all\nthe dsts associated with this netns, via calls to dst_release(),\nwhich waits an rcu grace period before calling dst_destroy()\n\ndst_entries_add() use in dst_destroy() is racy, because\ndst_entries_destroy() could have been called already.\n\nDecrementing the number of dsts must happen sooner.\n\nNotes:\n\n1) in CONFIG_XFRM case, dst_destroy() can call\n dst_release_immediate(child), this might also cause UAF\n if the child does not have DST_NOCOUNT set.\n IPSEC maintainers might take a look and see how to address this.\n\n2) There is also discussion about removing this count of dst,\n which might happen in future kernels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50036",
"url": "https://www.suse.com/security/cve/CVE-2024-50036"
},
{
"category": "external",
"summary": "SUSE Bug 1231912 for CVE-2024-50036",
"url": "https://bugzilla.suse.com/1231912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50036"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \u003cTASK\u003e\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50073",
"url": "https://www.suse.com/security/cve/CVE-2024-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232520 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1232520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-50073"
},
{
"cve": "CVE-2024-50085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow\n\nSyzkaller reported this splat:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n Read of size 4 at addr ffff8880569ac858 by task syz.1.2799/14662\n\n CPU: 0 UID: 0 PID: 14662 Comm: syz.1.2799 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:914 [inline]\n mptcp_nl_remove_id_zero_address+0x305/0x4a0 net/mptcp/pm_netlink.c:1572\n mptcp_pm_nl_del_addr_doit+0x5c9/0x770 net/mptcp/pm_netlink.c:1603\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg net/socket.c:744 [inline]\n ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661\n __sys_sendmsg+0x117/0x1f0 net/socket.c:2690\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0x73/0x120 arch/x86/entry/common.c:386\n do_fast_syscall_32+0x32/0x80 arch/x86/entry/common.c:411\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n RIP: 0023:0xf7fe4579\n Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 \u003c5d\u003e 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00\n RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172\n RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000140\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\n Allocated by task 5387:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kmalloc_noprof include/linux/slab.h:878 [inline]\n kzalloc_noprof include/linux/slab.h:1014 [inline]\n subflow_create_ctx+0x87/0x2a0 net/mptcp/subflow.c:1803\n subflow_ulp_init+0xc3/0x4d0 net/mptcp/subflow.c:1956\n __tcp_set_ulp net/ipv4/tcp_ulp.c:146 [inline]\n tcp_set_ulp+0x326/0x7f0 net/ipv4/tcp_ulp.c:167\n mptcp_subflow_create_socket+0x4ae/0x10a0 net/mptcp/subflow.c:1764\n __mptcp_subflow_connect+0x3cc/0x1490 net/mptcp/subflow.c:1592\n mptcp_pm_create_subflow_or_signal_addr+0xbda/0x23a0 net/mptcp/pm_netlink.c:642\n mptcp_pm_nl_fully_established net/mptcp/pm_netlink.c:650 [inline]\n mptcp_pm_nl_work+0x3a1/0x4f0 net/mptcp/pm_netlink.c:943\n mptcp_worker+0x15a/0x1240 net/mptcp/protocol.c:2777\n process_one_work+0x958/0x1b30 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/ke\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50085",
"url": "https://www.suse.com/security/cve/CVE-2024-50085"
},
{
"category": "external",
"summary": "SUSE Bug 1232508 for CVE-2024-50085",
"url": "https://bugzilla.suse.com/1232508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50085"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n usersa.sel.family = AF_UNSPEC\n usersa.sel.prefixlen_s = 128\n usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn\u0027t put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx-\u003esel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that\u0027s how\nprefixlen is going to be used later on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50142",
"url": "https://www.suse.com/security/cve/CVE-2024-50142"
},
{
"category": "external",
"summary": "SUSE Bug 1233028 for CVE-2024-50142",
"url": "https://bugzilla.suse.com/1233028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50142"
},
{
"cve": "CVE-2024-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n\u0027ea is initialized to NULL\u0027 -\u003e \u0027first successful memory allocation for\nea\u0027 -\u003e \u0027something failed, goto sea_exit\u0027 -\u003e \u0027first memory release for ea\u0027\n-\u003e \u0027goto replay_again\u0027 -\u003e \u0027second goto sea_exit before allocate memory\nfor ea\u0027 -\u003e \u0027second memory release for ea resulted in double free\u0027.\n\nRe-initialie \u0027ea\u0027 to NULL near to the replay_again label, it can fix this\ndouble free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50152",
"url": "https://www.suse.com/security/cve/CVE-2024-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1233033 for CVE-2024-50152",
"url": "https://bugzilla.suse.com/1233033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle consistently DSS corruption\n\nBugged peer implementation can send corrupted DSS options, consistently\nhitting a few warning in the data path. Use DEBUG_NET assertions, to\navoid the splat on some builds and handle consistently the error, dumping\nrelated MIBs and performing fallback and/or reset according to the\nsubflow type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50185",
"url": "https://www.suse.com/security/cve/CVE-2024-50185"
},
{
"category": "external",
"summary": "SUSE Bug 1233109 for CVE-2024-50185",
"url": "https://bugzilla.suse.com/1233109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50185"
},
{
"cve": "CVE-2024-50251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50251",
"url": "https://www.suse.com/security/cve/CVE-2024-50251"
},
{
"category": "external",
"summary": "SUSE Bug 1233248 for CVE-2024-50251",
"url": "https://bugzilla.suse.com/1233248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50251"
},
{
"cve": "CVE-2024-50258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix crash when config small gso_max_size/gso_ipv4_max_size\n\nConfig a small gso_max_size/gso_ipv4_max_size will lead to an underflow\nin sk_dst_gso_max_size(), which may trigger a BUG_ON crash,\nbecause sk-\u003esk_gso_max_size would be much bigger than device limits.\nCall Trace:\ntcp_write_xmit\n tso_segs = tcp_init_tso_segs(skb, mss_now);\n tcp_set_skb_tso_segs\n tcp_skb_pcount_set\n // skb-\u003elen = 524288, mss_now = 8\n // u16 tso_segs = 524288/8 = 65535 -\u003e 0\n tso_segs = DIV_ROUND_UP(skb-\u003elen, mss_now)\n BUG_ON(!tso_segs)\nAdd check for the minimum value of gso_max_size and gso_ipv4_max_size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50258",
"url": "https://www.suse.com/security/cve/CVE-2024-50258"
},
{
"category": "external",
"summary": "SUSE Bug 1233221 for CVE-2024-50258",
"url": "https://bugzilla.suse.com/1233221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50258"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50294"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix missing locking causing hanging calls\n\nIf a call gets aborted (e.g. because kafs saw a signal) between it being\nqueued for connection and the I/O thread picking up the call, the abort\nwill be prioritised over the connection and it will be removed from\nlocal-\u003enew_client_calls by rxrpc_disconnect_client_call() without a lock\nbeing held. This may cause other calls on the list to disappear if a race\noccurs.\n\nFix this by taking the client_call_lock when removing a call from whatever\nlist its -\u003ewait_link happens to be on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50294",
"url": "https://www.suse.com/security/cve/CVE-2024-50294"
},
{
"category": "external",
"summary": "SUSE Bug 1233483 for CVE-2024-50294",
"url": "https://bugzilla.suse.com/1233483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50294"
},
{
"cve": "CVE-2024-50304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()\n\nThe per-netns IP tunnel hash table is protected by the RTNL mutex and\nip_tunnel_find() is only called from the control path where the mutex is\ntaken.\n\nAdd a lockdep expression to hlist_for_each_entry_rcu() in\nip_tunnel_find() in order to validate that the mutex is held and to\nsilence the suspicious RCU usage warning [1].\n\n[1]\nWARNING: suspicious RCU usage\n6.12.0-rc3-custom-gd95d9a31aceb #139 Not tainted\n-----------------------------\nnet/ipv4/ip_tunnel.c:221 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n1 lock held by ip/362:\n #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60\n\nstack backtrace:\nCPU: 12 UID: 0 PID: 362 Comm: ip Not tainted 6.12.0-rc3-custom-gd95d9a31aceb #139\nHardware name: Bochs Bochs, BIOS Bochs 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xba/0x110\n lockdep_rcu_suspicious.cold+0x4f/0xd6\n ip_tunnel_find+0x435/0x4d0\n ip_tunnel_newlink+0x517/0x7a0\n ipgre_newlink+0x14c/0x170\n __rtnl_newlink+0x1173/0x19c0\n rtnl_newlink+0x6c/0xa0\n rtnetlink_rcv_msg+0x3cc/0xf60\n netlink_rcv_skb+0x171/0x450\n netlink_unicast+0x539/0x7f0\n netlink_sendmsg+0x8c1/0xd80\n ____sys_sendmsg+0x8f9/0xc20\n ___sys_sendmsg+0x197/0x1e0\n __sys_sendmsg+0x122/0x1f0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50304",
"url": "https://www.suse.com/security/cve/CVE-2024-50304"
},
{
"category": "external",
"summary": "SUSE Bug 1233522 for CVE-2024-50304",
"url": "https://bugzilla.suse.com/1233522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-50304"
},
{
"cve": "CVE-2024-52559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52559",
"url": "https://www.suse.com/security/cve/CVE-2024-52559"
},
{
"category": "external",
"summary": "SUSE Bug 1238507 for CVE-2024-52559",
"url": "https://bugzilla.suse.com/1238507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: error out earlier on disconnect\n\nEric reported a division by zero splat in the MPTCP protocol:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 6094 Comm: syz-executor317 Not tainted\n6.12.0-rc5-syzkaller-00291-g05b92660cdfe #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 09/13/2024\nRIP: 0010:__tcp_select_window+0x5b4/0x1310 net/ipv4/tcp_output.c:3163\nCode: f6 44 01 e3 89 df e8 9b 75 09 f8 44 39 f3 0f 8d 11 ff ff ff e8\n0d 74 09 f8 45 89 f4 e9 04 ff ff ff e8 00 74 09 f8 44 89 f0 99 \u003cf7\u003e 7c\n24 14 41 29 d6 45 89 f4 e9 ec fe ff ff e8 e8 73 09 f8 48 89\nRSP: 0018:ffffc900041f7930 EFLAGS: 00010293\nRAX: 0000000000017e67 RBX: 0000000000017e67 RCX: ffffffff8983314b\nRDX: 0000000000000000 RSI: ffffffff898331b0 RDI: 0000000000000004\nRBP: 00000000005d6000 R08: 0000000000000004 R09: 0000000000017e67\nR10: 0000000000003e80 R11: 0000000000000000 R12: 0000000000003e80\nR13: ffff888031d9b440 R14: 0000000000017e67 R15: 00000000002eb000\nFS: 00007feb5d7f16c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007feb5d8adbb8 CR3: 0000000074e4c000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n__tcp_cleanup_rbuf+0x3e7/0x4b0 net/ipv4/tcp.c:1493\nmptcp_rcv_space_adjust net/mptcp/protocol.c:2085 [inline]\nmptcp_recvmsg+0x2156/0x2600 net/mptcp/protocol.c:2289\ninet_recvmsg+0x469/0x6a0 net/ipv4/af_inet.c:885\nsock_recvmsg_nosec net/socket.c:1051 [inline]\nsock_recvmsg+0x1b2/0x250 net/socket.c:1073\n__sys_recvfrom+0x1a5/0x2e0 net/socket.c:2265\n__do_sys_recvfrom net/socket.c:2283 [inline]\n__se_sys_recvfrom net/socket.c:2279 [inline]\n__x64_sys_recvfrom+0xe0/0x1c0 net/socket.c:2279\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7feb5d857559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48\n89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d\n01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007feb5d7f1208 EFLAGS: 00000246 ORIG_RAX: 000000000000002d\nRAX: ffffffffffffffda RBX: 00007feb5d8e1318 RCX: 00007feb5d857559\nRDX: 000000800000000e RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007feb5d8e1310 R08: 0000000000000000 R09: ffffffff81000000\nR10: 0000000000000100 R11: 0000000000000246 R12: 00007feb5d8e131c\nR13: 00007feb5d8ae074 R14: 000000800000000e R15: 00000000fffffdef\n\nand provided a nice reproducer.\n\nThe root cause is the current bad handling of racing disconnect.\nAfter the blamed commit below, sk_wait_data() can return (with\nerror) with the underlying socket disconnected and a zero rcv_mss.\n\nCatch the error and return without performing any additional\noperations on the current socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53123",
"url": "https://www.suse.com/security/cve/CVE-2024-53123"
},
{
"category": "external",
"summary": "SUSE Bug 1234070 for CVE-2024-53123",
"url": "https://bugzilla.suse.com/1234070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-53123"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix out-of-bounds access of directory entries\n\nIn the case of the directory size is greater than or equal to\nthe cluster size, if start_clu becomes an EOF cluster(an invalid\ncluster) due to file system corruption, then the directory entry\nwhere ei-\u003ehint_femp.eidx hint is outside the directory, resulting\nin an out-of-bounds access, which may cause further file system\ncorruption.\n\nThis commit adds a check for start_clu, if it is an invalid cluster,\nthe file or directory will be treated as empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53147",
"url": "https://www.suse.com/security/cve/CVE-2024-53147"
},
{
"category": "external",
"summary": "SUSE Bug 1234857 for CVE-2024-53147",
"url": "https://bugzilla.suse.com/1234857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-53147"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53173",
"url": "https://www.suse.com/security/cve/CVE-2024-53173"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234891 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "external",
"summary": "SUSE Bug 1234892 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-53173"
},
{
"cve": "CVE-2024-53176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: During unmount, ensure all cached dir instances drop their dentry\n\nThe unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can\nrace with various cached directory operations, which ultimately results\nin dentries not being dropped and these kernel BUGs:\n\nBUG: Dentry ffff88814f37e358{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nVFS: Busy inodes after unmount of cifs (cifs)\n------------[ cut here ]------------\nkernel BUG at fs/super.c:661!\n\nThis happens when a cfid is in the process of being cleaned up when, and\nhas been removed from the cfids-\u003eentries list, including:\n\n- Receiving a lease break from the server\n- Server reconnection triggers invalidate_all_cached_dirs(), which\n removes all the cfids from the list\n- The laundromat thread decides to expire an old cfid.\n\nTo solve these problems, dropping the dentry is done in queued work done\nin a newly-added cfid_put_wq workqueue, and close_all_cached_dirs()\nflushes that workqueue after it drops all the dentries of which it\u0027s\naware. This is a global workqueue (rather than scoped to a mount), but\nthe queued work is minimal.\n\nThe final cleanup work for cleaning up a cfid is performed via work\nqueued in the serverclose_wq workqueue; this is done separate from\ndropping the dentries so that close_all_cached_dirs() doesn\u0027t block on\nany server operations.\n\nBoth of these queued works expect to invoked with a cfid reference and\na tcon reference to avoid those objects from being freed while the work\nis ongoing.\n\nWhile we\u0027re here, add proper locking to close_all_cached_dirs(), and\nlocking around the freeing of cfid-\u003edentry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53176",
"url": "https://www.suse.com/security/cve/CVE-2024-53176"
},
{
"category": "external",
"summary": "SUSE Bug 1234894 for CVE-2024-53176",
"url": "https://bugzilla.suse.com/1234894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-53176"
},
{
"cve": "CVE-2024-53177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: prevent use-after-free due to open_cached_dir error paths\n\nIf open_cached_dir() encounters an error parsing the lease from the\nserver, the error handling may race with receiving a lease break,\nresulting in open_cached_dir() freeing the cfid while the queued work is\npending.\n\nUpdate open_cached_dir() to drop refs rather than directly freeing the\ncfid.\n\nHave cached_dir_lease_break(), cfids_laundromat_worker(), and\ninvalidate_all_cached_dirs() clear has_lease immediately while still\nholding cfids-\u003ecfid_list_lock, and then use this to also simplify the\nreference counting in cfids_laundromat_worker() and\ninvalidate_all_cached_dirs().\n\nFixes this KASAN splat (which manually injects an error and lease break\nin open_cached_dir()):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in smb2_cached_lease_break+0x27/0xb0\nRead of size 8 at addr ffff88811cc24c10 by task kworker/3:1/65\n\nCPU: 3 UID: 0 PID: 65 Comm: kworker/3:1 Not tainted 6.12.0-rc6-g255cf264e6e5-dirty #87\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nWorkqueue: cifsiod smb2_cached_lease_break\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x77/0xb0\n print_report+0xce/0x660\n kasan_report+0xd3/0x110\n smb2_cached_lease_break+0x27/0xb0\n process_one_work+0x50a/0xc50\n worker_thread+0x2ba/0x530\n kthread+0x17c/0x1c0\n ret_from_fork+0x34/0x60\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n open_cached_dir+0xa7d/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x51/0x70\n kfree+0x174/0x520\n open_cached_dir+0x97f/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x33/0x60\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x32/0x100\n __queue_work+0x5c9/0x870\n queue_work_on+0x82/0x90\n open_cached_dir+0x1369/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe buggy address belongs to the object at ffff88811cc24c00\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 16 bytes inside of\n freed 1024-byte region [ffff88811cc24c00, ffff88811cc25000)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53177",
"url": "https://www.suse.com/security/cve/CVE-2024-53177"
},
{
"category": "external",
"summary": "SUSE Bug 1234896 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "external",
"summary": "SUSE Bug 1235103 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1235103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-53177"
},
{
"cve": "CVE-2024-53178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Don\u0027t leak cfid when reconnect races with open_cached_dir\n\nopen_cached_dir() may either race with the tcon reconnection even before\ncompound_send_recv() or directly trigger a reconnection via\nSMB2_open_init() or SMB_query_info_init().\n\nThe reconnection process invokes invalidate_all_cached_dirs() via\ncifs_mark_open_files_invalid(), which removes all cfids from the\ncfids-\u003eentries list but doesn\u0027t drop a ref if has_lease isn\u0027t true. This\nresults in the currently-being-constructed cfid not being on the list,\nbut still having a refcount of 2. It leaks if returned from\nopen_cached_dir().\n\nFix this by setting cfid-\u003ehas_lease when the ref is actually taken; the\ncfid will not be used by other threads until it has a valid time.\n\nAddresses these kmemleaks:\n\nunreferenced object 0xffff8881090c4000 (size 1024):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 32 bytes):\n 00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de ........\".......\n 00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff ..E\"......O.....\n backtrace (crc 6f58c20f):\n [\u003cffffffff8b895a1e\u003e] __kmalloc_cache_noprof+0x2be/0x350\n [\u003cffffffff8bda06e3\u003e] open_cached_dir+0x993/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\nunreferenced object 0xffff8881044fdcf8 (size 8):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 8 bytes):\n 00 cc cc cc cc cc cc cc ........\n backtrace (crc 10c106a9):\n [\u003cffffffff8b89a3d3\u003e] __kmalloc_node_track_caller_noprof+0x363/0x480\n [\u003cffffffff8b7d7256\u003e] kstrdup+0x36/0x60\n [\u003cffffffff8bda0700\u003e] open_cached_dir+0x9b0/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAnd addresses these BUG splats when unmounting the SMB filesystem:\n\nBUG: Dentry ffff888140590ba0{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nWARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100\nModules linked in:\nCPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:umount_check+0xd0/0x100\nCode: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff \u003c0f\u003e 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41\nRSP: 0018:ffff88811cc27978 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40\nRBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3\nR10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08\nR13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0\nFS: 00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n d_walk+0x6a/0x530\n shrink_dcache_for_umount+0x6a/0x200\n generic_shutdown_super+0x52/0x2a0\n kill_anon_super+0x22/0x40\n cifs_kill_sb+0x159/0x1e0\n deactivate_locked_super+0x66/0xe0\n cleanup_mnt+0x140/0x210\n task_work_run+0xfb/0x170\n syscall_exit_to_user_mode+0x29f/0x2b0\n do_syscall_64+0xa1/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f23bfb93ae7\nCode: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53178",
"url": "https://www.suse.com/security/cve/CVE-2024-53178"
},
{
"category": "external",
"summary": "SUSE Bug 1234895 for CVE-2024-53178",
"url": "https://bugzilla.suse.com/1234895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-53178"
},
{
"cve": "CVE-2024-53226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg()\n\nib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argument.\nThe driver needs to check whether it is a NULL pointer before\ndereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53226",
"url": "https://www.suse.com/security/cve/CVE-2024-53226"
},
{
"category": "external",
"summary": "SUSE Bug 1236576 for CVE-2024-53226",
"url": "https://bugzilla.suse.com/1236576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-53226"
},
{
"cve": "CVE-2024-53239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: 6fire: Release resources at card release\n\nThe current 6fire code tries to release the resources right after the\ncall of usb6fire_chip_abort(). But at this moment, the card object\nmight be still in use (as we\u0027re calling snd_card_free_when_closed()).\n\nFor avoid potential UAFs, move the release of resources to the card\u0027s\nprivate_free instead of the manual call of usb6fire_chip_destroy() at\nthe USB disconnect callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53239",
"url": "https://www.suse.com/security/cve/CVE-2024-53239"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235054 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "external",
"summary": "SUSE Bug 1235055 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-53239"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[ 356.775250] ------------[ cut here ]------------\n[ 356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv-\u003essid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n ssid_len = user_scan_in-\u003essid_list[i].ssid_len;\n [...]\n memcpy(wildcard_ssid_tlv-\u003essid,\n user_scan_in-\u003essid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn\u0027t account for the size of the one-element\narray, so it doesn\u0027t need to be changed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56539",
"url": "https://www.suse.com/security/cve/CVE-2024-56539"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234963 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "external",
"summary": "SUSE Bug 1234964 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-56539"
},
{
"cve": "CVE-2024-56548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don\u0027t query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[ 419.944641] ==================================================================\n[ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[ 419.947612]\n[ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 419.950035] Call Trace:\n[ 419.950384] \u003cTASK\u003e\n[ 419.950676] dump_stack_lvl+0x57/0x78\n[ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.951830] print_report+0x14c/0x49e\n[ 419.952361] ? __virt_addr_valid+0x267/0x278\n[ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d\n[ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.954231] kasan_report+0x89/0xb0\n[ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955367] hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9\n[ 419.957214] ? _raw_spin_unlock+0x1a/0x2e\n[ 419.957772] hfsplus_fill_super+0x348/0x1590\n[ 419.958355] ? hlock_class+0x4c/0x109\n[ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.959499] ? __pfx_string+0x10/0x10\n[ 419.960006] ? lock_acquire+0x3e2/0x454\n[ 419.960532] ? bdev_name.constprop.0+0xce/0x243\n[ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10\n[ 419.961799] ? pointer+0x3f0/0x62f\n[ 419.962277] ? __pfx_pointer+0x10/0x10\n[ 419.962761] ? vsnprintf+0x6c4/0xfba\n[ 419.963178] ? __pfx_vsnprintf+0x10/0x10\n[ 419.963621] ? setup_bdev_super+0x376/0x3b3\n[ 419.964029] ? snprintf+0x9d/0xd2\n[ 419.964344] ? __pfx_snprintf+0x10/0x10\n[ 419.964675] ? lock_acquired+0x45c/0x5e9\n[ 419.965016] ? set_blocksize+0x139/0x1c1\n[ 419.965381] ? sb_set_blocksize+0x6d/0xae\n[ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.966179] mount_bdev+0x12f/0x1bf\n[ 419.966512] ? __pfx_mount_bdev+0x10/0x10\n[ 419.966886] ? vfs_parse_fs_string+0xce/0x111\n[ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10\n[ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10\n[ 419.968073] legacy_get_tree+0x104/0x178\n[ 419.968414] vfs_get_tree+0x86/0x296\n[ 419.968751] path_mount+0xba3/0xd0b\n[ 419.969157] ? __pfx_path_mount+0x10/0x10\n[ 419.969594] ? kmem_cache_free+0x1e2/0x260\n[ 419.970311] do_mount+0x99/0xe0\n[ 419.970630] ? __pfx_do_mount+0x10/0x10\n[ 419.971008] __do_sys_mount+0x199/0x1c9\n[ 419.971397] do_syscall_64+0xd0/0x135\n[ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 419.972233] RIP: 0033:0x7c3cb812972e\n[ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56548",
"url": "https://www.suse.com/security/cve/CVE-2024-56548"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235073 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "external",
"summary": "SUSE Bug 1235074 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-56548"
},
{
"cve": "CVE-2024-56579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: amphion: Set video drvdata before register video device\n\nThe video drvdata should be set before the video device is registered,\notherwise video_drvdata() may return NULL in the open() file ops, and led\nto oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56579",
"url": "https://www.suse.com/security/cve/CVE-2024-56579"
},
{
"category": "external",
"summary": "SUSE Bug 1236575 for CVE-2024-56579",
"url": "https://bugzilla.suse.com/1236575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56579"
},
{
"cve": "CVE-2024-56592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Call free_htab_elem() after htab_unlock_bucket()\n\nFor htab of maps, when the map is removed from the htab, it may hold the\nlast reference of the map. bpf_map_fd_put_ptr() will invoke\nbpf_map_free_id() to free the id of the removed map element. However,\nbpf_map_fd_put_ptr() is invoked while holding a bucket lock\n(raw_spin_lock_t), and bpf_map_free_id() attempts to acquire map_idr_lock\n(spinlock_t), triggering the following lockdep warning:\n\n =============================\n [ BUG: Invalid wait context ]\n 6.11.0-rc4+ #49 Not tainted\n -----------------------------\n test_maps/4881 is trying to lock:\n ffffffff84884578 (map_idr_lock){+...}-{3:3}, at: bpf_map_free_id.part.0+0x21/0x70\n other info that might help us debug this:\n context-{5:5}\n 2 locks held by test_maps/4881:\n #0: ffffffff846caf60 (rcu_read_lock){....}-{1:3}, at: bpf_fd_htab_map_update_elem+0xf9/0x270\n #1: ffff888149ced148 (\u0026htab-\u003elockdep_key#2){....}-{2:2}, at: htab_map_update_elem+0x178/0xa80\n stack backtrace:\n CPU: 0 UID: 0 PID: 4881 Comm: test_maps Not tainted 6.11.0-rc4+ #49\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), ...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6e/0xb0\n dump_stack+0x10/0x20\n __lock_acquire+0x73e/0x36c0\n lock_acquire+0x182/0x450\n _raw_spin_lock_irqsave+0x43/0x70\n bpf_map_free_id.part.0+0x21/0x70\n bpf_map_put+0xcf/0x110\n bpf_map_fd_put_ptr+0x9a/0xb0\n free_htab_elem+0x69/0xe0\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n bpf_map_update_value+0x266/0x380\n __sys_bpf+0x21bb/0x36b0\n __x64_sys_bpf+0x45/0x60\n x64_sys_call+0x1b2a/0x20d0\n do_syscall_64+0x5d/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nOne way to fix the lockdep warning is using raw_spinlock_t for\nmap_idr_lock as well. However, bpf_map_alloc_id() invokes\nidr_alloc_cyclic() after acquiring map_idr_lock, it will trigger a\nsimilar lockdep warning because the slab\u0027s lock (s-\u003ecpu_slab-\u003elock) is\nstill a spinlock.\n\nInstead of changing map_idr_lock\u0027s type, fix the issue by invoking\nhtab_put_fd_value() after htab_unlock_bucket(). However, only deferring\nthe invocation of htab_put_fd_value() is not enough, because the old map\npointers in htab of maps can not be saved during batched deletion.\nTherefore, also defer the invocation of free_htab_elem(), so these\nto-be-freed elements could be linked together similar to lru map.\n\nThere are four callers for -\u003emap_fd_put_ptr:\n\n(1) alloc_htab_elem() (through htab_put_fd_value())\nIt invokes -\u003emap_fd_put_ptr() under a raw_spinlock_t. The invocation of\nhtab_put_fd_value() can not simply move after htab_unlock_bucket(),\nbecause the old element has already been stashed in htab-\u003eextra_elems.\nIt may be reused immediately after htab_unlock_bucket() and the\ninvocation of htab_put_fd_value() after htab_unlock_bucket() may release\nthe newly-added element incorrectly. Therefore, saving the map pointer\nof the old element for htab of maps before unlocking the bucket and\nreleasing the map_ptr after unlock. Beside the map pointer in the old\nelement, should do the same thing for the special fields in the old\nelement as well.\n\n(2) free_htab_elem() (through htab_put_fd_value())\nIts caller includes __htab_map_lookup_and_delete_elem(),\nhtab_map_delete_elem() and __htab_map_lookup_and_delete_batch().\n\nFor htab_map_delete_elem(), simply invoke free_htab_elem() after\nhtab_unlock_bucket(). For __htab_map_lookup_and_delete_batch(), just\nlike lru map, linking the to-be-freed element into node_to_free list\nand invoking free_htab_elem() for these element after unlock. It is safe\nto reuse batch_flink as the link for node_to_free, because these\nelements have been removed from the hash llist.\n\nBecause htab of maps doesn\u0027t support lookup_and_delete operation,\n__htab_map_lookup_and_delete_elem() doesn\u0027t have the problem, so kept\nit as\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56592",
"url": "https://www.suse.com/security/cve/CVE-2024-56592"
},
{
"category": "external",
"summary": "SUSE Bug 1235244 for CVE-2024-56592",
"url": "https://bugzilla.suse.com/1235244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56592"
},
{
"cve": "CVE-2024-56605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56605",
"url": "https://www.suse.com/security/cve/CVE-2024-56605"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235061 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "external",
"summary": "SUSE Bug 1235062 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-56605"
},
{
"cve": "CVE-2024-56633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg\n\nThe current sk memory accounting logic in __SK_REDIRECT is pre-uncharging\ntosend bytes, which is either msg-\u003esg.size or a smaller value apply_bytes.\n\nPotential problems with this strategy are as follows:\n\n- If the actual sent bytes are smaller than tosend, we need to charge some\n bytes back, as in line 487, which is okay but seems not clean.\n\n- When tosend is set to apply_bytes, as in line 417, and (ret \u003c 0), we may\n miss uncharging (msg-\u003esg.size - apply_bytes) bytes.\n\n[...]\n415 tosend = msg-\u003esg.size;\n416 if (psock-\u003eapply_bytes \u0026\u0026 psock-\u003eapply_bytes \u003c tosend)\n417 tosend = psock-\u003eapply_bytes;\n[...]\n443 sk_msg_return(sk, msg, tosend);\n444 release_sock(sk);\n446 origsize = msg-\u003esg.size;\n447 ret = tcp_bpf_sendmsg_redir(sk_redir, redir_ingress,\n448 msg, tosend, flags);\n449 sent = origsize - msg-\u003esg.size;\n[...]\n454 lock_sock(sk);\n455 if (unlikely(ret \u003c 0)) {\n456 int free = sk_msg_free_nocharge(sk, msg);\n458 if (!cork)\n459 *copied -= free;\n460 }\n[...]\n487 if (eval == __SK_REDIRECT)\n488 sk_mem_charge(sk, tosend - sent);\n[...]\n\nWhen running the selftest test_txmsg_redir_wait_sndmem with txmsg_apply,\nthe following warning will be reported:\n\n------------[ cut here ]------------\nWARNING: CPU: 6 PID: 57 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x190/0x1a0\nModules linked in:\nCPU: 6 UID: 0 PID: 57 Comm: kworker/6:0 Not tainted 6.12.0-rc1.bm.1-amd64+ #43\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nWorkqueue: events sk_psock_destroy\nRIP: 0010:inet_sock_destruct+0x190/0x1a0\nRSP: 0018:ffffad0a8021fe08 EFLAGS: 00010206\nRAX: 0000000000000011 RBX: ffff9aab4475b900 RCX: ffff9aab481a0800\nRDX: 0000000000000303 RSI: 0000000000000011 RDI: ffff9aab4475b900\nRBP: ffff9aab4475b990 R08: 0000000000000000 R09: ffff9aab40050ec0\nR10: 0000000000000000 R11: ffff9aae6fdb1d01 R12: ffff9aab49c60400\nR13: ffff9aab49c60598 R14: ffff9aab49c60598 R15: dead000000000100\nFS: 0000000000000000(0000) GS:ffff9aae6fd80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffec7e47bd8 CR3: 00000001a1a1c004 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x89/0x130\n? inet_sock_destruct+0x190/0x1a0\n? report_bug+0xfc/0x1e0\n? handle_bug+0x5c/0xa0\n? exc_invalid_op+0x17/0x70\n? asm_exc_invalid_op+0x1a/0x20\n? inet_sock_destruct+0x190/0x1a0\n__sk_destruct+0x25/0x220\nsk_psock_destroy+0x2b2/0x310\nprocess_scheduled_works+0xa3/0x3e0\nworker_thread+0x117/0x240\n? __pfx_worker_thread+0x10/0x10\nkthread+0xcf/0x100\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x31/0x40\n? __pfx_kthread+0x10/0x10\nret_from_fork_asm+0x1a/0x30\n\u003c/TASK\u003e\n---[ end trace 0000000000000000 ]---\n\nIn __SK_REDIRECT, a more concise way is delaying the uncharging after sent\nbytes are finalized, and uncharge this value. When (ret \u003c 0), we shall\ninvoke sk_msg_free.\n\nSame thing happens in case __SK_DROP, when tosend is set to apply_bytes,\nwe may miss uncharging (msg-\u003esg.size - apply_bytes) bytes. The same\nwarning will be reported in selftest.\n\n[...]\n468 case __SK_DROP:\n469 default:\n470 sk_msg_free_partial(sk, msg, tosend);\n471 sk_msg_apply_bytes(psock, tosend);\n472 *copied -= (tosend + delta);\n473 return -EACCES;\n[...]\n\nSo instead of sk_msg_free_partial we can do sk_msg_free here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56633",
"url": "https://www.suse.com/security/cve/CVE-2024-56633"
},
{
"category": "external",
"summary": "SUSE Bug 1235485 for CVE-2024-56633",
"url": "https://bugzilla.suse.com/1235485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56633"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix icmp host relookup triggering ip_rt_bug\n\narp link failure may trigger ip_rt_bug while xfrm enabled, call trace is:\n\nWARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 ip_rt_bug+0x14/0x20\nModules linked in:\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:ip_rt_bug+0x14/0x20\nCall Trace:\n \u003cIRQ\u003e\n ip_send_skb+0x14/0x40\n __icmp_send+0x42d/0x6a0\n ipv4_link_failure+0xe2/0x1d0\n arp_error_report+0x3c/0x50\n neigh_invalidate+0x8d/0x100\n neigh_timer_handler+0x2e1/0x330\n call_timer_fn+0x21/0x120\n __run_timer_base.part.0+0x1c9/0x270\n run_timer_softirq+0x4c/0x80\n handle_softirqs+0xac/0x280\n irq_exit_rcu+0x62/0x80\n sysvec_apic_timer_interrupt+0x77/0x90\n\nThe script below reproduces this scenario:\nip xfrm policy add src 0.0.0.0/0 dst 0.0.0.0/0 \\\n\tdir out priority 0 ptype main flag localok icmp\nip l a veth1 type veth\nip a a 192.168.141.111/24 dev veth0\nip l s veth0 up\nping 192.168.141.155 -c 1\n\nicmp_route_lookup() create input routes for locally generated packets\nwhile xfrm relookup ICMP traffic.Then it will set input route\n(dst-\u003eout = ip_rt_bug) to skb for DESTUNREACH.\n\nFor ICMP err triggered by locally generated packets, dst-\u003edev of output\nroute is loopback. Generally, xfrm relookup verification is not required\non loopback interfaces (net.ipv4.conf.lo.disable_xfrm = 1).\n\nSkip icmp relookup for locally generated packets to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56647",
"url": "https://www.suse.com/security/cve/CVE-2024-56647"
},
{
"category": "external",
"summary": "SUSE Bug 1235435 for CVE-2024-56647",
"url": "https://bugzilla.suse.com/1235435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56647"
},
{
"cve": "CVE-2024-56658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: defer final \u0027struct net\u0027 free in netns dismantle\n\nIlya reported a slab-use-after-free in dst_destroy [1]\n\nIssue is in xfrm6_net_init() and xfrm4_net_init() :\n\nThey copy xfrm[46]_dst_ops_template into net-\u003exfrm.xfrm[46]_dst_ops.\n\nBut net structure might be freed before all the dst callbacks are\ncalled. So when dst_destroy() calls later :\n\nif (dst-\u003eops-\u003edestroy)\n dst-\u003eops-\u003edestroy(dst);\n\ndst-\u003eops points to the old net-\u003exfrm.xfrm[46]_dst_ops, which has been freed.\n\nSee a relevant issue fixed in :\n\nac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\")\n\nA fix is to queue the \u0027struct net\u0027 to be freed after one\nanother cleanup_net() round (and existing rcu_barrier())\n\n[1]\n\nBUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112)\nRead of size 8 at addr ffff8882137ccab0 by task swapper/37/0\nDec 03 05:46:18 kernel:\nCPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67\nHardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\ndump_stack_lvl (lib/dump_stack.c:124)\nprint_address_description.constprop.0 (mm/kasan/report.c:378)\n? dst_destroy (net/core/dst.c:112)\nprint_report (mm/kasan/report.c:489)\n? dst_destroy (net/core/dst.c:112)\n? kasan_addr_to_slab (mm/kasan/common.c:37)\nkasan_report (mm/kasan/report.c:603)\n? dst_destroy (net/core/dst.c:112)\n? rcu_do_batch (kernel/rcu/tree.c:2567)\ndst_destroy (net/core/dst.c:112)\nrcu_do_batch (kernel/rcu/tree.c:2567)\n? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406)\nrcu_core (kernel/rcu/tree.c:2825)\nhandle_softirqs (kernel/softirq.c:554)\n__irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637)\nirq_exit_rcu (kernel/softirq.c:651)\nsysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049)\n \u003c/IRQ\u003e\n \u003cTASK\u003e\nasm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702)\nRIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743)\nCode: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 \u003cfa\u003e c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90\nRSP: 0018:ffff888100d2fe00 EFLAGS: 00000246\nRAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123\nRBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d\nR10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000\nR13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000\n? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148)\n? cpuidle_idle_call (kernel/sched/idle.c:186)\ndefault_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118)\ncpuidle_idle_call (kernel/sched/idle.c:186)\n? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168)\n? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406)\n? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59)\ndo_idle (kernel/sched/idle.c:326)\ncpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1))\nstart_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282)\n? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232)\n? soft_restart_cpu (arch/x86/kernel/head_64.S:452)\ncommon_startup_64 (arch/x86/kernel/head_64.S:414)\n \u003c/TASK\u003e\nDec 03 05:46:18 kernel:\nAllocated by task 12184:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69)\n__kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\nkmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141)\ncopy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480)\ncreate_new_namespaces\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56658",
"url": "https://www.suse.com/security/cve/CVE-2024-56658"
},
{
"category": "external",
"summary": "SUSE Bug 1235441 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "external",
"summary": "SUSE Bug 1235442 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-56658"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core-indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Several fixes to bpf_msg_pop_data\n\nSeveral fixes to bpf_msg_pop_data,\n1. In sk_msg_shift_left, we should put_page\n2. if (len == 0), return early is better\n3. pop the entire sk_msg (last == msg-\u003esg.size) should be supported\n4. Fix for the value of variable \"a\"\n5. In sk_msg_shift_left, after shifting, i has already pointed to the next\nelement. Addtional sk_msg_iter_var_next may result in BUG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56720",
"url": "https://www.suse.com/security/cve/CVE-2024-56720"
},
{
"category": "external",
"summary": "SUSE Bug 1235592 for CVE-2024-56720",
"url": "https://bugzilla.suse.com/1235592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56720"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a \u0027possible circular locking dependency detected\u0027 warning\n CPU0 CPU1\n ---- ----\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n\nFix this by temporarily releasing the reset_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57807",
"url": "https://www.suse.com/security/cve/CVE-2024-57807"
},
{
"category": "external",
"summary": "SUSE Bug 1235761 for CVE-2024-57807",
"url": "https://bugzilla.suse.com/1235761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread\n\nsyzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1]\n\nIf dvb-\u003emux is not initialized successfully by vidtv_mux_init() in the\nvidtv_start_streaming(), it will trigger null pointer dereference about mux\nin vidtv_mux_stop_thread().\n\nAdjust the timing of streaming initialization and check it before\nstopping it.\n\n[1]\nKASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]\nCPU: 0 UID: 0 PID: 5842 Comm: syz-executor248 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:vidtv_mux_stop_thread+0x26/0x80 drivers/media/test-drivers/vidtv/vidtv_mux.c:471\nCode: 90 90 90 90 66 0f 1f 00 55 53 48 89 fb e8 82 2e c8 f9 48 8d bb 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 02 7e 3b 0f b6 ab 28 01 00 00 31 ff 89 ee e8\nRSP: 0018:ffffc90003f2faa8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87cfb125\nRDX: 0000000000000025 RSI: ffffffff87d120ce RDI: 0000000000000128\nRBP: ffff888029b8d220 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000003 R12: ffff888029b8d188\nR13: ffffffff8f590aa0 R14: ffffc9000581c5c8 R15: ffff888029a17710\nFS: 00007f7eef5156c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7eef5e635c CR3: 0000000076ca6000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vidtv_stop_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:209 [inline]\n vidtv_stop_feed+0x151/0x250 drivers/media/test-drivers/vidtv/vidtv_bridge.c:252\n dmx_section_feed_stop_filtering+0x90/0x160 drivers/media/dvb-core/dvb_demux.c:1000\n dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270 drivers/media/dvb-core/dmxdev.c:486\n dvb_dmxdev_filter_stop+0x22a/0x3a0 drivers/media/dvb-core/dmxdev.c:559\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3f8/0xb60 fs/file_table.c:450\n task_work_run+0x14e/0x250 kernel/task_work.c:239\n get_signal+0x1d3/0x2610 kernel/signal.c:2790\n arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218\n do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57834",
"url": "https://www.suse.com/security/cve/CVE-2024-57834"
},
{
"category": "external",
"summary": "SUSE Bug 1238993 for CVE-2024-57834",
"url": "https://bugzilla.suse.com/1238993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix TCP options overflow.\n\nSyzbot reported the following splat:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 UID: 0 PID: 5836 Comm: sshd Not tainted 6.13.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\nRIP: 0010:_compound_head include/linux/page-flags.h:242 [inline]\nRIP: 0010:put_page+0x23/0x260 include/linux/mm.h:1552\nCode: 90 90 90 90 90 90 90 55 41 57 41 56 53 49 89 fe 48 bd 00 00 00 00 00 fc ff df e8 f8 5e 12 f8 49 8d 5e 08 48 89 d8 48 c1 e8 03 \u003c80\u003e 3c 28 00 74 08 48 89 df e8 8f c7 78 f8 48 8b 1b 48 89 de 48 83\nRSP: 0000:ffffc90003916c90 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888030458000\nRDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: dffffc0000000000 R08: ffffffff898ca81d R09: 1ffff110054414ac\nR10: dffffc0000000000 R11: ffffed10054414ad R12: 0000000000000007\nR13: ffff88802a20a542 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f34f496e800(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9d6ec9ec28 CR3: 000000004d260000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n skb_page_unref include/linux/skbuff_ref.h:43 [inline]\n __skb_frag_unref include/linux/skbuff_ref.h:56 [inline]\n skb_release_data+0x483/0x8a0 net/core/skbuff.c:1119\n skb_release_all net/core/skbuff.c:1190 [inline]\n __kfree_skb+0x55/0x70 net/core/skbuff.c:1204\n tcp_clean_rtx_queue net/ipv4/tcp_input.c:3436 [inline]\n tcp_ack+0x2442/0x6bc0 net/ipv4/tcp_input.c:4032\n tcp_rcv_state_process+0x8eb/0x44e0 net/ipv4/tcp_input.c:6805\n tcp_v4_do_rcv+0x77d/0xc70 net/ipv4/tcp_ipv4.c:1939\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5672 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5785\n process_backlog+0x662/0x15b0 net/core/dev.c:6117\n __napi_poll+0xcb/0x490 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:7074\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x57/0xc0 arch/x86/kernel/apic/apic.c:1049\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\nRIP: 0033:0x7f34f4519ad5\nCode: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83\nRSP: 002b:00007ffec5b32ce0 EFLAGS: 00000246\nRAX: 0000000000000001 RBX: 00000000000668a0 RCX: 00007f34f4519ad5\nRDX: 00007ffec5b32d00 RSI: 0000000000000004 RDI: 0000564f4bc6cae0\nRBP: 0000564f4bc6b5a0 R08: 0000000000000008 R09: 0000000000000000\nR10: 00007ffec5b32de8 R11: 0000000000000246 R12: 0000564f48ea8aa4\nR13: 0000000000000001 R14: 0000564f48ea93e8 R15: 00007ffec5b32d68\n \u003c/TASK\u003e\n\nEric noted a probable shinfo-\u003enr_frags corruption, which indeed\noccurs.\n\nThe root cause is a buggy MPTCP option len computation in some\ncircumstances: the ADD_ADDR option should be mutually exclusive\nwith DSS since the blamed commit.\n\nStill, mptcp_established_options_add_addr() tries to set the\nrelevant info in mptcp_out_options, if \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57882",
"url": "https://www.suse.com/security/cve/CVE-2024-57882"
},
{
"category": "external",
"summary": "SUSE Bug 1235914 for CVE-2024-57882",
"url": "https://bugzilla.suse.com/1235914"
},
{
"category": "external",
"summary": "SUSE Bug 1235916 for CVE-2024-57882",
"url": "https://bugzilla.suse.com/1235916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-57882"
},
{
"cve": "CVE-2024-57889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking\n\nIf a device uses MCP23xxx IO expander to receive IRQs, the following\nbug can happen:\n\n BUG: sleeping function called from invalid context\n at kernel/locking/mutex.c:283\n in_atomic(): 1, irqs_disabled(): 1, non_block: 0, ...\n preempt_count: 1, expected: 0\n ...\n Call Trace:\n ...\n __might_resched+0x104/0x10e\n __might_sleep+0x3e/0x62\n mutex_lock+0x20/0x4c\n regmap_lock_mutex+0x10/0x18\n regmap_update_bits_base+0x2c/0x66\n mcp23s08_irq_set_type+0x1ae/0x1d6\n __irq_set_trigger+0x56/0x172\n __setup_irq+0x1e6/0x646\n request_threaded_irq+0xb6/0x160\n ...\n\nWe observed the problem while experimenting with a touchscreen driver which\nused MCP23017 IO expander (I2C).\n\nThe regmap in the pinctrl-mcp23s08 driver uses a mutex for protection from\nconcurrent accesses, which is the default for regmaps without .fast_io,\n.disable_locking, etc.\n\nmcp23s08_irq_set_type() calls regmap_update_bits_base(), and the latter\nlocks the mutex.\n\nHowever, __setup_irq() locks desc-\u003elock spinlock before calling these\nfunctions. As a result, the system tries to lock the mutex whole holding\nthe spinlock.\n\nIt seems, the internal regmap locks are not needed in this driver at all.\nmcp-\u003elock seems to protect the regmap from concurrent accesses already,\nexcept, probably, in mcp_pinconf_get/set.\n\nmcp23s08_irq_set_type() and mcp23s08_irq_mask/unmask() are called under\nchip_bus_lock(), which calls mcp23s08_irq_bus_lock(). The latter takes\nmcp-\u003elock and enables regmap caching, so that the potentially slow I2C\naccesses are deferred until chip_bus_unlock().\n\nThe accesses to the regmap from mcp23s08_probe_one() do not need additional\nlocking.\n\nIn all remaining places where the regmap is accessed, except\nmcp_pinconf_get/set(), the driver already takes mcp-\u003elock.\n\nThis patch adds locking in mcp_pinconf_get/set() and disables internal\nlocking in the regmap config. Among other things, it fixes the sleeping\nin atomic context described above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57889",
"url": "https://www.suse.com/security/cve/CVE-2024-57889"
},
{
"category": "external",
"summary": "SUSE Bug 1236573 for CVE-2024-57889",
"url": "https://bugzilla.suse.com/1236573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57889"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: check local interfaces before deleting sdata list\n\nsyzkaller reported a corrupted list in ieee802154_if_remove. [1]\n\nRemove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4\nhardware device from the system.\n\nCPU0\t\t\t\t\tCPU1\n====\t\t\t\t\t====\ngenl_family_rcv_msg_doit\t\tieee802154_unregister_hw\nieee802154_del_iface\t\t\tieee802154_remove_interfaces\nrdev_del_virtual_intf_deprecated\tlist_del(\u0026sdata-\u003elist)\nieee802154_if_remove\nlist_del_rcu\n\nThe net device has been unregistered, since the rcu grace period,\nunregistration must be run before ieee802154_if_remove.\n\nTo avoid this issue, add a check for local-\u003einterfaces before deleting\nsdata list.\n\n[1]\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 6277 Comm: syz-executor157 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:__list_del_entry_valid_or_report+0xf4/0x140 lib/list_debug.c:56\nCode: e8 a1 7e 00 07 90 0f 0b 48 c7 c7 e0 37 60 8c 4c 89 fe e8 8f 7e 00 07 90 0f 0b 48 c7 c7 40 38 60 8c 4c 89 fe e8 7d 7e 00 07 90 \u003c0f\u003e 0b 48 c7 c7 a0 38 60 8c 4c 89 fe e8 6b 7e 00 07 90 0f 0b 48 c7\nRSP: 0018:ffffc9000490f3d0 EFLAGS: 00010246\nRAX: 000000000000004e RBX: dead000000000122 RCX: d211eee56bb28d00\nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\nRBP: ffff88805b278dd8 R08: ffffffff8174a12c R09: 1ffffffff2852f0d\nR10: dffffc0000000000 R11: fffffbfff2852f0e R12: dffffc0000000000\nR13: dffffc0000000000 R14: dead000000000100 R15: ffff88805b278cc0\nFS: 0000555572f94380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000056262e4a3000 CR3: 0000000078496000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n __list_del_entry_valid include/linux/list.h:124 [inline]\n __list_del_entry include/linux/list.h:215 [inline]\n list_del_rcu include/linux/rculist.h:157 [inline]\n ieee802154_if_remove+0x86/0x1e0 net/mac802154/iface.c:687\n rdev_del_virtual_intf_deprecated net/ieee802154/rdev-ops.h:24 [inline]\n ieee802154_del_iface+0x2c0/0x5c0 net/ieee802154/nl-phy.c:323\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:744\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2607\n ___sys_sendmsg net/socket.c:2661 [inline]\n __sys_sendmsg+0x292/0x380 net/socket.c:2690\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57948",
"url": "https://www.suse.com/security/cve/CVE-2024-57948"
},
{
"category": "external",
"summary": "SUSE Bug 1236677 for CVE-2024-57948",
"url": "https://bugzilla.suse.com/1236677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57948"
},
{
"cve": "CVE-2024-57973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user. It comes from\nprocess_responses(). On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug. Use size_add() to prevent this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57973",
"url": "https://www.suse.com/security/cve/CVE-2024-57973"
},
{
"category": "external",
"summary": "SUSE Bug 1238531 for CVE-2024-57973",
"url": "https://bugzilla.suse.com/1238531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Fix potential error pointer dereference in detach_pm()\n\nThe proble is on the first line:\n\n\tif (jpeg-\u003epd_dev[i] \u0026\u0026 !pm_runtime_suspended(jpeg-\u003epd_dev[i]))\n\nIf jpeg-\u003epd_dev[i] is an error pointer, then passing it to\npm_runtime_suspended() will lead to an Oops. The other conditions\ncheck for both error pointers and NULL, but it would be more clear to\nuse the IS_ERR_OR_NULL() check for that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57978",
"url": "https://www.suse.com/security/cve/CVE-2024-57978"
},
{
"category": "external",
"summary": "SUSE Bug 1238523 for CVE-2024-57978",
"url": "https://bugzilla.suse.com/1238523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: Fix a use-after-free\n\nOn a board running ntpd and gpsd, I\u0027m seeing a consistent use-after-free\nin sys_exit() from gpsd when rebooting:\n\n pps pps1: removed\n ------------[ cut here ]------------\n kobject: \u0027(null)\u0027 (00000000db4bec24): is not initialized, yet kobject_put() is being called.\n WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150\n CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1\n Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : kobject_put+0x120/0x150\n lr : kobject_put+0x120/0x150\n sp : ffffffc0803d3ae0\n x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001\n x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440\n x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600\n x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20\n x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n kobject_put+0x120/0x150\n cdev_put+0x20/0x3c\n __fput+0x2c4/0x2d8\n ____fput+0x1c/0x38\n task_work_run+0x70/0xfc\n do_exit+0x2a0/0x924\n do_group_exit+0x34/0x90\n get_signal+0x7fc/0x8c0\n do_signal+0x128/0x13b4\n do_notify_resume+0xdc/0x160\n el0_svc+0xd4/0xf8\n el0t_64_sync_handler+0x140/0x14c\n el0t_64_sync+0x190/0x194\n ---[ end trace 0000000000000000 ]---\n\n...followed by more symptoms of corruption, with similar stacks:\n\n refcount_t: underflow; use-after-free.\n kernel BUG at lib/list_debug.c:62!\n Kernel panic - not syncing: Oops - BUG: Fatal exception\n\nThis happens because pps_device_destruct() frees the pps_device with the\nembedded cdev immediately after calling cdev_del(), but, as the comment\nabove cdev_del() notes, fops for previously opened cdevs are still\ncallable even after cdev_del() returns. I think this bug has always\nbeen there: I can\u0027t explain why it suddenly started happening every time\nI reboot this particular board.\n\nIn commit d953e0e837e6 (\"pps: Fix a use-after free bug when\nunregistering a source.\"), George Spelvin suggested removing the\nembedded cdev. That seems like the simplest way to fix this, so I\u0027ve\nimplemented his suggestion, using __register_chrdev() with pps_idr\nbecoming the source of truth for which minor corresponds to which\ndevice.\n\nBut now that pps_idr defines userspace visibility instead of cdev_add(),\nwe need to be sure the pps-\u003edev refcount can\u0027t reach zero while\nuserspace can still find it again. So, the idr_remove() call moves to\npps_unregister_cdev(), and pps_idr now holds a reference to pps-\u003edev.\n\n pps_core: source serial1 got cdev (251:1)\n \u003c...\u003e\n pps pps1: removed\n pps_core: unregistering pps1\n pps_core: deallocating pps1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57979",
"url": "https://www.suse.com/security/cve/CVE-2024-57979"
},
{
"category": "external",
"summary": "SUSE Bug 1238521 for CVE-2024-57979",
"url": "https://bugzilla.suse.com/1238521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57980",
"url": "https://www.suse.com/security/cve/CVE-2024-57980"
},
{
"category": "external",
"summary": "SUSE Bug 1237911 for CVE-2024-57980",
"url": "https://bugzilla.suse.com/1237911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57981",
"url": "https://www.suse.com/security/cve/CVE-2024-57981"
},
{
"category": "external",
"summary": "SUSE Bug 1237912 for CVE-2024-57981",
"url": "https://bugzilla.suse.com/1237912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Fix assumption that Resolution Multipliers must be in Logical Collections\n\nA report in 2019 by the syzbot fuzzer was found to be connected to two\nerrors in the HID core associated with Resolution Multipliers. One of\nthe errors was fixed by commit ea427a222d8b (\"HID: core: Fix deadloop\nin hid_apply_multiplier.\"), but the other has not been fixed.\n\nThis error arises because hid_apply_multipler() assumes that every\nResolution Multiplier control is contained in a Logical Collection,\ni.e., there\u0027s no way the routine can ever set multiplier_collection to\nNULL. This is in spite of the fact that the function starts with a\nbig comment saying:\n\n\t * \"The Resolution Multiplier control must be contained in the same\n\t * Logical Collection as the control(s) to which it is to be applied.\n\t ...\n\t * If no Logical Collection is\n\t * defined, the Resolution Multiplier is associated with all\n\t * controls in the report.\"\n\t * HID Usage Table, v1.12, Section 4.3.1, p30\n\t *\n\t * Thus, search from the current collection upwards until we find a\n\t * logical collection...\n\nThe comment and the code overlook the possibility that none of the\ncollections found may be a Logical Collection.\n\nThe fix is to set the multiplier_collection pointer to NULL if the\ncollection found isn\u0027t a Logical Collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57986",
"url": "https://www.suse.com/security/cve/CVE-2024-57986"
},
{
"category": "external",
"summary": "SUSE Bug 1237907 for CVE-2024-57986",
"url": "https://bugzilla.suse.com/1237907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: fix off by one in mt7925_load_clc()\n\nThis comparison should be \u003e= instead of \u003e to prevent an out of bounds\nread and write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57990",
"url": "https://www.suse.com/security/cve/CVE-2024-57990"
},
{
"category": "external",
"summary": "SUSE Bug 1237900 for CVE-2024-57990",
"url": "https://bugzilla.suse.com/1237900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check\n\nsyzbot has found a type mismatch between a USB pipe and the transfer\nendpoint, which is triggered by the hid-thrustmaster driver[1].\nThere is a number of similar, already fixed issues [2].\nIn this case as in others, implementing check for endpoint type fixes the issue.\n\n[1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470\n[2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57993",
"url": "https://www.suse.com/security/cve/CVE-2024-57993"
},
{
"category": "external",
"summary": "SUSE Bug 1237894 for CVE-2024-57993",
"url": "https://bugzilla.suse.com/1237894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptr_ring: do not block hard interrupts in ptr_ring_resize_multiple()\n\nJakub added a lockdep_assert_no_hardirq() check in __page_pool_put_page()\nto increase test coverage.\n\nsyzbot found a splat caused by hard irq blocking in\nptr_ring_resize_multiple() [1]\n\nAs current users of ptr_ring_resize_multiple() do not require\nhard irqs being masked, replace it to only block BH.\n\nRename helpers to better reflect they are safe against BH only.\n\n- ptr_ring_resize_multiple() to ptr_ring_resize_multiple_bh()\n- skb_array_resize_multiple() to skb_array_resize_multiple_bh()\n\n[1]\n\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 __page_pool_put_page net/core/page_pool.c:709 [inline]\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nModules linked in:\nCPU: 1 UID: 0 PID: 9150 Comm: syz.1.1052 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:__page_pool_put_page net/core/page_pool.c:709 [inline]\nRIP: 0010:page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nCode: 74 0e e8 7c aa fb f7 eb 43 e8 75 aa fb f7 eb 3c 65 8b 1d 38 a8 6a 76 31 ff 89 de e8 a3 ae fb f7 85 db 74 0b e8 5a aa fb f7 90 \u003c0f\u003e 0b 90 eb 1d 65 8b 1d 15 a8 6a 76 31 ff 89 de e8 84 ae fb f7 85\nRSP: 0018:ffffc9000bda6b58 EFLAGS: 00010083\nRAX: ffffffff8997e523 RBX: 0000000000000000 RCX: 0000000000040000\nRDX: ffffc9000fbd0000 RSI: 0000000000001842 RDI: 0000000000001843\nRBP: 0000000000000000 R08: ffffffff8997df2c R09: 1ffffd40003a000d\nR10: dffffc0000000000 R11: fffff940003a000e R12: ffffea0001d00040\nR13: ffff88802e8a4000 R14: dffffc0000000000 R15: 00000000ffffffff\nFS: 00007fb7aaf716c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa15a0d4b72 CR3: 00000000561b0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tun_ptr_free drivers/net/tun.c:617 [inline]\n __ptr_ring_swap_queue include/linux/ptr_ring.h:571 [inline]\n ptr_ring_resize_multiple_noprof include/linux/ptr_ring.h:643 [inline]\n tun_queue_resize drivers/net/tun.c:3694 [inline]\n tun_device_event+0xaaf/0x1080 drivers/net/tun.c:3714\n notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93\n call_netdevice_notifiers_extack net/core/dev.c:2032 [inline]\n call_netdevice_notifiers net/core/dev.c:2046 [inline]\n dev_change_tx_queue_len+0x158/0x2a0 net/core/dev.c:9024\n do_setlink+0xff6/0x41f0 net/core/rtnetlink.c:2923\n rtnl_setlink+0x40d/0x5a0 net/core/rtnetlink.c:3201\n rtnetlink_rcv_msg+0x73f/0xcf0 net/core/rtnetlink.c:6647\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57994",
"url": "https://www.suse.com/security/cve/CVE-2024-57994"
},
{
"category": "external",
"summary": "SUSE Bug 1237901 for CVE-2024-57994",
"url": "https://bugzilla.suse.com/1237901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57994"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wcn36xx: fix channel survey memory allocation size\n\nKASAN reported a memory allocation issue in wcn-\u003echan_survey\ndue to incorrect size calculation.\nThis commit uses kcalloc to allocate memory for wcn-\u003echan_survey,\nensuring proper initialization and preventing the use of uninitialized\nvalues when there are no frames on the channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57997",
"url": "https://www.suse.com/security/cve/CVE-2024-57997"
},
{
"category": "external",
"summary": "SUSE Bug 1238529 for CVE-2024-57997",
"url": "https://bugzilla.suse.com/1238529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58002",
"url": "https://www.suse.com/security/cve/CVE-2024-58002"
},
{
"category": "external",
"summary": "SUSE Bug 1238503 for CVE-2024-58002",
"url": "https://bugzilla.suse.com/1238503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58005",
"url": "https://www.suse.com/security/cve/CVE-2024-58005"
},
{
"category": "external",
"summary": "SUSE Bug 1237873 for CVE-2024-58005",
"url": "https://bugzilla.suse.com/1237873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()\n\nIn commit 4284c88fff0e (\"PCI: designware-ep: Allow pci_epc_set_bar() update\ninbound map address\") set_bar() was modified to support dynamically\nchanging the backing physical address of a BAR that was already configured.\n\nThis means that set_bar() can be called twice, without ever calling\nclear_bar() (as calling clear_bar() would clear the BAR\u0027s PCI address\nassigned by the host).\n\nThis can only be done if the new BAR size/flags does not differ from the\nexisting BAR configuration. Add these missing checks.\n\nIf we allow set_bar() to set e.g. a new BAR size that differs from the\nexisting BAR size, the new address translation range will be smaller than\nthe BAR size already determined by the host, which would mean that a read\npast the new BAR size would pass the iATU untranslated, which could allow\nthe host to read memory not belonging to the new struct pci_epf_bar.\n\nWhile at it, add comments which clarifies the support for dynamically\nchanging the physical address of a BAR. (Which was also missing.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58006",
"url": "https://www.suse.com/security/cve/CVE-2024-58006"
},
{
"category": "external",
"summary": "SUSE Bug 1238772 for CVE-2024-58006",
"url": "https://bugzilla.suse.com/1238772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It\u0027s always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it\u0027s\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58007",
"url": "https://www.suse.com/security/cve/CVE-2024-58007"
},
{
"category": "external",
"summary": "SUSE Bug 1238511 for CVE-2024-58007",
"url": "https://bugzilla.suse.com/1238511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58009",
"url": "https://www.suse.com/security/cve/CVE-2024-58009"
},
{
"category": "external",
"summary": "SUSE Bug 1238760 for CVE-2024-58009",
"url": "https://bugzilla.suse.com/1238760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58011",
"url": "https://www.suse.com/security/cve/CVE-2024-58011"
},
{
"category": "external",
"summary": "SUSE Bug 1239080 for CVE-2024-58011",
"url": "https://bugzilla.suse.com/1239080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params\n\nEach cpu DAI should associate with a widget. However, the topology might\nnot create the right number of DAI widgets for aggregated amps. And it\nwill cause NULL pointer deference.\nCheck that the DAI widget associated with the CPU DAI is valid to prevent\nNULL pointer deference due to missing DAI widgets in topologies with\naggregated amps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58012",
"url": "https://www.suse.com/security/cve/CVE-2024-58012"
},
{
"category": "external",
"summary": "SUSE Bug 1239104 for CVE-2024-58012",
"url": "https://bugzilla.suse.com/1239104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58013",
"url": "https://www.suse.com/security/cve/CVE-2024-58013"
},
{
"category": "external",
"summary": "SUSE Bug 1239095 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "external",
"summary": "SUSE Bug 1239096 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58014",
"url": "https://www.suse.com/security/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "SUSE Bug 1239109 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "external",
"summary": "SUSE Bug 1239110 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58017",
"url": "https://www.suse.com/security/cve/CVE-2024-58017"
},
{
"category": "external",
"summary": "SUSE Bug 1239112 for CVE-2024-58017",
"url": "https://bugzilla.suse.com/1239112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()\n\nAs of_find_node_by_name() release the reference of the argument device\nnode, tegra_emc_find_node_by_ram_code() releases some device nodes while\nstill in use, resulting in possible UAFs. According to the bindings and\nthe in-tree DTS files, the \"emc-tables\" node is always device\u0027s child\nnode with the property \"nvidia,use-ram-code\", and the \"lpddr2\" node is a\nchild of the \"emc-tables\" node. Thus utilize the\nfor_each_child_of_node() macro and of_get_child_by_name() instead of\nof_find_node_by_name() to simplify the code.\n\nThis bug was found by an experimental verification tool that I am\ndeveloping.\n\n[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58034",
"url": "https://www.suse.com/security/cve/CVE-2024-58034"
},
{
"category": "external",
"summary": "SUSE Bug 1238773 for CVE-2024-58034",
"url": "https://bugzilla.suse.com/1238773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: ipmb: Add check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this\nreturned value is not checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58051",
"url": "https://www.suse.com/security/cve/CVE-2024-58051"
},
{
"category": "external",
"summary": "SUSE Bug 1238963 for CVE-2024-58051",
"url": "https://bugzilla.suse.com/1238963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58052",
"url": "https://www.suse.com/security/cve/CVE-2024-58052"
},
{
"category": "external",
"summary": "SUSE Bug 1238986 for CVE-2024-58052",
"url": "https://bugzilla.suse.com/1238986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: max96712: fix kernel oops when removing module\n\nThe following kernel oops is thrown when trying to remove the max96712\nmodule:\n\nUnable to handle kernel paging request at virtual address 00007375746174db\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000\n[00007375746174db] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan\n snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2\n imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev\n snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils\n max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse\n [last unloaded: imx8_isi]\nCPU: 0 UID: 0 PID: 754 Comm: rmmod\n\t Tainted: G C 6.12.0-rc6-06364-g327fec852c31 #17\nTainted: [C]=CRAP\nHardware name: NXP i.MX95 19X19 board (DT)\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : led_put+0x1c/0x40\nlr : v4l2_subdev_put_privacy_led+0x48/0x58\nsp : ffff80008699bbb0\nx29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000\nx26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8\nx20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000\nx11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010\nx8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\nx5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1\nx2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473\nCall trace:\n led_put+0x1c/0x40\n v4l2_subdev_put_privacy_led+0x48/0x58\n v4l2_async_unregister_subdev+0x2c/0x1a4\n max96712_remove+0x1c/0x38 [max96712]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x4c/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n max96712_i2c_driver_exit+0x18/0x1d0 [max96712]\n __arm64_sys_delete_module+0x1a4/0x290\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xd8\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\nCode: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400)\n---[ end trace 0000000000000000 ]---\n\nThis happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata()\nis called again and the data is overwritten to point to sd, instead of\npriv. So, in remove(), the wrong pointer is passed to\nv4l2_async_unregister_subdev(), leading to a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58054",
"url": "https://www.suse.com/security/cve/CVE-2024-58054"
},
{
"category": "external",
"summary": "SUSE Bug 1238975 for CVE-2024-58054",
"url": "https://bugzilla.suse.com/1238975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don\u0027t free command immediately\n\nDon\u0027t prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58055",
"url": "https://www.suse.com/security/cve/CVE-2024-58055"
},
{
"category": "external",
"summary": "SUSE Bug 1238959 for CVE-2024-58055",
"url": "https://bugzilla.suse.com/1238959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been initialized to 0.\nida_free() is called reporting a warning:\n[ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[ 4.188854] ida_free called for id=0 which is not allocated.\n[ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[ 4.231481] Hardware name: STM32 (Device Tree Support)\n[ 4.236627] Workqueue: events_unbound deferred_probe_work_func\n[ 4.242504] Call trace:\n[ 4.242522] unwind_backtrace from show_stack+0x10/0x14\n[ 4.250218] show_stack from dump_stack_lvl+0x50/0x64\n[ 4.255274] dump_stack_lvl from __warn+0x80/0x12c\n[ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188\n[ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164\n[ 4.270565] ida_free from rproc_type_release+0x38/0x60\n[ 4.275832] rproc_type_release from device_release+0x30/0xa0\n[ 4.281601] device_release from kobject_put+0xc4/0x294\n[ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c\n[ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58056",
"url": "https://www.suse.com/security/cve/CVE-2024-58056"
},
{
"category": "external",
"summary": "SUSE Bug 1238981 for CVE-2024-58056",
"url": "https://bugzilla.suse.com/1238981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert workqueues to unbound\n\nWhen a workqueue is created with `WQ_UNBOUND`, its work items are\nserved by special worker-pools, whose host workers are not bound to\nany specific CPU. In the default configuration (i.e. when\n`queue_delayed_work` and friends do not specify which CPU to run the\nwork item on), `WQ_UNBOUND` allows the work item to be executed on any\nCPU in the same node of the CPU it was enqueued on. While this\nsolution potentially sacrifices locality, it avoids contention with\nother processes that might dominate the CPU time of the processor the\nwork item was scheduled on.\n\nThis is not just a theoretical problem: in a particular scenario\nmisconfigured process was hogging most of the time from CPU0, leaving\nless than 0.5% of its CPU time to the kworker. The IDPF workqueues\nthat were using the kworker on CPU0 suffered large completion delays\nas a result, causing performance degradation, timeouts and eventual\nsystem crash.\n\n\n* I have also run a manual test to gauge the performance\n improvement. The test consists of an antagonist process\n (`./stress --cpu 2`) consuming as much of CPU 0 as possible. This\n process is run under `taskset 01` to bind it to CPU0, and its\n priority is changed with `chrt -pQ 9900 10000 ${pid}` and\n `renice -n -20 ${pid}` after start.\n\n Then, the IDPF driver is forced to prefer CPU0 by editing all calls\n to `queue_delayed_work`, `mod_delayed_work`, etc... to use CPU 0.\n\n Finally, `ktraces` for the workqueue events are collected.\n\n Without the current patch, the antagonist process can force\n arbitrary delays between `workqueue_queue_work` and\n `workqueue_execute_start`, that in my tests were as high as\n `30ms`. With the current patch applied, the workqueue can be\n migrated to another unloaded CPU in the same node, and, keeping\n everything else equal, the maximum delay I could see was `6us`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58057",
"url": "https://www.suse.com/security/cve/CVE-2024-58057"
},
{
"category": "external",
"summary": "SUSE Bug 1238969 for CVE-2024-58057",
"url": "https://bugzilla.suse.com/1238969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58058",
"url": "https://www.suse.com/security/cve/CVE-2024-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1238979 for CVE-2024-58058",
"url": "https://bugzilla.suse.com/1238979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58061",
"url": "https://www.suse.com/security/cve/CVE-2024-58061"
},
{
"category": "external",
"summary": "SUSE Bug 1238973 for CVE-2024-58061",
"url": "https://bugzilla.suse.com/1238973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58063",
"url": "https://www.suse.com/security/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "SUSE Bug 1238984 for CVE-2024-58063",
"url": "https://bugzilla.suse.com/1238984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read\n\nThe nvmem interface supports variable buffer sizes, while the regmap\ninterface operates with fixed-size storage. If an nvmem client uses a\nbuffer size less than 4 bytes, regmap_read will write out of bounds\nas it expects the buffer to point at an unsigned int.\n\nFix this by using an intermediary unsigned int to hold the value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58069",
"url": "https://www.suse.com/security/cve/CVE-2024-58069"
},
{
"category": "external",
"summary": "SUSE Bug 1238978 for CVE-2024-58069",
"url": "https://bugzilla.suse.com/1238978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58072",
"url": "https://www.suse.com/security/cve/CVE-2024-58072"
},
{
"category": "external",
"summary": "SUSE Bug 1238964 for CVE-2024-58072",
"url": "https://bugzilla.suse.com/1238964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58076",
"url": "https://www.suse.com/security/cve/CVE-2024-58076"
},
{
"category": "external",
"summary": "SUSE Bug 1239037 for CVE-2024-58076",
"url": "https://bugzilla.suse.com/1239037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n\u003e \u003e WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n\u003e \u003e ida_free called for id=127 which is not allocated.\n\u003e \u003e \u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\n...\n\u003e \u003e [\u003c60941eb4\u003e] ida_free+0x3e0/0x41f\n\u003e \u003e [\u003c605ac993\u003e] misc_minor_free+0x3e/0xbc\n\u003e \u003e [\u003c605acb82\u003e] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58078",
"url": "https://www.suse.com/security/cve/CVE-2024-58078"
},
{
"category": "external",
"summary": "SUSE Bug 1239034 for CVE-2024-58078",
"url": "https://bugzilla.suse.com/1239034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58079",
"url": "https://www.suse.com/security/cve/CVE-2024-58079"
},
{
"category": "external",
"summary": "SUSE Bug 1239029 for CVE-2024-58079",
"url": "https://bugzilla.suse.com/1239029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58080",
"url": "https://www.suse.com/security/cve/CVE-2024-58080"
},
{
"category": "external",
"summary": "SUSE Bug 1239027 for CVE-2024-58080",
"url": "https://bugzilla.suse.com/1239027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don\u0027t emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58085",
"url": "https://www.suse.com/security/cve/CVE-2024-58085"
},
{
"category": "external",
"summary": "SUSE Bug 1239085 for CVE-2024-58085",
"url": "https://bugzilla.suse.com/1239085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58086",
"url": "https://www.suse.com/security/cve/CVE-2024-58086"
},
{
"category": "external",
"summary": "SUSE Bug 1239038 for CVE-2024-58086",
"url": "https://bugzilla.suse.com/1239038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2025-21631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix waker_bfqq UAF after bfq_split_bfqq()\n\nOur syzkaller report a following UAF for v6.6:\n\nBUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\nRead of size 8 at addr ffff8881b57147d8 by task fsstress/232726\n\nCPU: 2 PID: 232726 Comm: fsstress Not tainted 6.6.0-g3629d1885222 #39\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\n print_report+0x3e/0x70 mm/kasan/report.c:475\n kasan_report+0xb8/0xf0 mm/kasan/report.c:588\n hlist_add_head include/linux/list.h:1023 [inline]\n bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh+0x15e/0x2e0 fs/ext4/super.c:230\n __read_extent_tree_block+0x304/0x6f0 fs/ext4/extents.c:567\n ext4_find_extent+0x479/0xd20 fs/ext4/extents.c:947\n ext4_ext_map_blocks+0x1a3/0x2680 fs/ext4/extents.c:4182\n ext4_map_blocks+0x929/0x15a0 fs/ext4/inode.c:660\n ext4_iomap_begin_report+0x298/0x480 fs/ext4/inode.c:3569\n iomap_iter+0x3dd/0x1010 fs/iomap/iter.c:91\n iomap_fiemap+0x1f4/0x360 fs/iomap/fiemap.c:80\n ext4_fiemap+0x181/0x210 fs/ext4/extents.c:5051\n ioctl_fiemap.isra.0+0x1b4/0x290 fs/ioctl.c:220\n do_vfs_ioctl+0x31c/0x11a0 fs/ioctl.c:811\n __do_sys_ioctl fs/ioctl.c:869 [inline]\n __se_sys_ioctl+0xae/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nAllocated by task 232719:\n kasan_save_stack+0x22/0x50 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:768 [inline]\n slab_alloc_node mm/slub.c:3492 [inline]\n kmem_cache_alloc_node+0x1b8/0x6f0 mm/slub.c:3537\n bfq_get_queue+0x215/0x1f00 block/bfq-iosched.c:5869\n bfq_get_bfqq_handle_split+0x167/0x5f0 block/bfq-iosched.c:6776\n bfq_init_rq+0x13a4/0x17a0 block/bfq-iosched.c:6938\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh_nowait+0x15a/0x240 fs/ext4/super.c:217\n ext4_read_bh_lock+0xac/0xd0 fs/ext4/super.c:242\n ext4_bread_batch+0x268/0x500 fs/ext4/inode.c:958\n __ext4_find_entry+0x448/0x10f0 fs/ext4/namei.c:1671\n ext4_lookup_entry fs/ext4/namei.c:1774 [inline]\n ext4_lookup.part.0+0x359/0x6f0 fs/ext4/namei.c:1842\n ext4_lookup+0x72/0x90 fs/ext4/namei.c:1839\n __lookup_slow+0x257/0x480 fs/namei.c:1696\n lookup_slow fs/namei.c:1713 [inline]\n walk_component+0x454/0x5c0 fs/namei.c:2004\n link_path_walk.part.0+0x773/0xda0 fs/namei.c:2331\n link_path_walk fs/namei.c:3826 [inline]\n path_openat+0x1b9/0x520 fs/namei.c:3826\n do_filp_open+0x1b7/0x400 fs/namei.c:3857\n do_sys_openat2+0x5dc/0x6e0 fs/open.c:1428\n do_sys_open fs/open.c:1443 [inline]\n __do_sys_openat fs/open.c:1459 [inline]\n __se_sys_openat fs/open.c:1454 [inline]\n __x64_sys_openat+0x148/0x200 fs/open.c:1454\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_6\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21631",
"url": "https://www.suse.com/security/cve/CVE-2025-21631"
},
{
"category": "external",
"summary": "SUSE Bug 1236099 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "external",
"summary": "SUSE Bug 1236100 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: plpmtud_probe_interval: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.probe_interval\u0027 is\nused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21636",
"url": "https://www.suse.com/security/cve/CVE-2025-21636"
},
{
"category": "external",
"summary": "SUSE Bug 1236113 for CVE-2025-21636",
"url": "https://bugzilla.suse.com/1236113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21636"
},
{
"cve": "CVE-2025-21637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: udp_port: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21637",
"url": "https://www.suse.com/security/cve/CVE-2025-21637"
},
{
"category": "external",
"summary": "SUSE Bug 1236114 for CVE-2025-21637",
"url": "https://bugzilla.suse.com/1236114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21637"
},
{
"cve": "CVE-2025-21638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21638",
"url": "https://www.suse.com/security/cve/CVE-2025-21638"
},
{
"category": "external",
"summary": "SUSE Bug 1236115 for CVE-2025-21638",
"url": "https://bugzilla.suse.com/1236115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: rto_min/max: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.rto_min/max\u0027 is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21639",
"url": "https://www.suse.com/security/cve/CVE-2025-21639"
},
{
"category": "external",
"summary": "SUSE Bug 1236122 for CVE-2025-21639",
"url": "https://bugzilla.suse.com/1236122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.sctp_hmac_alg\u0027 is\nused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21640",
"url": "https://www.suse.com/security/cve/CVE-2025-21640"
},
{
"category": "external",
"summary": "SUSE Bug 1236123 for CVE-2025-21640",
"url": "https://bugzilla.suse.com/1236123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: sch_cake: add bounds checks to host bulk flow fairness counts\n\nEven though we fixed a logic error in the commit cited below, syzbot\nstill managed to trigger an underflow of the per-host bulk flow\ncounters, leading to an out of bounds memory access.\n\nTo avoid any such logic errors causing out of bounds memory accesses,\nthis commit factors out all accesses to the per-host bulk flow counters\nto a series of helpers that perform bounds-checking before any\nincrements and decrements. This also has the benefit of improving\nreadability by moving the conditional checks for the flow mode into\nthese helpers, instead of having them spread out throughout the\ncode (which was the cause of the original logic error).\n\nAs part of this change, the flow quantum calculation is consolidated\ninto a helper function, which means that the dithering applied to the\nost load scaling is now applied both in the DRR rotation and when a\nsparse flow\u0027s quantum is first initiated. The only user-visible effect\nof this is that the maximum packet size that can be sent while a flow\nstays sparse will now vary with +/- one byte in some cases. This should\nnot make a noticeable difference in practice, and thus it\u0027s not worth\ncomplicating the code to preserve the old behaviour.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21647",
"url": "https://www.suse.com/security/cve/CVE-2025-21647"
},
{
"category": "external",
"summary": "SUSE Bug 1236133 for CVE-2025-21647",
"url": "https://bugzilla.suse.com/1236133"
},
{
"category": "external",
"summary": "SUSE Bug 1236134 for CVE-2025-21647",
"url": "https://bugzilla.suse.com/1236134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21647"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: avoid truncating 64-bit offset to 32 bits\n\nOn 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a\n64-bit value to 32 bits, leading to a possible infinite loop when writing\nto an xfs filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21665",
"url": "https://www.suse.com/security/cve/CVE-2025-21665"
},
{
"category": "external",
"summary": "SUSE Bug 1236684 for CVE-2025-21665",
"url": "https://bugzilla.suse.com/1236684"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21665"
},
{
"cve": "CVE-2025-21666",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21666"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: prevent null-ptr-deref in vsock_*[has_data|has_space]\n\nRecent reports have shown how we sometimes call vsock_*_has_data()\nwhen a vsock socket has been de-assigned from a transport (see attached\nlinks), but we shouldn\u0027t.\n\nPrevious commits should have solved the real problems, but we may have\nmore in the future, so to avoid null-ptr-deref, we can return 0\n(no space, no data available) but with a warning.\n\nThis way the code should continue to run in a nearly consistent state\nand have a warning that allows us to debug future problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21666",
"url": "https://www.suse.com/security/cve/CVE-2025-21666"
},
{
"category": "external",
"summary": "SUSE Bug 1236680 for CVE-2025-21666",
"url": "https://bugzilla.suse.com/1236680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21666"
},
{
"cve": "CVE-2025-21667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: avoid avoid truncating 64-bit offset to 32 bits\n\non 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a\n32-bit position due to folio_next_index() returning an unsigned long.\nThis could lead to an infinite loop when writing to an xfs filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21667",
"url": "https://www.suse.com/security/cve/CVE-2025-21667"
},
{
"category": "external",
"summary": "SUSE Bug 1236681 for CVE-2025-21667",
"url": "https://bugzilla.suse.com/1236681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21667"
},
{
"cve": "CVE-2025-21668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: add missing loop break condition\n\nCurrently imx8mp_blk_ctrl_remove() will continue the for loop\nuntil an out-of-bounds exception occurs.\n\npstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : dev_pm_domain_detach+0x8/0x48\nlr : imx8mp_blk_ctrl_shutdown+0x58/0x90\nsp : ffffffc084f8bbf0\nx29: ffffffc084f8bbf0 x28: ffffff80daf32ac0 x27: 0000000000000000\nx26: ffffffc081658d78 x25: 0000000000000001 x24: ffffffc08201b028\nx23: ffffff80d0db9490 x22: ffffffc082340a78 x21: 00000000000005b0\nx20: ffffff80d19bc180 x19: 000000000000000a x18: ffffffffffffffff\nx17: ffffffc080a39e08 x16: ffffffc080a39c98 x15: 4f435f464f006c72\nx14: 0000000000000004 x13: ffffff80d0172110 x12: 0000000000000000\nx11: ffffff80d0537740 x10: ffffff80d05376c0 x9 : ffffffc0808ed2d8\nx8 : ffffffc084f8bab0 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : ffffff80d19b9420 x4 : fffffffe03466e60 x3 : 0000000080800077\nx2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000\nCall trace:\n dev_pm_domain_detach+0x8/0x48\n platform_shutdown+0x2c/0x48\n device_shutdown+0x158/0x268\n kernel_restart_prepare+0x40/0x58\n kernel_kexec+0x58/0xe8\n __do_sys_reboot+0x198/0x258\n __arm64_sys_reboot+0x2c/0x40\n invoke_syscall+0x5c/0x138\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x38/0xc8\n el0t_64_sync_handler+0x120/0x130\n el0t_64_sync+0x190/0x198\nCode: 8128c2d0 ffffffc0 aa1e03e9 d503201f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21668",
"url": "https://www.suse.com/security/cve/CVE-2025-21668"
},
{
"category": "external",
"summary": "SUSE Bug 1236682 for CVE-2025-21668",
"url": "https://bugzilla.suse.com/1236682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21668"
},
{
"cve": "CVE-2025-21669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: discard packets if the transport changes\n\nIf the socket has been de-assigned or assigned to another transport,\nwe must discard any packets received because they are not expected\nand would cause issues when we access vsk-\u003etransport.\n\nA possible scenario is described by Hyunwoo Kim in the attached link,\nwhere after a first connect() interrupted by a signal, and a second\nconnect() failed, we can find `vsk-\u003etransport` at NULL, leading to a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21669",
"url": "https://www.suse.com/security/cve/CVE-2025-21669"
},
{
"category": "external",
"summary": "SUSE Bug 1236683 for CVE-2025-21669",
"url": "https://bugzilla.suse.com/1236683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21669"
},
{
"cve": "CVE-2025-21670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/bpf: return early if transport is not assigned\n\nSome of the core functions can only be called if the transport\nhas been assigned.\n\nAs Michal reported, a socket might have the transport at NULL,\nfor example after a failed connect(), causing the following trace:\n\n BUG: kernel NULL pointer dereference, address: 00000000000000a0\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 12faf8067 P4D 12faf8067 PUD 113670067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 15 UID: 0 PID: 1198 Comm: a.out Not tainted 6.13.0-rc2+\n RIP: 0010:vsock_connectible_has_data+0x1f/0x40\n Call Trace:\n vsock_bpf_recvmsg+0xca/0x5e0\n sock_recvmsg+0xb9/0xc0\n __sys_recvfrom+0xb3/0x130\n __x64_sys_recvfrom+0x20/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nSo we need to check the `vsk-\u003etransport` in vsock_bpf_recvmsg(),\nespecially for connected sockets (stream/seqpacket) as we already\ndo in __vsock_connectible_recvmsg().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21670",
"url": "https://www.suse.com/security/cve/CVE-2025-21670"
},
{
"category": "external",
"summary": "SUSE Bug 1236685 for CVE-2025-21670",
"url": "https://bugzilla.suse.com/1236685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21670"
},
{
"cve": "CVE-2025-21671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram-\u003etable without\nsetting it NULL. Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21671",
"url": "https://www.suse.com/security/cve/CVE-2025-21671"
},
{
"category": "external",
"summary": "SUSE Bug 1236692 for CVE-2025-21671",
"url": "https://bugzilla.suse.com/1236692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double free of TCP_Server_Info::hostname\n\nWhen shutting down the server in cifs_put_tcp_session(), cifsd thread\nmight be reconnecting to multiple DFS targets before it realizes it\nshould exit the loop, so @server-\u003ehostname can\u0027t be freed as long as\ncifsd thread isn\u0027t done. Otherwise the following can happen:\n\n RIP: 0010:__slab_free+0x223/0x3c0\n Code: 5e 41 5f c3 cc cc cc cc 4c 89 de 4c 89 cf 44 89 44 24 08 4c 89\n 1c 24 e8 fb cf 8e 00 44 8b 44 24 08 4c 8b 1c 24 e9 5f fe ff ff \u003c0f\u003e\n 0b 41 f7 45 08 00 0d 21 00 0f 85 2d ff ff ff e9 1f ff ff ff 80\n RSP: 0018:ffffb26180dbfd08 EFLAGS: 00010246\n RAX: ffff8ea34728e510 RBX: ffff8ea34728e500 RCX: 0000000000800068\n RDX: 0000000000800068 RSI: 0000000000000000 RDI: ffff8ea340042400\n RBP: ffffe112041ca380 R08: 0000000000000001 R09: 0000000000000000\n R10: 6170732e31303000 R11: 70726f632e786563 R12: ffff8ea34728e500\n R13: ffff8ea340042400 R14: ffff8ea34728e500 R15: 0000000000800068\n FS: 0000000000000000(0000) GS:ffff8ea66fd80000(0000)\n 000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc25376080 CR3: 000000012a2ba001 CR4:\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __reconnect_target_unlocked+0x3e/0x160 [cifs]\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0xce/0x120\n ? __slab_free+0x223/0x3c0\n ? do_error_trap+0x65/0x80\n ? __slab_free+0x223/0x3c0\n ? exc_invalid_op+0x4e/0x70\n ? __slab_free+0x223/0x3c0\n ? asm_exc_invalid_op+0x16/0x20\n ? __slab_free+0x223/0x3c0\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? __kmalloc+0x4b/0x140\n __reconnect_target_unlocked+0x3e/0x160 [cifs]\n reconnect_dfs_server+0x145/0x430 [cifs]\n cifs_handle_standard+0x1ad/0x1d0 [cifs]\n cifs_demultiplex_thread+0x592/0x730 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21673",
"url": "https://www.suse.com/security/cve/CVE-2025-21673"
},
{
"category": "external",
"summary": "SUSE Bug 1236689 for CVE-2025-21673",
"url": "https://bugzilla.suse.com/1236689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21673"
},
{
"cve": "CVE-2025-21675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Clear port select structure when fail to create\n\nClear the port select structure on error so no stale values left after\ndefiners are destroyed. That\u0027s because the mlx5_lag_destroy_definers()\nalways try to destroy all lag definers in the tt_map, so in the flow\nbelow lag definers get double-destroyed and cause kernel crash:\n\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() \u003c- Failed on tt 1\n mlx5_lag_destroy_definers() \u003c- definers[tt=0] gets destroyed\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() \u003c- Failed on tt 0\n mlx5_lag_destroy_definers() \u003c- definers[tt=0] gets double-destroyed\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008\n Mem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 64k pages, 48-bit VAs, pgdp=0000000112ce2e00\n [0000000000000008] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n Modules linked in: iptable_raw bonding ip_gre ip6_gre gre ip6_tunnel tunnel6 geneve ip6_udp_tunnel udp_tunnel ipip tunnel4 ip_tunnel rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) mlx5_fwctl(OE) fwctl(OE) mlx5_core(OE) mlxdevm(OE) ib_core(OE) mlxfw(OE) memtrack(OE) mlx_compat(OE) openvswitch nsh nf_conncount psample xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc netconsole overlay efi_pstore sch_fq_codel zram ip_tables crct10dif_ce qemu_fw_cfg fuse ipv6 crc_ccitt [last unloaded: mlx_compat(OE)]\n CPU: 3 UID: 0 PID: 217 Comm: kworker/u53:2 Tainted: G OE 6.11.0+ #2\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n Workqueue: mlx5_lag mlx5_do_bond_work [mlx5_core]\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n lr : mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n sp : ffff800085fafb00\n x29: ffff800085fafb00 x28: ffff0000da0c8000 x27: 0000000000000000\n x26: ffff0000da0c8000 x25: ffff0000da0c8000 x24: ffff0000da0c8000\n x23: ffff0000c31f81a0 x22: 0400000000000000 x21: ffff0000da0c8000\n x20: 0000000000000000 x19: 0000000000000001 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffff8b0c9350\n x14: 0000000000000000 x13: ffff800081390d18 x12: ffff800081dc3cc0\n x11: 0000000000000001 x10: 0000000000000b10 x9 : ffff80007ab7304c\n x8 : ffff0000d00711f0 x7 : 0000000000000004 x6 : 0000000000000190\n x5 : ffff00027edb3010 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : ffff0000d39b8000 x1 : ffff0000d39b8000 x0 : 0400000000000000\n Call trace:\n mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n mlx5_lag_destroy_definers+0xa0/0x108 [mlx5_core]\n mlx5_lag_port_sel_create+0x2d4/0x6f8 [mlx5_core]\n mlx5_activate_lag+0x60c/0x6f8 [mlx5_core]\n mlx5_do_bond_work+0x284/0x5c8 [mlx5_core]\n process_one_work+0x170/0x3e0\n worker_thread+0x2d8/0x3e0\n kthread+0x11c/0x128\n ret_from_fork+0x10/0x20\n Code: a9025bf5 aa0003f6 a90363f7 f90023f9 (f9400400)\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21675",
"url": "https://www.suse.com/security/cve/CVE-2025-21675"
},
{
"category": "external",
"summary": "SUSE Bug 1236694 for CVE-2025-21675",
"url": "https://bugzilla.suse.com/1236694"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21675"
},
{
"cve": "CVE-2025-21678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Destroy device along with udp socket\u0027s netns dismantle.\n\ngtp_newlink() links the device to a list in dev_net(dev) instead of\nsrc_net, where a udp tunnel socket is created.\n\nEven when src_net is removed, the device stays alive on dev_net(dev).\nThen, removing src_net triggers the splat below. [0]\n\nIn this example, gtp0 is created in ns2, and the udp socket is created\nin ns1.\n\n ip netns add ns1\n ip netns add ns2\n ip -n ns1 link add netns ns2 name gtp0 type gtp role sgsn\n ip netns del ns1\n\nLet\u0027s link the device to the socket\u0027s netns instead.\n\nNow, gtp_net_exit_batch_rtnl() needs another netdev iteration to remove\nall gtp devices in the netns.\n\n[0]:\nref_tracker: net notrefcnt@000000003d6e7d05 has 1/2 users at\n sk_alloc (./include/net/net_namespace.h:345 net/core/sock.c:2236)\n inet_create (net/ipv4/af_inet.c:326 net/ipv4/af_inet.c:252)\n __sock_create (net/socket.c:1558)\n udp_sock_create4 (net/ipv4/udp_tunnel_core.c:18)\n gtp_create_sock (./include/net/udp_tunnel.h:59 drivers/net/gtp.c:1423)\n gtp_create_sockets (drivers/net/gtp.c:1447)\n gtp_newlink (drivers/net/gtp.c:1507)\n rtnl_newlink (net/core/rtnetlink.c:3786 net/core/rtnetlink.c:3897 net/core/rtnetlink.c:4012)\n rtnetlink_rcv_msg (net/core/rtnetlink.c:6922)\n netlink_rcv_skb (net/netlink/af_netlink.c:2542)\n netlink_unicast (net/netlink/af_netlink.c:1321 net/netlink/af_netlink.c:1347)\n netlink_sendmsg (net/netlink/af_netlink.c:1891)\n ____sys_sendmsg (net/socket.c:711 net/socket.c:726 net/socket.c:2583)\n ___sys_sendmsg (net/socket.c:2639)\n __sys_sendmsg (net/socket.c:2669)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n\nWARNING: CPU: 1 PID: 60 at lib/ref_tracker.c:179 ref_tracker_dir_exit (lib/ref_tracker.c:179)\nModules linked in:\nCPU: 1 UID: 0 PID: 60 Comm: kworker/u16:2 Not tainted 6.13.0-rc5-00147-g4c1224501e9d #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:ref_tracker_dir_exit (lib/ref_tracker.c:179)\nCode: 00 00 00 fc ff df 4d 8b 26 49 bd 00 01 00 00 00 00 ad de 4c 39 f5 0f 85 df 00 00 00 48 8b 74 24 08 48 89 df e8 a5 cc 12 02 90 \u003c0f\u003e 0b 90 48 8d 6b 44 be 04 00 00 00 48 89 ef e8 80 de 67 ff 48 89\nRSP: 0018:ff11000009a07b60 EFLAGS: 00010286\nRAX: 0000000000002bd3 RBX: ff1100000f4e1aa0 RCX: 1ffffffff0e40ac6\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8423ee3c\nRBP: ff1100000f4e1af0 R08: 0000000000000001 R09: fffffbfff0e395ae\nR10: 0000000000000001 R11: 0000000000036001 R12: ff1100000f4e1af0\nR13: dead000000000100 R14: ff1100000f4e1af0 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ff1100006ce80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9b2464bd98 CR3: 0000000005286005 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn (kernel/panic.c:748)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:285)\n ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:97 ./arch/x86/include/asm/irqflags.h:155 ./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:158)\n ? kfree (mm/slub.c:4613 mm/slub.c:4761)\n net_free (net/core/net_namespace.c:476 net/core/net_namespace.c:467)\n cleanup_net (net/core/net_namespace.c:664 (discriminator 3))\n process_one_work (kernel/workqueue.c:3229)\n worker_thread (kernel/workqueue.c:3304 kernel/workqueue.c:3391\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21678",
"url": "https://www.suse.com/security/cve/CVE-2025-21678"
},
{
"category": "external",
"summary": "SUSE Bug 1236698 for CVE-2025-21678",
"url": "https://bugzilla.suse.com/1236698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21678"
},
{
"cve": "CVE-2025-21680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npktgen: Avoid out-of-bounds access in get_imix_entries\n\nPassing a sufficient amount of imix entries leads to invalid access to the\npkt_dev-\u003eimix_entries array because of the incorrect boundary check.\n\nUBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24\nindex 20 is out of range for type \u0027imix_pkt [20]\u0027\nCPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl lib/dump_stack.c:117\n__ubsan_handle_out_of_bounds lib/ubsan.c:429\nget_imix_entries net/core/pktgen.c:874\npktgen_if_write net/core/pktgen.c:1063\npde_write fs/proc/inode.c:334\nproc_reg_write fs/proc/inode.c:346\nvfs_write fs/read_write.c:593\nksys_write fs/read_write.c:644\ndo_syscall_64 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[ fp: allow to fill the array completely; minor changelog cleanup ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21680",
"url": "https://www.suse.com/security/cve/CVE-2025-21680"
},
{
"category": "external",
"summary": "SUSE Bug 1236700 for CVE-2025-21680",
"url": "https://bugzilla.suse.com/1236700"
},
{
"category": "external",
"summary": "SUSE Bug 1236701 for CVE-2025-21680",
"url": "https://bugzilla.suse.com/1236701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21680"
},
{
"cve": "CVE-2025-21681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix lockup on tx to unregistering netdev with carrier\n\nCommit in a fixes tag attempted to fix the issue in the following\nsequence of calls:\n\n do_output\n -\u003e ovs_vport_send\n -\u003e dev_queue_xmit\n -\u003e __dev_queue_xmit\n -\u003e netdev_core_pick_tx\n -\u003e skb_tx_hash\n\nWhen device is unregistering, the \u0027dev-\u003ereal_num_tx_queues\u0027 goes to\nzero and the \u0027while (unlikely(hash \u003e= qcount))\u0027 loop inside the\n\u0027skb_tx_hash\u0027 becomes infinite, locking up the core forever.\n\nBut unfortunately, checking just the carrier status is not enough to\nfix the issue, because some devices may still be in unregistering\nstate while reporting carrier status OK.\n\nOne example of such device is a net/dummy. It sets carrier ON\non start, but it doesn\u0027t implement .ndo_stop to set the carrier off.\nAnd it makes sense, because dummy doesn\u0027t really have a carrier.\nTherefore, while this device is unregistering, it\u0027s still easy to hit\nthe infinite loop in the skb_tx_hash() from the OVS datapath. There\nmight be other drivers that do the same, but dummy by itself is\nimportant for the OVS ecosystem, because it is frequently used as a\npacket sink for tcpdump while debugging OVS deployments. And when the\nissue is hit, the only way to recover is to reboot.\n\nFix that by also checking if the device is running. The running\nstate is handled by the net core during unregistering, so it covers\nunregistering case better, and we don\u0027t really need to send packets\nto devices that are not running anyway.\n\nWhile only checking the running state might be enough, the carrier\ncheck is preserved. The running and the carrier states seem disjoined\nthroughout the code and different drivers. And other core functions\nlike __dev_direct_xmit() check both before attempting to transmit\na packet. So, it seems safer to check both flags in OVS as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21681",
"url": "https://www.suse.com/security/cve/CVE-2025-21681"
},
{
"category": "external",
"summary": "SUSE Bug 1236702 for CVE-2025-21681",
"url": "https://bugzilla.suse.com/1236702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21681"
},
{
"cve": "CVE-2025-21684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: xilinx: Convert gpio_lock to raw spinlock\n\nirq_chip functions may be called in raw spinlock context. Therefore, we\nmust also use a raw spinlock for our own internal locking.\n\nThis fixes the following lockdep splat:\n\n[ 5.349336] =============================\n[ 5.353349] [ BUG: Invalid wait context ]\n[ 5.357361] 6.13.0-rc5+ #69 Tainted: G W\n[ 5.363031] -----------------------------\n[ 5.367045] kworker/u17:1/44 is trying to lock:\n[ 5.371587] ffffff88018b02c0 (\u0026chip-\u003egpio_lock){....}-{3:3}, at: xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.380079] other info that might help us debug this:\n[ 5.385138] context-{5:5}\n[ 5.387762] 5 locks held by kworker/u17:1/44:\n[ 5.392123] #0: ffffff8800014958 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3204)\n[ 5.402260] #1: ffffffc082fcbdd8 (deferred_probe_work){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3205)\n[ 5.411528] #2: ffffff880172c900 (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach (drivers/base/dd.c:1006)\n[ 5.419929] #3: ffffff88039c8268 (request_class#2){+.+.}-{4:4}, at: __setup_irq (kernel/irq/internals.h:156 kernel/irq/manage.c:1596)\n[ 5.428331] #4: ffffff88039c80c8 (lock_class#2){....}-{2:2}, at: __setup_irq (kernel/irq/manage.c:1614)\n[ 5.436472] stack backtrace:\n[ 5.439359] CPU: 2 UID: 0 PID: 44 Comm: kworker/u17:1 Tainted: G W 6.13.0-rc5+ #69\n[ 5.448690] Tainted: [W]=WARN\n[ 5.451656] Hardware name: xlnx,zynqmp (DT)\n[ 5.455845] Workqueue: events_unbound deferred_probe_work_func\n[ 5.461699] Call trace:\n[ 5.464147] show_stack+0x18/0x24 C\n[ 5.467821] dump_stack_lvl (lib/dump_stack.c:123)\n[ 5.471501] dump_stack (lib/dump_stack.c:130)\n[ 5.474824] __lock_acquire (kernel/locking/lockdep.c:4828 kernel/locking/lockdep.c:4898 kernel/locking/lockdep.c:5176)\n[ 5.478758] lock_acquire (arch/arm64/include/asm/percpu.h:40 kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851 kernel/locking/lockdep.c:5814)\n[ 5.482429] _raw_spin_lock_irqsave (include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 5.486797] xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.490737] irq_enable (kernel/irq/internals.h:236 kernel/irq/chip.c:170 kernel/irq/chip.c:439 kernel/irq/chip.c:432 kernel/irq/chip.c:345)\n[ 5.494060] __irq_startup (kernel/irq/internals.h:241 kernel/irq/chip.c:180 kernel/irq/chip.c:250)\n[ 5.497645] irq_startup (kernel/irq/chip.c:270)\n[ 5.501143] __setup_irq (kernel/irq/manage.c:1807)\n[ 5.504728] request_threaded_irq (kernel/irq/manage.c:2208)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21684",
"url": "https://www.suse.com/security/cve/CVE-2025-21684"
},
{
"category": "external",
"summary": "SUSE Bug 1236952 for CVE-2025-21684",
"url": "https://bugzilla.suse.com/1236952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21684"
},
{
"cve": "CVE-2025-21687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/platform: check the bounds of read/write syscalls\n\ncount and offset are passed from user space and not checked, only\noffset is capped to 40 bits, which can be used to read/write out of\nbounds of the device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21687",
"url": "https://www.suse.com/security/cve/CVE-2025-21687"
},
{
"category": "external",
"summary": "SUSE Bug 1237045 for CVE-2025-21687",
"url": "https://bugzilla.suse.com/1237045"
},
{
"category": "external",
"summary": "SUSE Bug 1237046 for CVE-2025-21687",
"url": "https://bugzilla.suse.com/1237046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21687"
},
{
"cve": "CVE-2025-21688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Assign job pointer to NULL before signaling the fence\n\nIn commit e4b5ccd392b9 (\"drm/v3d: Ensure job pointer is set to NULL\nafter job completion\"), we introduced a change to assign the job pointer\nto NULL after completing a job, indicating job completion.\n\nHowever, this approach created a race condition between the DRM\nscheduler workqueue and the IRQ execution thread. As soon as the fence is\nsignaled in the IRQ execution thread, a new job starts to be executed.\nThis results in a race condition where the IRQ execution thread sets the\njob pointer to NULL simultaneously as the `run_job()` function assigns\na new job to the pointer.\n\nThis race condition can lead to a NULL pointer dereference if the IRQ\nexecution thread sets the job pointer to NULL after `run_job()` assigns\nit to the new job. When the new job completes and the GPU emits an\ninterrupt, `v3d_irq()` is triggered, potentially causing a crash.\n\n[ 466.310099] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000c0\n[ 466.318928] Mem abort info:\n[ 466.321723] ESR = 0x0000000096000005\n[ 466.325479] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 466.330807] SET = 0, FnV = 0\n[ 466.333864] EA = 0, S1PTW = 0\n[ 466.337010] FSC = 0x05: level 1 translation fault\n[ 466.341900] Data abort info:\n[ 466.344783] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n[ 466.350285] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 466.355350] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 466.360677] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000089772000\n[ 466.367140] [00000000000000c0] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 466.375875] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n[ 466.382163] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device algif_hash algif_skcipher af_alg bnep binfmt_misc vc4 snd_soc_hdmi_codec drm_display_helper cec brcmfmac_wcc spidev rpivid_hevc(C) drm_client_lib brcmfmac hci_uart drm_dma_helper pisp_be btbcm brcmutil snd_soc_core aes_ce_blk v4l2_mem2mem bluetooth aes_ce_cipher snd_compress videobuf2_dma_contig ghash_ce cfg80211 gf128mul snd_pcm_dmaengine videobuf2_memops ecdh_generic sha2_ce ecc videobuf2_v4l2 snd_pcm v3d sha256_arm64 rfkill videodev snd_timer sha1_ce libaes gpu_sched snd videobuf2_common sha1_generic drm_shmem_helper mc rp1_pio drm_kms_helper raspberrypi_hwmon spi_bcm2835 gpio_keys i2c_brcmstb rp1 raspberrypi_gpiomem rp1_mailbox rp1_adc nvmem_rmem uio_pdrv_genirq uio i2c_dev drm ledtrig_pattern drm_panel_orientation_quirks backlight fuse dm_mod ip_tables x_tables ipv6\n[ 466.458429] CPU: 0 UID: 1000 PID: 2008 Comm: chromium Tainted: G C 6.13.0-v8+ #18\n[ 466.467336] Tainted: [C]=CRAP\n[ 466.470306] Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT)\n[ 466.476157] pstate: 404000c9 (nZcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 466.483143] pc : v3d_irq+0x118/0x2e0 [v3d]\n[ 466.487258] lr : __handle_irq_event_percpu+0x60/0x228\n[ 466.492327] sp : ffffffc080003ea0\n[ 466.495646] x29: ffffffc080003ea0 x28: ffffff80c0c94200 x27: 0000000000000000\n[ 466.502807] x26: ffffffd08dd81d7b x25: ffffff80c0c94200 x24: ffffff8003bdc200\n[ 466.509969] x23: 0000000000000001 x22: 00000000000000a7 x21: 0000000000000000\n[ 466.517130] x20: ffffff8041bb0000 x19: 0000000000000001 x18: 0000000000000000\n[ 466.524291] x17: ffffffafadfb0000 x16: ffffffc080000000 x15: 0000000000000000\n[ 466.531452] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n[ 466.538613] x11: 0000000000000000 x10: 0000000000000000 x9 : ffffffd08c527eb0\n[ 466.545777] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n[ 466.552941] x5 : ffffffd08c4100d0 x4 : ffffffafadfb0000 x3 : ffffffc080003f70\n[ 466.560102] x2 : ffffffc0829e8058 x1 : 0000000000000001 x0 : 0000000000000000\n[ 466.567263] Call trace:\n[ 466.569711] v3d_irq+0x118/0x2e0 [v3d] (P)\n[ 466.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21688",
"url": "https://www.suse.com/security/cve/CVE-2025-21688"
},
{
"category": "external",
"summary": "SUSE Bug 1237007 for CVE-2025-21688",
"url": "https://bugzilla.suse.com/1237007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21688"
},
{
"cve": "CVE-2025-21689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()\n\nThis patch addresses a null-ptr-deref in qt2_process_read_urb() due to\nan incorrect bounds check in the following:\n\n if (newport \u003e serial-\u003enum_ports) {\n dev_err(\u0026port-\u003edev,\n \"%s - port change to invalid port: %i\\n\",\n __func__, newport);\n break;\n }\n\nThe condition doesn\u0027t account for the valid range of the serial-\u003eport\nbuffer, which is from 0 to serial-\u003enum_ports - 1. When newport is equal\nto serial-\u003enum_ports, the assignment of \"port\" in the\nfollowing code is out-of-bounds and NULL:\n\n serial_priv-\u003ecurrent_port = newport;\n port = serial-\u003eport[serial_priv-\u003ecurrent_port];\n\nThe fix checks if newport is greater than or equal to serial-\u003enum_ports\nindicating it is out-of-bounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21689",
"url": "https://www.suse.com/security/cve/CVE-2025-21689"
},
{
"category": "external",
"summary": "SUSE Bug 1237017 for CVE-2025-21689",
"url": "https://bugzilla.suse.com/1237017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21689"
},
{
"cve": "CVE-2025-21690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Ratelimit warning logs to prevent VM denial of service\n\nIf there\u0027s a persistent error in the hypervisor, the SCSI warning for\nfailed I/O can flood the kernel log and max out CPU utilization,\npreventing troubleshooting from the VM side. Ratelimit the warning so\nit doesn\u0027t DoS the VM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21690",
"url": "https://www.suse.com/security/cve/CVE-2025-21690"
},
{
"category": "external",
"summary": "SUSE Bug 1237025 for CVE-2025-21690",
"url": "https://bugzilla.suse.com/1237025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21690"
},
{
"cve": "CVE-2025-21692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ets qdisc OOB Indexing\n\nHaowei Yan \u003cg1042620637@gmail.com\u003e found that ets_class_from_arg() can\nindex an Out-Of-Bound class in ets_class_from_arg() when passed clid of\n0. The overflow may cause local privilege escalation.\n\n [ 18.852298] ------------[ cut here ]------------\n [ 18.853271] UBSAN: array-index-out-of-bounds in net/sched/sch_ets.c:93:20\n [ 18.853743] index 18446744073709551615 is out of range for type \u0027ets_class [16]\u0027\n [ 18.854254] CPU: 0 UID: 0 PID: 1275 Comm: poc Not tainted 6.12.6-dirty #17\n [ 18.854821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [ 18.856532] Call Trace:\n [ 18.857441] \u003cTASK\u003e\n [ 18.858227] dump_stack_lvl+0xc2/0xf0\n [ 18.859607] dump_stack+0x10/0x20\n [ 18.860908] __ubsan_handle_out_of_bounds+0xa7/0xf0\n [ 18.864022] ets_class_change+0x3d6/0x3f0\n [ 18.864322] tc_ctl_tclass+0x251/0x910\n [ 18.864587] ? lock_acquire+0x5e/0x140\n [ 18.865113] ? __mutex_lock+0x9c/0xe70\n [ 18.866009] ? __mutex_lock+0xa34/0xe70\n [ 18.866401] rtnetlink_rcv_msg+0x170/0x6f0\n [ 18.866806] ? __lock_acquire+0x578/0xc10\n [ 18.867184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n [ 18.867503] netlink_rcv_skb+0x59/0x110\n [ 18.867776] rtnetlink_rcv+0x15/0x30\n [ 18.868159] netlink_unicast+0x1c3/0x2b0\n [ 18.868440] netlink_sendmsg+0x239/0x4b0\n [ 18.868721] ____sys_sendmsg+0x3e2/0x410\n [ 18.869012] ___sys_sendmsg+0x88/0xe0\n [ 18.869276] ? rseq_ip_fixup+0x198/0x260\n [ 18.869563] ? rseq_update_cpu_node_id+0x10a/0x190\n [ 18.869900] ? trace_hardirqs_off+0x5a/0xd0\n [ 18.870196] ? syscall_exit_to_user_mode+0xcc/0x220\n [ 18.870547] ? do_syscall_64+0x93/0x150\n [ 18.870821] ? __memcg_slab_free_hook+0x69/0x290\n [ 18.871157] __sys_sendmsg+0x69/0xd0\n [ 18.871416] __x64_sys_sendmsg+0x1d/0x30\n [ 18.871699] x64_sys_call+0x9e2/0x2670\n [ 18.871979] do_syscall_64+0x87/0x150\n [ 18.873280] ? do_syscall_64+0x93/0x150\n [ 18.874742] ? lock_release+0x7b/0x160\n [ 18.876157] ? do_user_addr_fault+0x5ce/0x8f0\n [ 18.877833] ? irqentry_exit_to_user_mode+0xc2/0x210\n [ 18.879608] ? irqentry_exit+0x77/0xb0\n [ 18.879808] ? clear_bhb_loop+0x15/0x70\n [ 18.880023] ? clear_bhb_loop+0x15/0x70\n [ 18.880223] ? clear_bhb_loop+0x15/0x70\n [ 18.880426] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [ 18.880683] RIP: 0033:0x44a957\n [ 18.880851] Code: ff ff e8 fc 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 8974 24 10\n [ 18.881766] RSP: 002b:00007ffcdd00fad8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n [ 18.882149] RAX: ffffffffffffffda RBX: 00007ffcdd010db8 RCX: 000000000044a957\n [ 18.882507] RDX: 0000000000000000 RSI: 00007ffcdd00fb70 RDI: 0000000000000003\n [ 18.885037] RBP: 00007ffcdd010bc0 R08: 000000000703c770 R09: 000000000703c7c0\n [ 18.887203] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001\n [ 18.888026] R13: 00007ffcdd010da8 R14: 00000000004ca7d0 R15: 0000000000000001\n [ 18.888395] \u003c/TASK\u003e\n [ 18.888610] ---[ end trace ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21692",
"url": "https://www.suse.com/security/cve/CVE-2025-21692"
},
{
"category": "external",
"summary": "SUSE Bug 1237028 for CVE-2025-21692",
"url": "https://bugzilla.suse.com/1237028"
},
{
"category": "external",
"summary": "SUSE Bug 1237048 for CVE-2025-21692",
"url": "https://bugzilla.suse.com/1237048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21692"
},
{
"cve": "CVE-2025-21693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that\u0027s discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21693",
"url": "https://www.suse.com/security/cve/CVE-2025-21693"
},
{
"category": "external",
"summary": "SUSE Bug 1237029 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "external",
"summary": "SUSE Bug 1237047 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Ensure job pointer is set to NULL after job completion\n\nAfter a job completes, the corresponding pointer in the device must\nbe set to NULL. Failing to do so triggers a warning when unloading\nthe driver, as it appears the job is still active. To prevent this,\nassign the job pointer to NULL after completing the job, indicating\nthe job has finished.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21697",
"url": "https://www.suse.com/security/cve/CVE-2025-21697"
},
{
"category": "external",
"summary": "SUSE Bug 1237132 for CVE-2025-21697",
"url": "https://bugzilla.suse.com/1237132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "low"
}
],
"title": "CVE-2025-21697"
},
{
"cve": "CVE-2025-21699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Truncate address space when flipping GFS2_DIF_JDATA flag\n\nTruncate an inode\u0027s address space when flipping the GFS2_DIF_JDATA flag:\ndepending on that flag, the pages in the address space will either use\nbuffer heads or iomap_folio_state structs, and we cannot mix the two.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21699",
"url": "https://www.suse.com/security/cve/CVE-2025-21699"
},
{
"category": "external",
"summary": "SUSE Bug 1237139 for CVE-2025-21699",
"url": "https://bugzilla.suse.com/1237139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21699"
},
{
"cve": "CVE-2025-21700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug \u003c=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann \u003cnnamrec@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21700",
"url": "https://www.suse.com/security/cve/CVE-2025-21700"
},
{
"category": "external",
"summary": "SUSE Bug 1237159 for CVE-2025-21700",
"url": "https://bugzilla.suse.com/1237159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdc-acm: Check control transfer buffer size before access\n\nIf the first fragment is shorter than struct usb_cdc_notification, we can\u0027t\ncalculate an expected_size. Log an error and discard the notification\ninstead of reading lengths from memory outside the received data, which can\nlead to memory corruption when the expected_size decreases between\nfragments, causing `expected_size - acm-\u003enb_index` to wrap.\n\nThis issue has been present since the beginning of git history; however,\nit only leads to memory corruption since commit ea2583529cd1\n(\"cdc-acm: reassemble fragmented notifications\").\n\nA mitigating factor is that acm_ctrl_irq() can only execute after userspace\nhas opened /dev/ttyACM*; but if ModemManager is running, ModemManager will\ndo that automatically depending on the USB device\u0027s vendor/product IDs and\nits other interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21704",
"url": "https://www.suse.com/security/cve/CVE-2025-21704"
},
{
"category": "external",
"summary": "SUSE Bug 1237571 for CVE-2025-21704",
"url": "https://bugzilla.suse.com/1237571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle fastopen disconnect correctly\n\nSyzbot was able to trigger a data stream corruption:\n\n WARNING: CPU: 0 PID: 9846 at net/mptcp/protocol.c:1024 __mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Modules linked in:\n CPU: 0 UID: 0 PID: 9846 Comm: syz-executor351 Not tainted 6.13.0-rc2-syzkaller-00059-g00a5acdbf398 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\n RIP: 0010:__mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Code: fa ff ff 48 8b 4c 24 18 80 e1 07 fe c1 38 c1 0f 8c 8e fa ff ff 48 8b 7c 24 18 e8 e0 db 54 f6 e9 7f fa ff ff e8 e6 80 ee f5 90 \u003c0f\u003e 0b 90 4c 8b 6c 24 40 4d 89 f4 e9 04 f5 ff ff 44 89 f1 80 e1 07\n RSP: 0018:ffffc9000c0cf400 EFLAGS: 00010293\n RAX: ffffffff8bb0dd5a RBX: ffff888033f5d230 RCX: ffff888059ce8000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000c0cf518 R08: ffffffff8bb0d1dd R09: 1ffff110170c8928\n R10: dffffc0000000000 R11: ffffed10170c8929 R12: 0000000000000000\n R13: ffff888033f5d220 R14: dffffc0000000000 R15: ffff8880592b8000\n FS: 00007f6e866496c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f6e86f491a0 CR3: 00000000310e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup+0x7f/0x2d0 net/mptcp/protocol.c:1074\n mptcp_release_cb+0x7cb/0xb30 net/mptcp/protocol.c:3493\n release_sock+0x1aa/0x1f0 net/core/sock.c:3640\n inet_wait_for_connect net/ipv4/af_inet.c:609 [inline]\n __inet_stream_connect+0x8bd/0xf30 net/ipv4/af_inet.c:703\n mptcp_sendmsg_fastopen+0x2a2/0x530 net/mptcp/protocol.c:1755\n mptcp_sendmsg+0x1884/0x1b10 net/mptcp/protocol.c:1830\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f6e86ebfe69\n Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f6e86649168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f6e86f491b8 RCX: 00007f6e86ebfe69\n RDX: 0000000030004001 RSI: 0000000020000080 RDI: 0000000000000003\n RBP: 00007f6e86f491b0 R08: 00007f6e866496c0 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6e86f491bc\n R13: 000000000000006e R14: 00007ffe445d9420 R15: 00007ffe445d9508\n \u003c/TASK\u003e\n\nThe root cause is the bad handling of disconnect() generated internally\nby the MPTCP protocol in case of connect FASTOPEN errors.\n\nAddress the issue increasing the socket disconnect counter even on such\na case, to allow other threads waiting on the same socket lock to\nproperly error out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21705",
"url": "https://www.suse.com/security/cve/CVE-2025-21705"
},
{
"category": "external",
"summary": "SUSE Bug 1238525 for CVE-2025-21705",
"url": "https://bugzilla.suse.com/1238525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21705"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: enable basic endpoint checking\n\nSyzkaller reports [1] encountering a common issue of utilizing a wrong\nusb endpoint type during URB submitting stage. This, in turn, triggers\na warning shown below.\n\nFor now, enable simple endpoint checking (specifically, bulk and\ninterrupt eps, testing control one is not essential) to mitigate\nthe issue with a view to do other related cosmetic changes later,\nif they are necessary.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 1 PID: 2586 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 driv\u003e\nModules linked in:\nCPU: 1 UID: 0 PID: 2586 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00069-gfc88bb11617\u003e\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nCode: 84 3c 02 00 00 e8 05 e4 fc fc 4c 89 ef e8 fd 25 d7 fe 45 89 e0 89 e9 4c 89 f2 48 8\u003e\nRSP: 0018:ffffc9000441f740 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888112487a00 RCX: ffffffff811a99a9\nRDX: ffff88810df6ba80 RSI: ffffffff811a99b6 RDI: 0000000000000001\nRBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff8881023bf0a8 R14: ffff888112452a20 R15: ffff888112487a7c\nFS: 00007fc04eea5740(0000) GS:ffff8881f6300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0a1de9f870 CR3: 000000010dbd0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rtl8150_open+0x300/0xe30 drivers/net/usb/rtl8150.c:733\n __dev_open+0x2d4/0x4e0 net/core/dev.c:1474\n __dev_change_flags+0x561/0x720 net/core/dev.c:8838\n dev_change_flags+0x8f/0x160 net/core/dev.c:8910\n devinet_ioctl+0x127a/0x1f10 net/ipv4/devinet.c:1177\n inet_ioctl+0x3aa/0x3f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x116/0x280 net/socket.c:1222\n sock_ioctl+0x22e/0x6c0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fc04ef73d49\n...\n\nThis change has not been tested on real hardware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21708",
"url": "https://www.suse.com/security/cve/CVE-2025-21708"
},
{
"category": "external",
"summary": "SUSE Bug 1239087 for CVE-2025-21708",
"url": "https://bugzilla.suse.com/1239087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rose: prevent integer overflows in rose_setsockopt()\n\nIn case of possible unpredictably large arguments passed to\nrose_setsockopt() and multiplied by extra values on top of that,\ninteger overflows may occur.\n\nDo the safest minimum and fix these issues by checking the\ncontents of \u0027opt\u0027 and returning -EINVAL if they are too large. Also,\nswitch to unsigned int and remove useless check for negative \u0027opt\u0027\nin ROSE_IDLE case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21711",
"url": "https://www.suse.com/security/cve/CVE-2025-21711"
},
{
"category": "external",
"summary": "SUSE Bug 1239114 for CVE-2025-21711",
"url": "https://bugzilla.suse.com/1239114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP use after free\n\nPrevent double queueing of implicit ODP mr destroy work by using\n__xa_cmpxchg() to make sure this is the only time we are destroying this\nspecific mr.\n\nWithout this change, we could try to invalidate this mr twice, which in\nturn could result in queuing a MR work destroy twice, and eventually the\nsecond work could execute after the MR was freed due to the first work,\ncausing a user after free and trace below.\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 2 PID: 12178 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x130\n Modules linked in: bonding ib_ipoib vfio_pci ip_gre geneve nf_tables ip6_gre gre ip6_tunnel tunnel6 ipip tunnel4 ib_umad rdma_ucm mlx5_vfio_pci vfio_pci_core vfio_iommu_type1 mlx5_ib vfio ib_uverbs mlx5_core iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\n CPU: 2 PID: 12178 Comm: kworker/u20:5 Not tainted 6.5.0-rc1_net_next_mlx5_58c644e #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events_unbound free_implicit_child_mr_work [mlx5_ib]\n RIP: 0010:refcount_warn_saturate+0x12b/0x130\n Code: 48 c7 c7 38 95 2a 82 c6 05 bc c6 fe 00 01 e8 0c 66 aa ff 0f 0b 5b c3 48 c7 c7 e0 94 2a 82 c6 05 a7 c6 fe 00 01 e8 f5 65 aa ff \u003c0f\u003e 0b 5b c3 90 8b 07 3d 00 00 00 c0 74 12 83 f8 01 74 13 8d 50 ff\n RSP: 0018:ffff8881008e3e40 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000027\n RDX: ffff88852c91b5c8 RSI: 0000000000000001 RDI: ffff88852c91b5c0\n RBP: ffff8881dacd4e00 R08: 00000000ffffffff R09: 0000000000000019\n R10: 000000000000072e R11: 0000000063666572 R12: ffff88812bfd9e00\n R13: ffff8881c792d200 R14: ffff88810011c005 R15: ffff8881002099c0\n FS: 0000000000000000(0000) GS:ffff88852c900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5694b5e000 CR3: 00000001153f6003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0x12b/0x130\n free_implicit_child_mr_work+0x180/0x1b0 [mlx5_ib]\n process_one_work+0x1cc/0x3c0\n worker_thread+0x218/0x3c0\n kthread+0xc6/0xf0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21714",
"url": "https://www.suse.com/security/cve/CVE-2025-21714"
},
{
"category": "external",
"summary": "SUSE Bug 1237890 for CVE-2025-21714",
"url": "https://bugzilla.suse.com/1237890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: davicom: fix UAF in dm9000_drv_remove\n\ndm is netdev private data and it cannot be\nused after free_netdev() call. Using dm after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.\n\nThis is similar to the issue fixed in commit\nad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\").\n\nThis bug is detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21715",
"url": "https://www.suse.com/security/cve/CVE-2025-21715"
},
{
"category": "external",
"summary": "SUSE Bug 1237889 for CVE-2025-21715",
"url": "https://bugzilla.suse.com/1237889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21715"
},
{
"cve": "CVE-2025-21716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21716"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: Fix uninit-value in vxlan_vnifilter_dump()\n\nKMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1].\n\nIf the length of the netlink message payload is less than\nsizeof(struct tunnel_msg), vxlan_vnifilter_dump() accesses bytes\nbeyond the message. This can lead to uninit-value access. Fix this by\nreturning an error in such situations.\n\n[1]\nBUG: KMSAN: uninit-value in vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6786\n netlink_dump+0x93e/0x15f0 net/netlink/af_netlink.c:2317\n __netlink_dump_start+0x716/0xd60 net/netlink/af_netlink.c:2432\n netlink_dump_start include/linux/netlink.h:340 [inline]\n rtnetlink_dump_start net/core/rtnetlink.c:6815 [inline]\n rtnetlink_rcv_msg+0x1256/0x14a0 net/core/rtnetlink.c:6882\n netlink_rcv_skb+0x467/0x660 net/netlink/af_netlink.c:2542\n rtnetlink_rcv+0x35/0x40 net/core/rtnetlink.c:6944\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0xed6/0x1290 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x1092/0x1230 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4110 [inline]\n slab_alloc_node mm/slub.c:4153 [inline]\n kmem_cache_alloc_node_noprof+0x800/0xe80 mm/slub.c:4205\n kmalloc_reserve+0x13b/0x4b0 net/core/skbuff.c:587\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1323 [inline]\n netlink_alloc_large_skb+0xa5/0x280 net/netlink/af_netlink.c:1196\n netlink_sendmsg+0xac9/0x1230 net/netlink/af_netlink.c:1866\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 30991 Comm: syz.4.10630 Not tainted 6.12.0-10694-gc44daa7e3c73 #29\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21716",
"url": "https://www.suse.com/security/cve/CVE-2025-21716"
},
{
"category": "external",
"summary": "SUSE Bug 1237891 for CVE-2025-21716",
"url": "https://bugzilla.suse.com/1237891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21716"
},
{
"cve": "CVE-2025-21718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21718",
"url": "https://www.suse.com/security/cve/CVE-2025-21718"
},
{
"category": "external",
"summary": "SUSE Bug 1239073 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "external",
"summary": "SUSE Bug 1239074 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239074"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmr: do not call mr_mfc_uses_dev() for unres entries\n\nsyzbot found that calling mr_mfc_uses_dev() for unres entries\nwould crash [1], because c-\u003emfc_un.res.minvif / c-\u003emfc_un.res.maxvif\nalias to \"struct sk_buff_head unresolved\", which contain two pointers.\n\nThis code never worked, lets remove it.\n\n[1]\nUnable to handle kernel paging request at virtual address ffff5fff2d536613\nKASAN: maybe wild-memory-access in range [0xfffefff96a9b3098-0xfffefff96a9b309f]\nModules linked in:\nCPU: 1 UID: 0 PID: 7321 Comm: syz.0.16 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline]\n pc : mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334\n lr : mr_mfc_uses_dev net/ipv4/ipmr_base.c:289 [inline]\n lr : mr_table_dump+0x694/0x8b0 net/ipv4/ipmr_base.c:334\nCall trace:\n mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] (P)\n mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 (P)\n mr_rtm_dumproute+0x254/0x454 net/ipv4/ipmr_base.c:382\n ipmr_rtm_dumproute+0x248/0x4b4 net/ipv4/ipmr.c:2648\n rtnl_dump_all+0x2e4/0x4e8 net/core/rtnetlink.c:4327\n rtnl_dumpit+0x98/0x1d0 net/core/rtnetlink.c:6791\n netlink_dump+0x4f0/0xbc0 net/netlink/af_netlink.c:2317\n netlink_recvmsg+0x56c/0xe64 net/netlink/af_netlink.c:1973\n sock_recvmsg_nosec net/socket.c:1033 [inline]\n sock_recvmsg net/socket.c:1055 [inline]\n sock_read_iter+0x2d8/0x40c net/socket.c:1125\n new_sync_read fs/read_write.c:484 [inline]\n vfs_read+0x740/0x970 fs/read_write.c:565\n ksys_read+0x15c/0x26c fs/read_write.c:708",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21719",
"url": "https://www.suse.com/security/cve/CVE-2025-21719"
},
{
"category": "external",
"summary": "SUSE Bug 1238860 for CVE-2025-21719",
"url": "https://bugzilla.suse.com/1238860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix possible crash when setting up bsg fails\n\nIf bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.\nConsequently, in mpi3mr_bsg_exit(), the condition \"if(!mrioc-\u003ebsg_queue)\"\nwill not be satisfied, preventing execution from entering\nbsg_remove_queue(), which could lead to the following crash:\n\nBUG: kernel NULL pointer dereference, address: 000000000000041c\nCall Trace:\n \u003cTASK\u003e\n mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr]\n mpi3mr_remove+0x6f/0x340 [mpi3mr]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x19d/0x220\n unbind_store+0xa4/0xb0\n kernfs_fop_write_iter+0x11f/0x200\n vfs_write+0x1fc/0x3e0\n ksys_write+0x67/0xe0\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0xe2",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21723",
"url": "https://www.suse.com/security/cve/CVE-2025-21723"
},
{
"category": "external",
"summary": "SUSE Bug 1238864 for CVE-2025-21723",
"url": "https://bugzilla.suse.com/1238864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()\n\nResolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index()\nwhere shifting the constant \"1\" (of type int) by bitmap-\u003emapped.pgshift\n(an unsigned long value) could result in undefined behavior.\n\nThe constant \"1\" defaults to a 32-bit \"int\", and when \"pgshift\" exceeds\n31 (e.g., pgshift = 63) the shift operation overflows, as the result\ncannot be represented in a 32-bit type.\n\nTo resolve this, the constant is updated to \"1UL\", promoting it to an\nunsigned long type to match the operand\u0027s type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21724",
"url": "https://www.suse.com/security/cve/CVE-2025-21724"
},
{
"category": "external",
"summary": "SUSE Bug 1238863 for CVE-2025-21724",
"url": "https://bugzilla.suse.com/1238863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix oops due to unset link speed\n\nIt isn\u0027t guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will always\nbe set by the server, so the client must handle any values and then\nprevent oopses like below from happening:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 1323 Comm: cat Not tainted 6.13.0-rc7 #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nRIP: 0010:cifs_debug_data_proc_show+0xa45/0x1460 [cifs] Code: 00 00 48\n89 df e8 3b cd 1b c1 41 f6 44 24 2c 04 0f 84 50 01 00 00 48 89 ef e8\ne7 d0 1b c1 49 8b 44 24 18 31 d2 49 8d 7c 24 28 \u003c48\u003e f7 74 24 18 48 89\nc3 e8 6e cf 1b c1 41 8b 6c 24 28 49 8d 7c 24\nRSP: 0018:ffffc90001817be0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88811230022c RCX: ffffffffc041bd99\nRDX: 0000000000000000 RSI: 0000000000000567 RDI: ffff888112300228\nRBP: ffff888112300218 R08: fffff52000302f5f R09: ffffed1022fa58ac\nR10: ffff888117d2c566 R11: 00000000fffffffe R12: ffff888112300200\nR13: 000000012a15343f R14: 0000000000000001 R15: ffff888113f2db58\nFS: 00007fe27119e740(0000) GS:ffff888148600000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe2633c5000 CR3: 0000000124da0000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x27\n ? die+0x2e/0x50\n ? do_trap+0x159/0x1b0\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? do_error_trap+0x90/0x130\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? exc_divide_error+0x39/0x50\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? asm_exc_divide_error+0x1a/0x20\n ? cifs_debug_data_proc_show+0xa39/0x1460 [cifs]\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? seq_read_iter+0x42e/0x790\n seq_read_iter+0x19a/0x790\n proc_reg_read_iter+0xbe/0x110\n ? __pfx_proc_reg_read_iter+0x10/0x10\n vfs_read+0x469/0x570\n ? do_user_addr_fault+0x398/0x760\n ? __pfx_vfs_read+0x10/0x10\n ? find_held_lock+0x8a/0xa0\n ? __pfx_lock_release+0x10/0x10\n ksys_read+0xd3/0x170\n ? __pfx_ksys_read+0x10/0x10\n ? __rcu_read_unlock+0x50/0x270\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe271288911\nCode: 00 48 8b 15 01 25 10 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd e8\n20 ad 01 00 f3 0f 1e fa 80 3d b5 a7 10 00 00 74 13 31 c0 0f 05 \u003c48\u003e 3d\n00 f0 ff ff 77 4f c3 66 0f 1f 44 00 00 55 48 89 e5 48 83 ec\nRSP: 002b:00007ffe87c079d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\nRAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007fe271288911\nRDX: 0000000000040000 RSI: 00007fe2633c6000 RDI: 0000000000000003\nRBP: 00007ffe87c07a00 R08: 0000000000000000 R09: 00007fe2713e6380\nR10: 0000000000000022 R11: 0000000000000246 R12: 0000000000040000\nR13: 00007fe2633c6000 R14: 0000000000000003 R15: 0000000000000000\n \u003c/TASK\u003e\n\nFix this by setting cifs_server_iface::speed to a sane value (1Gbps)\nby default when link speed is unset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21725",
"url": "https://www.suse.com/security/cve/CVE-2025-21725"
},
{
"category": "external",
"summary": "SUSE Bug 1238877 for CVE-2025-21725",
"url": "https://bugzilla.suse.com/1238877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21725"
},
{
"cve": "CVE-2025-21726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: avoid UAF for reorder_work\n\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\n\ncrypto_request\t\t\tcrypto_request\t\tcrypto_del_alg\npadata_do_serial\n ...\n padata_reorder\n // processes all remaining\n // requests then breaks\n while (1) {\n if (!padata)\n break;\n ...\n }\n\n\t\t\t\tpadata_do_serial\n\t\t\t\t // new request added\n\t\t\t\t list_add\n // sees the new request\n queue_work(reorder_work)\n\t\t\t\t padata_reorder\n\t\t\t\t queue_work_on(squeue-\u003ework)\n...\n\n\t\t\t\t\u003ckworker context\u003e\n\t\t\t\tpadata_serial_worker\n\t\t\t\t// completes new request,\n\t\t\t\t// no more outstanding\n\t\t\t\t// requests\n\n\t\t\t\t\t\t\tcrypto_del_alg\n\t\t\t\t\t\t\t // free pd\n\n\u003ckworker context\u003e\ninvoke_padata_reorder\n // UAF of pd\n\nTo avoid UAF for \u0027reorder_work\u0027, get \u0027pd\u0027 ref before put \u0027reorder_work\u0027\ninto the \u0027serial_wq\u0027 and put \u0027pd\u0027 ref until the \u0027serial_wq\u0027 finish.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21726",
"url": "https://www.suse.com/security/cve/CVE-2025-21726"
},
{
"category": "external",
"summary": "SUSE Bug 1238865 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "external",
"summary": "SUSE Bug 1240837 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1240837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf \u0027mdelay(10)\u0027 is added before calling \u0027padata_find_next\u0027 in the\n\u0027padata_reorder\u0027 function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(\u0026pd-\u003erefcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps-\u003epd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in \u0027while\u0027, if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n\u0027padata_find_next\u0027, which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in \u0027padata_free_shell\u0027 wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21727",
"url": "https://www.suse.com/security/cve/CVE-2025-21727"
},
{
"category": "external",
"summary": "SUSE Bug 1237876 for CVE-2025-21727",
"url": "https://bugzilla.suse.com/1237876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Send signals asynchronously if !preemptible\n\nBPF programs can execute in all kinds of contexts and when a program\nrunning in a non-preemptible context uses the bpf_send_signal() kfunc,\nit will cause issues because this kfunc can sleep.\nChange `irqs_disabled()` to `!preemptible()`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21728",
"url": "https://www.suse.com/security/cve/CVE-2025-21728"
},
{
"category": "external",
"summary": "SUSE Bug 1237879 for CVE-2025-21728",
"url": "https://bugzilla.suse.com/1237879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd-\u003erecv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -\u003e succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -\u003e succeed\n nbd_reconnect_socket\n queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -\u003e nbd_config is freed\n atomic_dec(\u0026config-\u003erecv_threads)\n -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21731",
"url": "https://www.suse.com/security/cve/CVE-2025-21731"
},
{
"category": "external",
"summary": "SUSE Bug 1237881 for CVE-2025-21731",
"url": "https://bugzilla.suse.com/1237881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error\n\nThis patch addresses a race condition for an ODP MR that can result in a\nCQE with an error on the UMR QP.\n\nDuring the __mlx5_ib_dereg_mr() flow, the following sequence of calls\noccurs:\n\nmlx5_revoke_mr()\n mlx5r_umr_revoke_mr()\n mlx5r_umr_post_send_wait()\n\nAt this point, the lkey is freed from the hardware\u0027s perspective.\n\nHowever, concurrently, mlx5_ib_invalidate_range() might be triggered by\nanother task attempting to invalidate a range for the same freed lkey.\n\nThis task will:\n - Acquire the umem_odp-\u003eumem_mutex lock.\n - Call mlx5r_umr_update_xlt() on the UMR QP.\n - Since the lkey has already been freed, this can lead to a CQE error,\n causing the UMR QP to enter an error state [1].\n\nTo resolve this race condition, the umem_odp-\u003eumem_mutex lock is now also\nacquired as part of the mlx5_revoke_mr() scope. Upon successful revoke,\nwe set umem_odp-\u003eprivate which points to that MR to NULL, preventing any\nfurther invalidation attempts on its lkey.\n\n[1] From dmesg:\n\n infiniband rocep8s0f0: dump_cqe:277:(pid 0): WC error: 6, Message: memory bind operation error\n cqe_dump: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000030: 00 00 00 00 08 00 78 06 25 00 11 b9 00 0e dd d2\n\n WARNING: CPU: 15 PID: 1506 at drivers/infiniband/hw/mlx5/umr.c:394 mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n Modules linked in: ip6table_mangle ip6table_natip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\n CPU: 15 UID: 0 PID: 1506 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1626\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n [..]\n Call Trace:\n \u003cTASK\u003e\n mlx5r_umr_update_xlt+0x23c/0x3e0 [mlx5_ib]\n mlx5_ib_invalidate_range+0x2e1/0x330 [mlx5_ib]\n __mmu_notifier_invalidate_range_start+0x1e1/0x240\n zap_page_range_single+0xf1/0x1a0\n madvise_vma_behavior+0x677/0x6e0\n do_madvise+0x1a2/0x4b0\n __x64_sys_madvise+0x25/0x30\n do_syscall_64+0x6b/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21732",
"url": "https://www.suse.com/security/cve/CVE-2025-21732"
},
{
"category": "external",
"summary": "SUSE Bug 1237877 for CVE-2025-21732",
"url": "https://bugzilla.suse.com/1237877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Fix resetting of tracepoints\n\nIf a timerlat tracer is started with the osnoise option OSNOISE_WORKLOAD\ndisabled, but then that option is enabled and timerlat is removed, the\ntracepoints that were enabled on timerlat registration do not get\ndisabled. If the option is disabled again and timelat is started, then it\ntriggers a warning in the tracepoint code due to registering the\ntracepoint again without ever disabling it.\n\nDo not use the same user space defined options to know to disable the\ntracepoints when timerlat is removed. Instead, set a global flag when it\nis enabled and use that flag to know to disable the events.\n\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n ~# echo OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo nop \u003e /sys/kernel/tracing/current_tracer\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n\nTriggers:\n\n ------------[ cut here ]------------\n WARNING: CPU: 6 PID: 1337 at kernel/tracepoint.c:294 tracepoint_add_func+0x3b6/0x3f0\n Modules linked in:\n CPU: 6 UID: 0 PID: 1337 Comm: rtla Not tainted 6.13.0-rc4-test-00018-ga867c441128e-dirty #73\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:tracepoint_add_func+0x3b6/0x3f0\n Code: 48 8b 53 28 48 8b 73 20 4c 89 04 24 e8 23 59 11 00 4c 8b 04 24 e9 36 fe ff ff 0f 0b b8 ea ff ff ff 45 84 e4 0f 84 68 fe ff ff \u003c0f\u003e 0b e9 61 fe ff ff 48 8b 7b 18 48 85 ff 0f 84 4f ff ff ff 49 8b\n RSP: 0018:ffffb9b003a87ca0 EFLAGS: 00010202\n RAX: 00000000ffffffef RBX: ffffffff92f30860 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9bf59e91ccd0 RDI: ffffffff913b6410\n RBP: 000000000000000a R08: 00000000000005c7 R09: 0000000000000002\n R10: ffffb9b003a87ce0 R11: 0000000000000002 R12: 0000000000000001\n R13: ffffb9b003a87ce0 R14: ffffffffffffffef R15: 0000000000000008\n FS: 00007fce81209240(0000) GS:ffff9bf6fdd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055e99b728000 CR3: 00000001277c0002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ? __warn.cold+0xb7/0x14d\n ? tracepoint_add_func+0x3b6/0x3f0\n ? report_bug+0xea/0x170\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? tracepoint_add_func+0x3b6/0x3f0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n tracepoint_probe_register+0x78/0xb0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n osnoise_workload_start+0x2b5/0x370\n timerlat_tracer_init+0x76/0x1b0\n tracing_set_tracer+0x244/0x400\n tracing_set_trace_write+0xa0/0xe0\n vfs_write+0xfc/0x570\n ? do_sys_openat2+0x9c/0xe0\n ksys_write+0x72/0xf0\n do_syscall_64+0x79/0x1c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21733",
"url": "https://www.suse.com/security/cve/CVE-2025-21733"
},
{
"category": "external",
"summary": "SUSE Bug 1238494 for CVE-2025-21733",
"url": "https://bugzilla.suse.com/1238494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21734",
"url": "https://www.suse.com/security/cve/CVE-2025-21734"
},
{
"category": "external",
"summary": "SUSE Bug 1238734 for CVE-2025-21734",
"url": "https://bugzilla.suse.com/1238734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21735",
"url": "https://www.suse.com/security/cve/CVE-2025-21735"
},
{
"category": "external",
"summary": "SUSE Bug 1238497 for CVE-2025-21735",
"url": "https://bugzilla.suse.com/1238497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix possible int overflows in nilfs_fiemap()\n\nSince nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result\nby being prepared to go through potentially maxblocks == INT_MAX blocks,\nthe value in n may experience an overflow caused by left shift of blkbits.\n\nWhile it is extremely unlikely to occur, play it safe and cast right hand\nexpression to wider type to mitigate the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with static analysis\ntool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21736",
"url": "https://www.suse.com/security/cve/CVE-2025-21736"
},
{
"category": "external",
"summary": "SUSE Bug 1238715 for CVE-2025-21736",
"url": "https://bugzilla.suse.com/1238715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21738",
"url": "https://www.suse.com/security/cve/CVE-2025-21738"
},
{
"category": "external",
"summary": "SUSE Bug 1238917 for CVE-2025-21738",
"url": "https://bugzilla.suse.com/1238917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21741",
"url": "https://www.suse.com/security/cve/CVE-2025-21741"
},
{
"category": "external",
"summary": "SUSE Bug 1238767 for CVE-2025-21741",
"url": "https://bugzilla.suse.com/1238767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21742",
"url": "https://www.suse.com/security/cve/CVE-2025-21742"
},
{
"category": "external",
"summary": "SUSE Bug 1238771 for CVE-2025-21742",
"url": "https://bugzilla.suse.com/1238771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix possible overflow in DPE length check\n\nOriginally, it was possible for the DPE length check to overflow if\nwDatagramIndex + wDatagramLength \u003e U16_MAX. This could lead to an OoB\nread.\n\nMove the wDatagramIndex term to the other side of the inequality.\n\nAn existing condition ensures that wDatagramIndex \u003c urb-\u003eactual_length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21743",
"url": "https://www.suse.com/security/cve/CVE-2025-21743"
},
{
"category": "external",
"summary": "SUSE Bug 1238781 for CVE-2025-21743",
"url": "https://bugzilla.suse.com/1238781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr-\u003eif2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp-\u003endev-\u003estats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21744",
"url": "https://www.suse.com/security/cve/CVE-2025-21744"
},
{
"category": "external",
"summary": "SUSE Bug 1238903 for CVE-2025-21744",
"url": "https://bugzilla.suse.com/1238903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21745",
"url": "https://www.suse.com/security/cve/CVE-2025-21745"
},
{
"category": "external",
"summary": "SUSE Bug 1238785 for CVE-2025-21745",
"url": "https://bugzilla.suse.com/1238785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21749",
"url": "https://www.suse.com/security/cve/CVE-2025-21749"
},
{
"category": "external",
"summary": "SUSE Bug 1238904 for CVE-2025-21749",
"url": "https://bugzilla.suse.com/1238904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "low"
}
],
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS: 00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21750",
"url": "https://www.suse.com/security/cve/CVE-2025-21750"
},
{
"category": "external",
"summary": "SUSE Bug 1238905 for CVE-2025-21750",
"url": "https://bugzilla.suse.com/1238905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn\u0027t cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n ASSERT(!(flags \u0026 ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n FAULT_INJECTION: forcing a failure.\n name failslab, interval 1, probability 0, space 0, times 1\n CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n fail_dump lib/fault-inject.c:53 [inline]\n should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n should_failslab+0xac/0x100 mm/failslab.c:46\n slab_pre_alloc_hook mm/slub.c:4072 [inline]\n slab_alloc_node mm/slub.c:4148 [inline]\n __do_kmalloc_node mm/slub.c:4297 [inline]\n __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_pwritev fs/read_write.c:1146 [inline]\n __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f1281f85d29\n RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n \u003c/TASK\u003e\n BTRFS error (device loop0 state A): Transaction aborted (error -12)\n BTRFS: error (device loop0 state A\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21754",
"url": "https://www.suse.com/security/cve/CVE-2025-21754"
},
{
"category": "external",
"summary": "SUSE Bug 1238496 for CVE-2025-21754",
"url": "https://bugzilla.suse.com/1238496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context\n\nThe following bug report happened with a PREEMPT_RT kernel:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n get_random_u32+0x4f/0x110\n clocksource_verify_choose_cpus+0xab/0x1a0\n clocksource_verify_percpu.part.0+0x6b/0x330\n clocksource_watchdog_kthread+0x193/0x1a0\n\nIt is due to the fact that clocksource_verify_choose_cpus() is invoked with\npreemption disabled. This function invokes get_random_u32() to obtain\nrandom numbers for choosing CPUs. The batched_entropy_32 local lock and/or\nthe base_crng.lock spinlock in driver/char/random.c will be acquired during\nthe call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot\nbe acquired in atomic context.\n\nFix this problem by using migrate_disable() to allow smp_processor_id() to\nbe reliably used without introducing atomic context. preempt_disable() is\nthen called after clocksource_verify_choose_cpus() but before the\nclocksource measurement is being run to avoid introducing unexpected\nlatency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21767",
"url": "https://www.suse.com/security/cve/CVE-2025-21767"
},
{
"category": "external",
"summary": "SUSE Bug 1238509 for CVE-2025-21767",
"url": "https://bugzilla.suse.com/1238509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial\n\nThe driver assumed that es58x_dev-\u003eudev-\u003eserial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev-\u003eudev-\u003eserial before accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21773",
"url": "https://www.suse.com/security/cve/CVE-2025-21773"
},
{
"category": "external",
"summary": "SUSE Bug 1238762 for CVE-2025-21773",
"url": "https://bugzilla.suse.com/1238762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21775",
"url": "https://www.suse.com/security/cve/CVE-2025-21775"
},
{
"category": "external",
"summary": "SUSE Bug 1238501 for CVE-2025-21775",
"url": "https://bugzilla.suse.com/1238501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: hub: Ignore non-compliant devices with too many configs or interfaces\n\nRobert Morris created a test program which can cause\nusb_hub_to_struct_hub() to dereference a NULL or inappropriate\npointer:\n\nOops: general protection fault, probably for non-canonical address\n0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI\nCPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14\nHardware name: FreeBSD BHYVE/BHYVE, BIOS 14.0 10/17/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_hub_adjust_deviceremovable+0x78/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x31/0x80\n ? exc_general_protection+0x1b4/0x3c0\n ? asm_exc_general_protection+0x26/0x30\n ? usb_hub_adjust_deviceremovable+0x78/0x110\n hub_probe+0x7c7/0xab0\n usb_probe_interface+0x14b/0x350\n really_probe+0xd0/0x2d0\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x6e/0x110\n driver_probe_device+0x1a/0x90\n __device_attach_driver+0x7e/0xc0\n bus_for_each_drv+0x7f/0xd0\n __device_attach+0xaa/0x1a0\n bus_probe_device+0x8b/0xa0\n device_add+0x62e/0x810\n usb_set_configuration+0x65d/0x990\n usb_generic_driver_probe+0x4b/0x70\n usb_probe_device+0x36/0xd0\n\nThe cause of this error is that the device has two interfaces, and the\nhub driver binds to interface 1 instead of interface 0, which is where\nusb_hub_to_struct_hub() looks.\n\nWe can prevent the problem from occurring by refusing to accept hub\ndevices that violate the USB spec by having more than one\nconfiguration or interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21776",
"url": "https://www.suse.com/security/cve/CVE-2025-21776"
},
{
"category": "external",
"summary": "SUSE Bug 1238909 for CVE-2025-21776",
"url": "https://bugzilla.suse.com/1238909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21779",
"url": "https://www.suse.com/security/cve/CVE-2025-21779"
},
{
"category": "external",
"summary": "SUSE Bug 1238768 for CVE-2025-21779",
"url": "https://bugzilla.suse.com/1238768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21780",
"url": "https://www.suse.com/security/cve/CVE-2025-21780"
},
{
"category": "external",
"summary": "SUSE Bug 1239115 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "external",
"summary": "SUSE Bug 1239116 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn\u0027t a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh-\u003ebat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21781",
"url": "https://www.suse.com/security/cve/CVE-2025-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1238735 for CVE-2025-21781",
"url": "https://bugzilla.suse.com/1238735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21784",
"url": "https://www.suse.com/security/cve/CVE-2025-21784"
},
{
"category": "external",
"summary": "SUSE Bug 1238510 for CVE-2025-21784",
"url": "https://bugzilla.suse.com/1238510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21785",
"url": "https://www.suse.com/security/cve/CVE-2025-21785"
},
{
"category": "external",
"summary": "SUSE Bug 1238747 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "external",
"summary": "SUSE Bug 1240745 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1240745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: check vxlan_vnigroup_init() return value\n\nvxlan_init() must check vxlan_vnigroup_init() success\notherwise a crash happens later, spotted by syzbot.\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000002c: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000160-0x0000000000000167]\nCPU: 0 UID: 0 PID: 7313 Comm: syz-executor147 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:vxlan_vnigroup_uninit+0x89/0x500 drivers/net/vxlan/vxlan_vnifilter.c:912\nCode: 00 48 8b 44 24 08 4c 8b b0 98 41 00 00 49 8d 86 60 01 00 00 48 89 c2 48 89 44 24 10 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4d 04 00 00 49 8b 86 60 01 00 00 48 ba 00 00 00\nRSP: 0018:ffffc9000cc1eea8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff8672effb\nRDX: 000000000000002c RSI: ffffffff8672ecb9 RDI: ffff8880461b4f18\nRBP: ffff8880461b4ef4 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000020000\nR13: ffff8880461b0d80 R14: 0000000000000000 R15: dffffc0000000000\nFS: 00007fecfa95d6c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fecfa95cfb8 CR3: 000000004472c000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vxlan_uninit+0x1ab/0x200 drivers/net/vxlan/vxlan_core.c:2942\n unregister_netdevice_many_notify+0x12d6/0x1f30 net/core/dev.c:11824\n unregister_netdevice_many net/core/dev.c:11866 [inline]\n unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11736\n register_netdevice+0x1829/0x1eb0 net/core/dev.c:10901\n __vxlan_dev_create+0x7c6/0xa30 drivers/net/vxlan/vxlan_core.c:3981\n vxlan_newlink+0xd1/0x130 drivers/net/vxlan/vxlan_core.c:4407\n rtnl_newlink_create net/core/rtnetlink.c:3795 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21790",
"url": "https://www.suse.com/security/cve/CVE-2025-21790"
},
{
"category": "external",
"summary": "SUSE Bug 1238753 for CVE-2025-21790",
"url": "https://bugzilla.suse.com/1238753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21790"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21793",
"url": "https://www.suse.com/security/cve/CVE-2025-21793"
},
{
"category": "external",
"summary": "SUSE Bug 1238500 for CVE-2025-21793",
"url": "https://bugzilla.suse.com/1238500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()\n\nSyzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from\nhid-thrustmaster driver. This array is passed to usb_check_int_endpoints\nfunction from usb.c core driver, which executes a for loop that iterates\nover the elements of the passed array. Not finding a null element at the end of\nthe array, it tries to read the next, non-existent element, crashing the kernel.\n\nTo fix this, a 0 element was added at the end of the array to break the for\nloop.\n\n[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21794",
"url": "https://www.suse.com/security/cve/CVE-2025-21794"
},
{
"category": "external",
"summary": "SUSE Bug 1238502 for CVE-2025-21794",
"url": "https://bugzilla.suse.com/1238502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix hang in nfsd4_shutdown_callback\n\nIf nfs4_client is in courtesy state then there is no point to send\nthe callback. This causes nfsd4_shutdown_callback to hang since\ncl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP\nnotifies NFSD that the connection was dropped.\n\nThis patch modifies nfsd4_run_cb_work to skip the RPC call if\nnfs4_client is in courtesy state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21795",
"url": "https://www.suse.com/security/cve/CVE-2025-21795"
},
{
"category": "external",
"summary": "SUSE Bug 1238759 for CVE-2025-21795",
"url": "https://bugzilla.suse.com/1238759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()\n\nWhen getting the IRQ we use k3_udma_glue_tx_get_irq() which returns\nnegative error value on error. So not NULL check is not sufficient\nto deteremine if IRQ is valid. Check that IRQ is greater then zero\nto ensure it is valid.\n\nThere is no issue at probe time but at runtime user can invoke\n.set_channels which results in the following call chain.\nam65_cpsw_set_channels()\n am65_cpsw_nuss_update_tx_rx_chns()\n am65_cpsw_nuss_remove_tx_chns()\n am65_cpsw_nuss_init_tx_chns()\n\nAt this point if am65_cpsw_nuss_init_tx_chns() fails due to\nk3_udma_glue_tx_get_irq() then tx_chn-\u003eirq will be set to a\nnegative value.\n\nThen, at subsequent .set_channels with higher channel count we\nwill attempt to free an invalid IRQ in am65_cpsw_nuss_remove_tx_chns()\nleading to a kernel warning.\n\nThe issue is present in the original commit that introduced this driver,\nalthough there, am65_cpsw_nuss_update_tx_rx_chns() existed as\nam65_cpsw_nuss_update_tx_chns().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21799",
"url": "https://www.suse.com/security/cve/CVE-2025-21799"
},
{
"category": "external",
"summary": "SUSE Bug 1238739 for CVE-2025-21799",
"url": "https://bugzilla.suse.com/1238739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21799"
},
{
"cve": "CVE-2025-21802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix oops when unload drivers paralleling\n\nWhen unload hclge driver, it tries to disable sriov first for each\nae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at\nthe time, because it removes all the ae_dev nodes, and it may cause\noops.\n\nBut we can\u0027t simply use hnae3_common_lock for this. Because in the\nprocess flow of pci_disable_sriov(), it will trigger the remove flow\nof VF, which will also take hnae3_common_lock.\n\nTo fixes it, introduce a new mutex to protect the unload process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21802",
"url": "https://www.suse.com/security/cve/CVE-2025-21802"
},
{
"category": "external",
"summary": "SUSE Bug 1238751 for CVE-2025-21802",
"url": "https://bugzilla.suse.com/1238751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21802"
},
{
"cve": "CVE-2025-21804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n $ cat /proc/iomem\n 30000000-37ffffff :\n 38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n $ cat /proc/iomem\n 30000000-37ffffff : memory2\n 38000000-3fffffff : memory3\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21804",
"url": "https://www.suse.com/security/cve/CVE-2025-21804"
},
{
"category": "external",
"summary": "SUSE Bug 1238736 for CVE-2025-21804",
"url": "https://bugzilla.suse.com/1238736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: class: Fix wild pointer dereferences in API class_dev_iter_next()\n\nThere are a potential wild pointer dereferences issue regarding APIs\nclass_dev_iter_(init|next|exit)(), as explained by below typical usage:\n\n// All members of @iter are wild pointers.\nstruct class_dev_iter iter;\n\n// class_dev_iter_init(@iter, @class, ...) checks parameter @class for\n// potential class_to_subsys() error, and it returns void type and does\n// not initialize its output parameter @iter, so caller can not detect\n// the error and continues to invoke class_dev_iter_next(@iter) even if\n// @iter still contains wild pointers.\nclass_dev_iter_init(\u0026iter, ...);\n\n// Dereference these wild pointers in @iter here once suffer the error.\nwhile (dev = class_dev_iter_next(\u0026iter)) { ... };\n\n// Also dereference these wild pointers here.\nclass_dev_iter_exit(\u0026iter);\n\nActually, all callers of these APIs have such usage pattern in kernel tree.\nFix by:\n- Initialize output parameter @iter by memset() in class_dev_iter_init()\n and give callers prompt by pr_crit() for the error.\n- Check if @iter is valid in class_dev_iter_next().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21810",
"url": "https://www.suse.com/security/cve/CVE-2025-21810"
},
{
"category": "external",
"summary": "SUSE Bug 1238757 for CVE-2025-21810",
"url": "https://bugzilla.suse.com/1238757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/compaction: fix UBSAN shift-out-of-bounds warning\n\nsyzkaller reported a UBSAN shift-out-of-bounds warning of (1UL \u003c\u003c order)\nin isolate_freepages_block(). The bogus compound_order can be any value\nbecause it is union with flags. Add back the MAX_PAGE_ORDER check to fix\nthe warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21815",
"url": "https://www.suse.com/security/cve/CVE-2025-21815"
},
{
"category": "external",
"summary": "SUSE Bug 1238474 for CVE-2025-21815",
"url": "https://bugzilla.suse.com/1238474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/display: Use HW lock mgr for PSR1\"\n\nThis reverts commit\na2b5a9956269 (\"drm/amd/display: Use HW lock mgr for PSR1\")\n\nBecause it may cause system hang while connect with two edp panel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21819",
"url": "https://www.suse.com/security/cve/CVE-2025-21819"
},
{
"category": "external",
"summary": "SUSE Bug 1238994 for CVE-2025-21819",
"url": "https://bugzilla.suse.com/1238994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port-\u003esysrq)\n uart_port_lock(port)\n uart_handle_break()\n port-\u003esysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port-\u003esysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port-\u003esysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21820",
"url": "https://www.suse.com/security/cve/CVE-2025-21820"
},
{
"category": "external",
"summary": "SUSE Bug 1238479 for CVE-2025-21820",
"url": "https://bugzilla.suse.com/1238479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21823",
"url": "https://www.suse.com/security/cve/CVE-2025-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1238475 for CVE-2025-21823",
"url": "https://bugzilla.suse.com/1238475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Cancel the running bpf_timer through kworker for PREEMPT_RT\n\nDuring the update procedure, when overwrite element in a pre-allocated\nhtab, the freeing of old_element is protected by the bucket lock. The\nreason why the bucket lock is necessary is that the old_element has\nalready been stashed in htab-\u003eextra_elems after alloc_htab_elem()\nreturns. If freeing the old_element after the bucket lock is unlocked,\nthe stashed element may be reused by concurrent update procedure and the\nfreeing of old_element will run concurrently with the reuse of the\nold_element. However, the invocation of check_and_free_fields() may\nacquire a spin-lock which violates the lockdep rule because its caller\nhas already held a raw-spin-lock (bucket lock). The following warning\nwill be reported when such race happens:\n\n BUG: scheduling while atomic: test_progs/676/0x00000003\n 3 locks held by test_progs/676:\n #0: ffffffff864b0240 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830\n #1: ffff88810e961188 (\u0026htab-\u003elockdep_key){....}-{2:2}, at: htab_map_update_elem+0x306/0x1500\n #2: ffff8881f4eac1b8 (\u0026base-\u003esoftirq_expiry_lock){....}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0\n Modules linked in: bpf_testmod(O)\n Preemption disabled at:\n [\u003cffffffff817837a3\u003e] htab_map_update_elem+0x293/0x1500\n CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G ... 6.12.0+ #11\n Tainted: [W]=WARN, [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n __schedule_bug+0x120/0x170\n __schedule+0x300c/0x4800\n schedule_rtlock+0x37/0x60\n rtlock_slowlock_locked+0x6d9/0x54c0\n rt_spin_lock+0x168/0x230\n hrtimer_cancel_wait_running+0xe9/0x1b0\n hrtimer_cancel+0x24/0x30\n bpf_timer_delete_work+0x1d/0x40\n bpf_timer_cancel_and_free+0x5e/0x80\n bpf_obj_free_fields+0x262/0x4a0\n check_and_free_fields+0x1d0/0x280\n htab_map_update_elem+0x7fc/0x1500\n bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43\n bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e\n bpf_prog_test_run_syscall+0x322/0x830\n __sys_bpf+0x135d/0x3ca0\n __x64_sys_bpf+0x75/0xb0\n x64_sys_call+0x1b5/0xa10\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n ...\n \u003c/TASK\u003e\n\nIt seems feasible to break the reuse and refill of per-cpu extra_elems\ninto two independent parts: reuse the per-cpu extra_elems with bucket\nlock being held and refill the old_element as per-cpu extra_elems after\nthe bucket lock is unlocked. However, it will make the concurrent\noverwrite procedures on the same CPU return unexpected -E2BIG error when\nthe map is full.\n\nTherefore, the patch fixes the lock problem by breaking the cancelling\nof bpf_timer into two steps for PREEMPT_RT:\n1) use hrtimer_try_to_cancel() and check its return value\n2) if the timer is running, use hrtimer_cancel() through a kworker to\n cancel it again\nConsidering that the current implementation of hrtimer_cancel() will try\nto acquire a being held softirq_expiry_lock when the current timer is\nrunning, these steps above are reasonable. However, it also has\ndownside. When the timer is running, the cancelling of the timer is\ndelayed when releasing the last map uref. The delay is also fixable\n(e.g., break the cancelling of bpf timer into two parts: one part in\nlocked scope, another one in unlocked scope), it can be revised later if\nnecessary.\n\nIt is a bit hard to decide the right fix tag. One reason is that the\nproblem depends on PREEMPT_RT which is enabled in v6.12. Considering the\nsoftirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced\nin v5.15, the bpf_timer commit is used in the fixes tag and an extra\ndepends-on tag is added to state the dependency on PREEMPT_RT.\n\nDepends-on: v6.12+ with PREEMPT_RT enabled",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21825",
"url": "https://www.suse.com/security/cve/CVE-2025-21825"
},
{
"category": "external",
"summary": "SUSE Bug 1238971 for CVE-2025-21825",
"url": "https://bugzilla.suse.com/1238971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t flush non-uploaded STAs\n\nIf STA state is pre-moved to AUTHORIZED (such as in IBSS\nscenarios) and insertion fails, the station is freed.\nIn this case, the driver never knew about the station,\nso trying to flush it is unexpected and may crash.\n\nCheck if the sta was uploaded to the driver before and\nfix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21828",
"url": "https://www.suse.com/security/cve/CVE-2025-21828"
},
{
"category": "external",
"summary": "SUSE Bug 1238958 for CVE-2025-21828",
"url": "https://bugzilla.suse.com/1238958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n \u003cTASK\u003e\n ? show_regs.cold+0x1a/0x1f\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __warn+0x84/0xd0\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? report_bug+0x105/0x180\n ? handle_bug+0x46/0x80\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n ib_destroy_qp_user+0x118/0x190 [ib_core]\n rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n process_one_work+0x21d/0x3f0\n worker_thread+0x4a/0x3c0\n ? process_one_work+0x3f0/0x3f0\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21829",
"url": "https://www.suse.com/security/cve/CVE-2025-21829"
},
{
"category": "external",
"summary": "SUSE Bug 1239030 for CVE-2025-21829",
"url": "https://bugzilla.suse.com/1239030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21830",
"url": "https://www.suse.com/security/cve/CVE-2025-21830"
},
{
"category": "external",
"summary": "SUSE Bug 1239033 for CVE-2025-21830",
"url": "https://bugzilla.suse.com/1239033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won\u0027t be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21831",
"url": "https://www.suse.com/security/cve/CVE-2025-21831"
},
{
"category": "external",
"summary": "SUSE Bug 1239039 for CVE-2025-21831",
"url": "https://bugzilla.suse.com/1239039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21835",
"url": "https://www.suse.com/security/cve/CVE-2025-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1239068 for CVE-2025-21835",
"url": "https://bugzilla.suse.com/1239068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget-\u003ework\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(\u0026gadget-\u003ework)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21838",
"url": "https://www.suse.com/security/cve/CVE-2025-21838"
},
{
"category": "external",
"summary": "SUSE Bug 1239065 for CVE-2025-21838",
"url": "https://bugzilla.suse.com/1239065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-rt-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T10:48:21Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
}
]
}
SUSE-SU-2025:20192-1
Vulnerability from csaf_suse - Published: 2025-04-17 14:37 - Updated: 2025-04-17 14:37Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- CVE-2024-27415: netfilter: br_netfilter: skip conntrack input hook for promisc packets (bsc#1224757).
- CVE-2024-35910: kABI fix for tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).
- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).
- CVE-2024-45010: mptcp: pm: only mark 'subflow' endp as available (bsc#1230439).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50142: xfrm: validate new SA's prefixlen using SA family when sel.family is unset (bsc#1233028).
- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).
- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).
- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).
- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).
- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).
- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).
- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).
- CVE-2024-56638: kABI fix for "netfilter: nft_inner: incorrect percpu area handling under softirq" (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).
- CVE-2024-56658: net: defer final 'struct net' free in netns dismantle (bsc#1235441).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy (bsc#1236113).
- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current->nsproxy (bsc#1236114).
- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy (bsc#1236115).
- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy (bsc#1236122).
- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (bsc#1236123).
- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).
- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).
- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).
- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).
- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).
- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).
- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).
- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).
- CVE-2025-21678: gtp: Destroy device along with udp socket's netns dismantle (bsc#1236698).
- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).
- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).
- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).
- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).
- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).
- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).
- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).
- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).
- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).
- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).
- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).
- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed
if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21969: Bluetooth: L2CAP: Fix build errors in some archs (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
The following non-security bugs were fixed:
- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).
- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).
- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).
- ALSA: seq: Make dependency on UMP clearer (git-fixes).
- ALSA: seq: remove redundant 'tristate' for SND_SEQ_UMP_CLIENT (stable-fixes).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).
- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).
- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).
- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).
- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).
- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).
- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- Fix memory-hotplug regression (bsc#1237504)
- Grab mm lock before grabbing pt lock (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: Wacom: Add PCI Wacom device support (stable-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: hid-steam: Add Deck IMU support (stable-fixes).
- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).
- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).
- HID: hid-steam: Clean up locking (stable-fixes).
- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).
- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).
- HID: hid-steam: Fix cleanup in probe() (git-fixes).
- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).
- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).
- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).
- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).
- HID: hid-steam: remove pointless error message (stable-fixes).
- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: allocate keycode for phone linking (stable-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).
- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).
- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).
- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).
- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).
- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).
- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).
- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)
- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).
- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).
- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).
- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).
- KVM: x86/mmu: Skip the "try unsync" path iff the old SPTE was a leaf SPTE (git-fixes).
- KVM: x86: AMD's IBPB is not equivalent to Intel's IBPB (git-fixes).
- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).
- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).
- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).
- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).
- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes).
- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).
- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).
- Move upstreamed ACPI patch into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: Use downstream bridges for distributing resources (bsc#1237325).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- PCI: hookup irq_get_affinity callback (bsc#1236896).
- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/efa: Reset device on probe failure (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/rxe: Improve newline in printing messages (git-fixes)
- Reapply "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "blk-throttle: Fix IO hang for a corner case" (git-fixes).
- Revert "dm: requeue IO if mapping table not yet available" (git-fixes).
- Revert "drivers/card_reader/rtsx_usb: Restore interrupt based detection" (git-fixes).
- Revert "drm/amd/display: Use HW lock mgr for PSR1" (stable-fixes).
- Revert "leds-pca955x: Remove the unused function pca95xx_num_led_regs()" (stable-fixes).
- Revert "wifi: ath11k: restore country code during resume" (bsc#1207948).
- Revert "wifi: ath11k: support hibernation" (bsc#1207948).
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).
- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).
- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).
- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).
- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).
- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).
- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).
- USB: serial: option: drop MeiG Smart defines (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- Update "drm/mgag200: Added support for the new device G200eH5" (jsc#PED-12094)
- Use gcc-13 for build on SLE16 (jsc#PED-10028).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acct: block access to kernel internal filesystems (git-fixes).
- acct: perform last write from workqueue (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Drop unmanaged ELP metric worker (git-fixes).
- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- batman-adv: fix panic during interface removal (git-fixes).
- bio-integrity: do not restrict the size of integrity metadata (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-cgroup: Fix class @block_class's subsystem refcount leakage (bsc#1237558).
- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).
- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).
- blk-mq: add number of queue calc helper (bsc#1236897).
- blk-mq: create correct map for fallback case (bsc#1236896).
- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).
- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).
- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).
- blk-mq: move cpuhp callback registering out of q->sysfs_lock (git-fixes).
- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).
- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).
- blk_iocost: remove some duplicate irq disable/enables (git-fixes).
- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).
- block: Clear zone limits for a non-zoned stacked queue (git-fixes).
- block: Fix elevator_get_default() checking for NULL q->tag_set (git-fixes).
- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).
- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).
- block: Provide bdev_open_* functions (git-fixes).
- block: Remove special-casing of compound pages (git-fixes).
- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).
- block: add a disk_has_partscan helper (git-fixes).
- block: add a partscan sysfs attribute for disks (git-fixes).
- block: add check of 'minors' and 'first_minor' in device_add_disk() (git-fixes).
- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).
- block: change rq_integrity_vec to respect the iterator (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- block: ensure we hold a queue reference when using queue limits (git-fixes).
- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).
- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).
- block: fix integer overflow in BLKSECDISCARD (git-fixes).
- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).
- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).
- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).
- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).
- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).
- block: retry call probe after request_module in blk_request_module (git-fixes).
- block: return unsigned int from bdev_io_min (git-fixes).
- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).
- block: support to account io_ticks precisely (git-fixes).
- block: use the right type for stub rq_integrity_vec() (git-fixes).
- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).
- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).
- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).
- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: fix potential error return (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).
- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).
- can: ctucanfd: handle skb allocation failure (git-fixes).
- can: etas_es58x: fix potential NULL pointer dereference on udev->serial (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).
- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).
- cifs: Remove intermediate object of failed create reparse call (git-fixes).
- cifs: commands that are retried should have replay flag set (bsc#1231432).
- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).
- cifs: helper function to check replayable error codes (bsc#1231432).
- cifs: new mount option called retrans (bsc#1231432).
- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).
- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).
- cifs: update desired access while requesting for directory lease (git-fixes).
- cifs: update the same create_guid on replay (git-fixes).
- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).
- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).
- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).
- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).
- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).
- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).
- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).
- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).
- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- config: Set gcc version (jsc#PED-12251).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).
- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)
Keep the feature disabled by default on x86_64
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).
- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).
- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).
- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).
- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).
- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).
- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).
- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).
- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).
- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).
- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).
- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).
- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).
- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).
- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init()
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (jsc#PED-12416).
- crypto: qat - Fix typo "accelaration" (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix "Full Going True" macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: Avoid removal of uninserted tid (git-fixes).
- cxgb4: use port number to set mac addr (git-fixes).
- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).
- dlm: fix srcu_read_lock() return type to int (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- doc/README.SUSE: Point to the updated version of LKMPG
- doc: update managed_irq documentation (bsc#1236897).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to
avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).
- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: only flush the validate MES contex (stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake "gettin" -> "getting" (git-fixes).
- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).
- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).
- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).
- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).
- drm/i915/selftests: avoid using uninitialized context (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).
- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).
- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).
- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)
- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).
- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).
- drm/msm: Avoid rounding up to one jiffy (git-fixes).
- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).
- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).
- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).
- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).
- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/virtio: New fence for every plane update (stable-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).
- efi: libstub: Use '-std=gnu11' to fix build with GCC 15 (stable-fixes).
- eth: gve: use appropriate helper to set xdp_features (git-fixes).
- exfat: convert to ctime accessor functions (git-fixes).
- exfat: do not zero the extended part (bsc#1237356).
- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).
- exfat: fix file being changed by unaligned direct write (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).
- exfat: fix zero the unwritten part for dio read (git-fixes).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- futex: Do not include process MM in futex key on no-MMU (git-fixes).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).
- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).
- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).
- gpio: pca953x: Improve interrupt support (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).
- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).
- gup: make the stack expansion warning a bit more targeted (bsc#1238214).
- hfs: Sanity check the root record (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- iavf: allow changing VLAN state without calling PF (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).
- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).
- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).
- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).
- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).
- ice: fix max values for dpll pin phase adjust (git-fixes).
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).
- ice: gather page_count()'s of each frag right before XDP prog call (git-fixes).
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).
- ice: put Rx buffers after being done with current frame (git-fixes).
- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).
- ice: use internal pf id instead of function number (git-fixes).
- idpf: add read memory barrier when checking descriptor done bit (git-fixes).
- idpf: call set_real_num_queues in idpf_open (bsc#1236661).
- idpf: convert workqueues to unbound (git-fixes).
- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).
- idpf: fix handling rsc packet with a single segment (git-fixes).
- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).
- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).
- igc: return early when failing to read EECD register (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kabi: fix bus type (bsc#1236896).
- kabi: fix group_cpus_evenly (bsc#1236897).
- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).
- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).
- kernel-binary: Support livepatch_rt with merged RT branch
- kernel-source: Also replace bin/env
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).
- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).
- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- lib: stackinit: hide never-taken branch from compiler (stable-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to
perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698
jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).
- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).
- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).
- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).
- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes).
- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/raid0: do not free conf on raid0_run failure (git-fixes).
- md/raid1: do not free conf on raid0_run failure (git-fixes).
- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).
- md: Do not flush sync_work in md_write_start() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).
- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).
- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: ov08x40: Fix hblank out of range issue (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).
- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).
- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: "__ALIGN_KERNEL" redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).
- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mptcp: export local_address (git-fixes)
- mptcp: fix NL PM announced address accounting (git-fixes)
- mptcp: fix data races on local_id (git-fixes)
- mptcp: fix inconsistent state on fastopen race (bsc#1222672).
- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)
- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)
- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)
- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)
- mptcp: pm: deny endp with signal + subflow + port (git-fixes)
- mptcp: pm: do not ignore 'subflow' if 'signal' flag is also set (git-fixes)
- mptcp: pm: do not try to create sf if alloc failed (git-fixes)
- mptcp: pm: fullmesh: select the right ID later (git-fixes)
- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)
- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)
- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)
- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)
- mptcp: pm: re-using ID of unused removed subflows (git-fixes)
- mptcp: pm: reduce indentation blocks (git-fixes)
- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)
- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)
- mptcp: unify pm get_local_id interfaces (git-fixes)
- mptcp: unify pm set_flags interfaces (git-fixes)
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).
- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).
- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).
- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).
- nbd: Fix signal handling (git-fixes).
- nbd: Improve the documentation of the locking assumptions (git-fixes).
- nbd: do not allow reconnect after disconnect (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net/mlx5: Correct TASR typo into TSAR (git-fixes).
- net/mlx5: Fix RDMA TX steering prio (git-fixes).
- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).
- net/mlx5: SF, Fix add port error handling (git-fixes).
- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).
- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).
- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).
- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).
- net: Fix undefined behavior in netdev name allocation (bsc#1233749).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: check for altname conflicts when changing netdev's netns (bsc#1233749).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- net: do not send a MOVE event when netdev changes netns (bsc#1233749).
- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: fix removing a namespace with conflicting altnames (bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (bsc#1236760).
- net: mana: Enable debugfs files for MANA device (bsc#1236758).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: move altnames together with the netdevice (bsc#1233749).
- net: netvsc: Update default VMBus channels (bsc#1236757).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).
- net: remove else after return in dev_prep_valid_name() (bsc#1233749).
- net: rose: lock the socket in rose_bind() (git-fixes).
- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).
- net: smc: fix spurious error message from __sock_release() (bsc#1237126).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).
- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).
- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).
- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).
- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).
- null_blk: fix validation of block size (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- padata: Clean up in padata_do_multithreaded() (bsc#1237563).
- padata: Honor the caller's alignment in case of chunk_size 0 (bsc#1237563).
- padata: fix sysfs store callback check (git-fixes).
- partitions: ldm: remove the initial kernel-doc notation (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).
- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).
- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: ISST: Ignore minor version change (bsc#1237452).
- platform/x86: acer-wmi: Ignore AC events (stable-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: int3472: Check for adev == NULL (stable-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: da9150-fg: fix potential overflow (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).
- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).
- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).
- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid
mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).
- powerpc: Stop using no_llseek (bsc#1239573).
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).
- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).
- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).
- rbd: do not move requests to the running list on errors (git-fixes).
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).
- regmap-irq: Add missing kfree() (git-fixes).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/cio: Fix CHPID "configure" attribute caching (git-fixes bsc#1240979).
- s390/cio: rename bitmap_size() -> idset_bitmap_size() (git-fixes bsc#1236205).
- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).
- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).
- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- s390/pci: Ignore RID for isolated VFs (bsc#1236752).
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).
- s390/pci: Use topology ID for multi-function devices (bsc#1236752).
- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/topology: Improve topology detection (bsc#1236591).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).
- scsi: core: Clear driver private data when retrying request (git-fixes).
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- scsi: core: Handle depopulation and restoration in progress (git-fixes).
- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).
- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).
- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).
- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).
- scsi: myrb: Remove dead code (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).
- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- scsi: sg: Enable runtime power management (git-fixes).
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).
- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).
- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).
- scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftest: hugetlb_dio: fix test naming (git-fixes).
- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).
- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).
- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: connect: -f: no reconnect (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250: Fix fifo underflow on flush (git-fixes).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb3: fix creating FIFOs when mounting with "sfu" mount option (git-fixes).
- smb3: request handle caching when caching directories (bsc#1231432).
- smb3: retrying on failed server close (bsc#1231432).
- smb: cached directories can be more than root file handle (bsc#1231432).
- smb: cilent: set reparse mount points as automounts (git-fixes).
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).
- smb: client: Fix minor whitespace errors and warnings (git-fixes).
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).
- smb: client: add support for WSL reparse points (git-fixes).
- smb: client: allow creating special files via reparse points (git-fixes).
- smb: client: allow creating symlinks via reparse points (git-fixes).
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: do not query reparse points twice on symlinks (git-fixes).
- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).
- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).
- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).
- smb: client: fix hardlinking of reparse points (git-fixes).
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- smb: client: fix possible double free in smb2_set_ea() (git-fixes).
- smb: client: fix potential broken compound request (git-fixes).
- smb: client: fix renaming of reparse points (git-fixes).
- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).
- smb: client: handle path separator of created SMB symlinks (git-fixes).
- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).
- smb: client: ignore unhandled reparse tags (git-fixes).
- smb: client: implement ->query_reparse_point() for SMB1 (git-fixes).
- smb: client: instantiate when creating SFU files (git-fixes).
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- smb: client: introduce reparse mount option (git-fixes).
- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).
- smb: client: move most of reparse point handling code to common file (git-fixes).
- smb: client: move some params to cifs_open_info_data (bsc#1231432).
- smb: client: optimise reparse point querying (git-fixes).
- smb: client: parse owner/group when creating reparse points (git-fixes).
- smb: client: parse reparse point flag in create response (bsc#1231432).
- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).
- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).
- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).
- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- smb: client: retry compound request without reusing lease (git-fixes).
- smb: client: return reparse type in /proc/mounts (git-fixes).
- smb: client: reuse file lease key in compound operations (git-fixes).
- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).
- smb: client: set correct file type from NFS reparse points (git-fixes).
- smb: client: stop revalidating reparse points unnecessarily (git-fixes).
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).
- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).
- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).
- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: sn-f-ospi: Fix division by zero (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: fix annoying "mkdir -p ..." logs when building tools in parallel (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- tty: xilinx_uartps: split sysrq handling (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: fix error code for unsupported command (git-fixes).
- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).
- ublk: move ublk_cancel_dev() out of ub->mutex (git-fixes).
- ublk: move zone report data out of request pdu (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).
- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).
- usb: chipidea: ci_hdrc_imx: decrement device's refcount in .remove() and in the error path of .probe() (git-fixes).
- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).
- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).
- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).
- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).
- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: roles: set switch registered flag early on (git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).
- usbnet: ipheth: document scope of NCM implementation (stable-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- util_macros.h: fix/rework find_closest() macros (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vfio/pci: Lock external INTx masking ops (bsc#1222803).
- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).
- virtio-mem: check if the config changed before fake offlining memory (git-fixes).
- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).
- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).
- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).
- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).
- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).
- virtio: hookup irq_get_affinity callback (bsc#1236896).
- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).
- vsock/virtio: cancel close work in the destructor (git-fixes)
- vsock: Keep the binding until socket destruction (git-fixes)
- vsock: reset socket state when de-assigning the transport (git-fixes)
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).
- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).
- wifi: iwlwifi: avoid memory leak (stable-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).
- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).
- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).
- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/asm: Make serialize() always_inline (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).
- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle "nosmt" correctly (git-fixes).
- x86/microcode: Handle "offline" CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).
- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).
- xen/swiotlb: relax alignment requirements (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- zram: fix potential UAF of zram table (git-fixes).
- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).
- zram: refuse to use zero sized block device as backing device (git-fixes).
- zram: split memory-tracking and ac-time tracking (git-fixes).
Patchnames
SUSE-SLE-Micro-6.0-kernel-14
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-26708: mptcp: fix inconsistent state on fastopen race (bsc#1222672).\n- CVE-2024-27415: netfilter: br_netfilter: skip conntrack input hook for promisc packets (bsc#1224757).\n- CVE-2024-35910: kABI fix for tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-40980: drop_monitor: replace spin_lock by raw_spin_lock (bsc#1227937).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-44974: mptcp: pm: avoid possible UaF when selecting endp (bsc#1230235).\n- CVE-2024-45009: mptcp: pm: only decrement add_addr_accepted for MPJ req (bsc#1230438).\n- CVE-2024-45010: mptcp: pm: only mark \u0027subflow\u0027 endp as available (bsc#1230439).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-46858: mptcp: pm: Fix uaf in __timer_delete_sync (bsc#1231088).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-49940: l2tp: prevent possible tunnel refcount underflow (bsc#1232812).\n- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).\n- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).\n- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50085: mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow (bsc#1232508).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-50142: xfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset (bsc#1233028).\n- CVE-2024-50185: kABI fix for mptcp: handle consistently DSS corruption (bsc#1233109).\n- CVE-2024-50251: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() (bsc#1233248).\n- CVE-2024-50258: net: fix crash when config small gso_max_size/gso_ipv4_max_size (bsc#1233221).\n- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).\n- CVE-2024-50304: ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (bsc#1233522).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53123: mptcp: error out earlier on disconnect (bsc#1234070).\n- CVE-2024-53124: net: fix data-races around sk-\u003esk_forward_alloc (bsc#1234074).\n- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53147: exfat: fix out-of-bounds access of directory entries (bsc#1234857).\n- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).\n- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).\n- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56592: bpf: Call free_htab_elem() after htab_unlock_bucket() (bsc#1235244).\n- CVE-2024-56633: selftests/bpf: Add apply_bytes test to test_txmsg_redir_wait_sndmem in test_sockmap (bsc#1235485).\n- CVE-2024-56638: kABI fix for \"netfilter: nft_inner: incorrect percpu area handling under softirq\" (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56647: net: Fix icmp host relookup triggering ip_rt_bug (bsc#1235435).\n- CVE-2024-56658: net: defer final \u0027struct net\u0027 free in netns dismantle (bsc#1235441).\n- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56720: bpf, sockmap: Several fixes to bpf_msg_pop_data (bsc#1235592).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57882: mptcp: fix TCP options overflow. (bsc#1235914).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).\n- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).\n- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21636: sctp: sysctl: plpmtud_probe_interval: avoid using current-\u003ensproxy (bsc#1236113).\n- CVE-2025-21637: sctp: sysctl: udp_port: avoid using current-\u003ensproxy (bsc#1236114).\n- CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current-\u003ensproxy (bsc#1236115).\n- CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current-\u003ensproxy (bsc#1236122).\n- CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy (bsc#1236123).\n- CVE-2025-21647: sched: sch_cake: add bounds checks to host bulk flow fairness counts (bsc#1236133).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21665: filemap: avoid truncating 64-bit offset to 32 bits (bsc#1236684).\n- CVE-2025-21666: vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (bsc#1236680).\n- CVE-2025-21667: iomap: avoid avoid truncating 64-bit offset to 32 bits (bsc#1236681).\n- CVE-2025-21668: pmdomain: imx8mp-blk-ctrl: add missing loop break condition (bsc#1236682).\n- CVE-2025-21669: vsock/virtio: discard packets if the transport changes (bsc#1236683).\n- CVE-2025-21670: vsock/bpf: return early if transport is not assigned (bsc#1236685).\n- CVE-2025-21673: smb: client: fix double free of TCP_Server_Info::hostname (bsc#1236689).\n- CVE-2025-21675: net/mlx5: Clear port select structure when fail to create (bsc#1236694).\n- CVE-2025-21678: gtp: Destroy device along with udp socket\u0027s netns dismantle (bsc#1236698).\n- CVE-2025-21680: pktgen: Avoid out-of-bounds access in get_imix_entries (bsc#1236700).\n- CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier (bsc#1236702).\n- CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls (bsc#1237045).\n- CVE-2025-21692: net: sched: fix ets qdisc OOB Indexing (bsc#1237028).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21700: net: sched: Disallow replacing of child qdisc from one parent to another (bsc#1237159).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).\n- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).\n- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).\n- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).\n- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).\n- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).\n- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).\n- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).\n- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).\n- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).\n- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).\n- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).\n- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).\n- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).\n- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).\n- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).\n- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).\n- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).\n- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).\n- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).\n- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).\n- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).\n- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).\n- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).\n- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed\n if hclge_ptp_get_cycle returns an error (bsc#1240720).\n- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level \u003e 2 (bsc#1240742).\n- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).\n- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).\n- CVE-2025-21969: Bluetooth: L2CAP: Fix build errors in some archs (bsc#1240784).\n- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).\n- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).\n- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).\n- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).\n- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).\n- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).\n- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).\n\nThe following non-security bugs were fixed:\n\n- ACPI: PRM: Remove unnecessary strict handler address checks (git-fixes).\n- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- ACPI: property: Fix return value for nval == 0 in acpi_data_prop_read() (git-fixes).\n- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).\n- ACPI: x86: Add skip i2c clients quirk for Vexia EDU ATLA 10 tablet 5V (stable-fixes).\n- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).\n- ALSA: hda/cirrus: Correct the full scale volume set logic (git-fixes).\n- ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (stable-fixes).\n- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).\n- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).\n- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).\n- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).\n- ALSA: hda/realtek: Fixup ALC225 depop procedure (git-fixes).\n- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).\n- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).\n- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).\n- ALSA: hda: Add error check for snd_ctl_rename_id() in snd_hda_create_dig_out_ctls() (git-fixes).\n- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).\n- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).\n- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).\n- ALSA: seq: Drop UMP events when no UMP-conversion is set (git-fixes).\n- ALSA: seq: Make dependency on UMP clearer (git-fixes).\n- ALSA: seq: remove redundant \u0027tristate\u0027 for SND_SEQ_UMP_CLIENT (stable-fixes).\n- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).\n- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).\n- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).\n- APEI: GHES: Have GHES honor the panic= setting (stable-fixes).\n- ASoC: Intel: avs: Abstract IPC handling (stable-fixes).\n- ASoC: Intel: avs: Do not readq() u32 registers (git-fixes).\n- ASoC: Intel: avs: Prefix SKL/APL-specific members (stable-fixes).\n- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (stable-fixes).\n- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- ASoC: SOF: pcm: Clear the susbstream pointer to NULL on close (git-fixes).\n- ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() (git-fixes).\n- ASoC: amd: Add ACPI dependency to fix build error (stable-fixes).\n- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).\n- ASoC: es8328: fix route from DAC to output (git-fixes).\n- ASoC: fsl_micfil: Enable default case in micfil_set_quality() (git-fixes).\n- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).\n- ASoC: ops: Consistently treat platform_max as control value (git-fixes).\n- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).\n- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).\n- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).\n- ASoC: rockchip: i2s-tdm: fix shift config for SND_SOC_DAIFMT_DSP_[AB] (git-fixes).\n- ASoC: rt722-sdca: add missing readable registers (git-fixes).\n- ASoC: tas2764: Fix power control mask (stable-fixes).\n- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- ASoC: tas2770: Fix volume scale (stable-fixes).\n- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).\n- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).\n- Bluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync (stable-fixes).\n- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- Documentation: qat: fix auto_reset attribute details (git-fixes).\n- Documentation: qat: fix auto_reset section (git-fixes).\n- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- Fix memory-hotplug regression (bsc#1237504)\n- Grab mm lock before grabbing pt lock (git-fixes).\n- HID: Enable playstation driver independently of sony driver (git-fixes).\n- HID: Wacom: Add PCI Wacom device support (stable-fixes).\n- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).\n- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).\n- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).\n- HID: hid-steam: Add Deck IMU support (stable-fixes).\n- HID: hid-steam: Add gamepad-only mode switched to by holding options (stable-fixes).\n- HID: hid-steam: Avoid overwriting smoothing parameter (stable-fixes).\n- HID: hid-steam: Clean up locking (stable-fixes).\n- HID: hid-steam: Disable watchdog instead of using a heartbeat (stable-fixes).\n- HID: hid-steam: Do not use cancel_delayed_work_sync in IRQ context (git-fixes).\n- HID: hid-steam: Fix cleanup in probe() (git-fixes).\n- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).\n- HID: hid-steam: Make sure rumble work is canceled on removal (stable-fixes).\n- HID: hid-steam: Move hidraw input (un)registering to work (git-fixes).\n- HID: hid-steam: Update list of identifiers from SDL (stable-fixes).\n- HID: hid-steam: remove pointless error message (stable-fixes).\n- HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() (git-fixes).\n- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).\n- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).\n- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).\n- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- HID: multitouch: Add NULL check in mt_input_configured (git-fixes).\n- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- IB/mad: Check available slots before posting receive WRs (git-fixes)\n- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)\n- Input: ads7846 - fix gpiod allocation (git-fixes).\n- Input: allocate keycode for phone linking (stable-fixes).\n- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- Input: iqs7222 - preserve system status register (git-fixes).\n- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).\n- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).\n- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- Input: xpad - add multiple supported devices (stable-fixes).\n- Input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- Input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- KVM: VMX: Allow toggling bits in MSR_IA32_RTIT_CTL when enable bit is cleared (git-fixes).\n- KVM: VMX: Fix comment of handle_vmx_instruction() (git-fixes).\n- KVM: VMX: reset the segment cache after segment init in vmx_vcpu_reset() (jsc#PED-348 git-fixes).\n- KVM: arm64: Do not eagerly teardown the vgic on init error (git-fixes).\n- KVM: arm64: Ensure vgic_ready() is ordered against MMIO registration (git-fixes).\n- KVM: arm64: Fix alignment of kvm_hyp_memcache allocations (git-fixes).\n- KVM: arm64: Flush hyp bss section after initialization of variables in bss (git-fixes).\n- KVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state (git-fixes)\n- KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (git-fixes).\n- KVM: nSVM: Enter guest mode before initializing nested NPT MMU (git-fixes).\n- KVM: nVMX: Treat vpid01 as current if L2 is active, but with VPID disabled (jsc#PED-348 git-fixes).\n- KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (git-fixes bsc#1237155).\n- KVM: x86/mmu: Skip the \"try unsync\" path iff the old SPTE was a leaf SPTE (git-fixes).\n- KVM: x86: AMD\u0027s IBPB is not equivalent to Intel\u0027s IBPB (git-fixes).\n- KVM: x86: Account for KVM-reserved CR4 bits when passing through CR4 on VMX (git-fixes).\n- KVM: x86: Advertise SRSO_USER_KERNEL_NO to userspace (git-fixes).\n- KVM: x86: Avoid double RDPKRU when loading host/guest PKRU (git-fixes).\n- KVM: x86: Cache CPUID.0xD XSTATE offsets+sizes during module init (git-fixes).\n- KVM: x86: Fix a comment inside __kvm_set_or_clear_apicv_inhibit() (git-fixes).\n- KVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel (git-fixes).\n- KVM: x86: Unconditionally set irr_pending when updating APICv state (jsc#PED-348).\n- KVM: x86: Zero out PV features cache when the CPUID leaf is not present (git-fixes).\n- Move upstreamed ACPI patch into sorted section\n- Move upstreamed PCI and initramfs patches into sorted section\n- Move upstreamed nfsd and sunrpc patches into sorted section\n- Move upstreamed powerpc and SCSI patches into sorted section\n- PCI/ACS: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).\n- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)\n- PCI/DOE: Support discovery version 2 (bsc#1237853)\n- PCI/DPC: Quirk PIO log size for Intel Raptor Lake-P (stable-fixes).\n- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- PCI: Avoid reset when disabled via sysfs (git-fixes).\n- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).\n- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).\n- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- PCI: Use downstream bridges for distributing resources (bsc#1237325).\n- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- PCI: brcmstb: Use internal register to change link capability (git-fixes).\n- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).\n- PCI: hookup irq_get_affinity callback (bsc#1236896).\n- PCI: imx6: Simplify clock handling by using clk_bulk*() function (git-fixes).\n- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- PCI: switchtec: Add Microchip PCI100X device IDs (stable-fixes).\n- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- PM: sleep: Adjust check before setting power.must_resume (git-fixes).\n- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).\n- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)\n- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)\n- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- RDMA/efa: Reset device on probe failure (git-fixes)\n- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)\n- RDMA/hns: Fix missing xa_destroy() (git-fixes)\n- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)\n- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)\n- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).\n- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- RDMA/mlx5: Fix AH static rate parsing (git-fixes)\n- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)\n- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)\n- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)\n- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)\n- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)\n- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)\n- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)\n- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- RDMA/rxe: Improve newline in printing messages (git-fixes)\n- Reapply \"wifi: ath11k: restore country code during resume\" (bsc#1207948).\n- Revert \"blk-throttle: Fix IO hang for a corner case\" (git-fixes).\n- Revert \"dm: requeue IO if mapping table not yet available\" (git-fixes).\n- Revert \"drivers/card_reader/rtsx_usb: Restore interrupt based detection\" (git-fixes).\n- Revert \"drm/amd/display: Use HW lock mgr for PSR1\" (stable-fixes).\n- Revert \"leds-pca955x: Remove the unused function pca95xx_num_led_regs()\" (stable-fixes).\n- Revert \"wifi: ath11k: restore country code during resume\" (bsc#1207948).\n- Revert \"wifi: ath11k: support hibernation\" (bsc#1207948).\n- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).\n- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).\n- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).\n- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (stable-fixes).\n- USB: Fix the issue of task recovery failure caused by USB status when S4 wakes up (git-fixes).\n- USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (git-fixes).\n- USB: gadget: f_midi: f_midi_complete to call queue_work (git-fixes).\n- USB: hub: Ignore non-compliant devices with too many configs or interfaces (stable-fixes).\n- USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (stable-fixes).\n- USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (stable-fixes).\n- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM828 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- USB: serial: option: add Telit Cinterion FN990B compositions (stable-fixes).\n- USB: serial: option: drop MeiG Smart defines (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FN990A name (stable-fixes).\n- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- Update \"drm/mgag200: Added support for the new device G200eH5\" (jsc#PED-12094)\n- Use gcc-13 for build on SLE16 (jsc#PED-10028).\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acct: block access to kernel internal filesystems (git-fixes).\n- acct: perform last write from workqueue (git-fixes).\n- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).\n- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).\n- af_unix: Annotate data-race of sk-\u003esk_state in unix_stream_read_skb() (bsc#1239435).\n- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- affs: do not write overlarge OFS data block size fields (git-fixes).\n- affs: generate OFS sequence numbers starting at 1 (git-fixes).\n- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).\n- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)\n- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)\n- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)\n- arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes)\n- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)\n- arm64: Handle .ARM.attributes section in linker scripts (git-fixes)\n- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)\n- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)\n- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)\n- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)\n- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (git-fixes)\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)\n- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)\n- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)\n- arm64: mm: Correct the update of max_pfn (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata-sff: Ensure that we cannot write outside the allocated buffer (stable-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- batman-adv: Drop unmanaged ELP metric worker (git-fixes).\n- batman-adv: Ignore neighbor throughput metrics in error case (stable-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- batman-adv: fix panic during interface removal (git-fixes).\n- bio-integrity: do not restrict the size of integrity metadata (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- blk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage (bsc#1237558).\n- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).\n- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (git-fixes).\n- blk-mq: Make blk_mq_quiesce_tagset() hold the tag list mutex less long (git-fixes).\n- blk-mq: add number of queue calc helper (bsc#1236897).\n- blk-mq: create correct map for fallback case (bsc#1236896).\n- blk-mq: do not count completed flush data request as inflight in case of quiesce (git-fixes).\n- blk-mq: introduce blk_mq_map_hw_queues (bsc#1236896).\n- blk-mq: issue warning when offlining hctx with online isolcpus (bsc#1236897).\n- blk-mq: move cpuhp callback registering out of q-\u003esysfs_lock (git-fixes).\n- blk-mq: register cpuhp callback after hctx is added to xarray table (git-fixes).\n- blk-mq: use hk cpus only when isolcpus=managed_irq is enabled (bsc#1236897).\n- blk_iocost: remove some duplicate irq disable/enables (git-fixes).\n- block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() (git-fixes).\n- block: Clear zone limits for a non-zoned stacked queue (git-fixes).\n- block: Fix elevator_get_default() checking for NULL q-\u003etag_set (git-fixes).\n- block: Fix lockdep warning in blk_mq_mark_tag_wait (git-fixes).\n- block: Fix page refcounts for unaligned buffers in __bio_release_pages() (git-fixes).\n- block: Provide bdev_open_* functions (git-fixes).\n- block: Remove special-casing of compound pages (git-fixes).\n- block: Set memalloc_noio to false on device_add_disk() error path (git-fixes).\n- block: add a disk_has_partscan helper (git-fixes).\n- block: add a partscan sysfs attribute for disks (git-fixes).\n- block: add check of \u0027minors\u0027 and \u0027first_minor\u0027 in device_add_disk() (git-fixes).\n- block: avoid to reuse `hctx` not removed from cpuhp callback list (git-fixes).\n- block: change rq_integrity_vec to respect the iterator (git-fixes).\n- block: cleanup and fix batch completion adding conditions (git-fixes).\n- block: copy back bounce buffer to user-space correctly in case of split (git-fixes).\n- block: do not revert iter for -EIOCBQUEUED (git-fixes).\n- block: ensure we hold a queue reference when using queue limits (git-fixes).\n- block: fix and simplify blkdevparts= cmdline parsing (git-fixes).\n- block: fix bio_split_rw_at to take zone_write_granularity into account (git-fixes).\n- block: fix integer overflow in BLKSECDISCARD (git-fixes).\n- block: fix missing dispatching request when queue is started or unquiesced (git-fixes).\n- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (git-fixes).\n- block: fix ordering between checking QUEUE_FLAG_QUIESCED request adding (git-fixes).\n- block: fix sanity checks in blk_rq_map_user_bvec (git-fixes).\n- block: propagate partition scanning errors to the BLKRRPART ioctl (git-fixes).\n- block: remove the blk_flush_integrity call in blk_integrity_unregister (git-fixes).\n- block: retry call probe after request_module in blk_request_module (git-fixes).\n- block: return unsigned int from bdev_io_min (git-fixes).\n- block: sed-opal: avoid possible wrong address reference in read_sed_opal_key() (git-fixes).\n- block: support to account io_ticks precisely (git-fixes).\n- block: use the right type for stub rq_integrity_vec() (git-fixes).\n- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).\n- bnxt_en: Fix possible memory leak when hwrm_req_replace fails (git-fixes).\n- bnxt_en: Refactor bnxt_ptp_init() (git-fixes).\n- bnxt_en: Unregister PTP during PCI shutdown and suspend (git-fixes).\n- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).\n- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).\n- bpf: Fix a verifier verbose message (git-fixes).\n- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).\n- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).\n- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).\n- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).\n- bpf: fix potential error return (git-fixes).\n- bpf: prevent r10 register from being marked as precise (git-fixes).\n- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: fix defrag not merging contiguous extents due to merged extent maps (bsc#1237232).\n- btrfs: fix extent map merging not happening for adjacent extents (bsc#1237232).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).\n- can: c_can: fix unbalanced runtime PM disable in error path (git-fixes).\n- can: ctucanfd: handle skb allocation failure (git-fixes).\n- can: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdx: Fix possible UAF error in driver_override_show() (git-fixes).\n- char: misc: deallocate static minor in error path (git-fixes).\n- chelsio/chtls: prevent potential integer overflow on 32bit (git-fixes).\n- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).\n- cifs: Remove intermediate object of failed create reparse call (git-fixes).\n- cifs: commands that are retried should have replay flag set (bsc#1231432).\n- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).\n- cifs: helper function to check replayable error codes (bsc#1231432).\n- cifs: new mount option called retrans (bsc#1231432).\n- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).\n- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).\n- cifs: update desired access while requesting for directory lease (git-fixes).\n- cifs: update the same create_guid on replay (git-fixes).\n- clk: mediatek: mt2701-aud: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: mediatek: mt2701-bdp: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-img: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-mm: add missing dummy clk (git-fixes).\n- clk: mediatek: mt2701-vdec: fix conversion to mtk_clk_simple_probe (git-fixes).\n- clk: qcom: clk-alpha-pll: fix alpha mode configuration (git-fixes).\n- clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (git-fixes).\n- clk: qcom: dispcc-sm6350: Add missing parent_map for a clock (git-fixes).\n- clk: qcom: gcc-mdm9607: Fix cmd_rcgr offset for blsp1_uart6 rcg (git-fixes).\n- clk: qcom: gcc-sm6350: Add missing parent_map for two clocks (git-fixes).\n- clk: qcom: gcc-sm8550: Do not turn off PCIe GDSCs during gdsc_disable() (git-fixes).\n- clk: sunxi-ng: a100: enable MMC clock reparenting (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- config: Set gcc version (jsc#PED-12251).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- counter: fix privdata alignment (git-fixes).\n- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).\n- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).\n- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)\n- cpu/hotplug: Do not offline the last non-isolated CPU (bsc#1237562).\n- cpu/hotplug: Prevent self deadlock on CPU hot-unplug (bsc#1237562).\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)\n- cpufreq/cppc: Move and rename (bsc#1237856)\n- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)\n- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)\n- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)\n Keep the feature disabled by default on x86_64\n- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)\n- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)\n- cpufreq: imx6q: Do not disable 792 Mhz OPP unnecessarily (git-fixes).\n- cpufreq: imx6q: do not warn for disabling a non-existing frequency (git-fixes).\n- cpufreq: mediatek-hw: Do not error out if supply is not found (git-fixes).\n- cpufreq: mediatek-hw: Wait for CPU supplies before probing (git-fixes).\n- cpufreq: qcom-nvmem: Enable virtual power domain devices (git-fixes).\n- cpufreq: qcom-nvmem: Simplify driver data allocation (stable-fixes).\n- cpufreq: qcom-nvmem: add support for IPQ8064 (git-fixes).\n- cpufreq: qcom-nvmem: drop pvs_ver for format a fuses (git-fixes).\n- cpufreq: qcom-nvmem: fix memory leaks in probe error paths (git-fixes).\n- cpufreq: qcom-nvmem: use SoC ID-s from bindings (git-fixes).\n- cpufreq: qcom-nvmem: use helper to get SMEM SoC ID (git-fixes).\n- cpufreq: qcom: Fix qcom_cpufreq_hw_recalc_rate() to query LUT if LMh IRQ is not available (git-fixes).\n- cpufreq: qcom: Implement clk_ops::determine_rate() for qcom_cpufreq* clocks (git-fixes).\n- cpufreq: s3c64xx: Fix compilation warning (stable-fixes).\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead icv error (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead invalid authsize (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: hisilicon/sec2 - optimize the error return process (stable-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init()\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \"Invalide\" -\u003e \"Invalid\" (jsc#PED-12416).\n- crypto: qat - Fix typo \"accelaration\" (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \"Full Going True\" macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- cxgb4: Avoid removal of uninserted tid (git-fixes).\n- cxgb4: use port number to set mac addr (git-fixes).\n- devlink: avoid potential loop in devlink_rel_nested_in_notify_work() (bsc#1237234).\n- dlm: fix srcu_read_lock() return type to int (git-fixes).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).\n- dm: Fix typo in error message (git-fixes).\n- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).\n- doc/README.SUSE: Point to the updated version of LKMPG\n- doc: update managed_irq documentation (bsc#1236897).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- driver core: bus: add irq_get_affinity callback to bus_type (bsc#1236896).\n- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).\n- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Fix HPD after gpu reset (stable-fixes).\n- drm/amd/display: Fix Mode Cutoff in DSC Passthrough to DP2.1 Monitor (stable-fixes).\n- drm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params (git-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/pm/smu11: Prevent division by zero (git-fixes).\n- drm/amd/pm: Mark MM activity as unsupported (stable-fixes).\n- drm/amd/pm: Prevent division by zero (git-fixes).\n- drm/amd: Keep display off while going into S4 (stable-fixes).\n- drm/amdgpu/dma_buf: fix page_link check (git-fixes).\n- drm/amdgpu/gfx11: fix num_mec (git-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to\n avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() (stable-fixes).\n- drm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode() (git-fixes).\n- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).\n- drm/amdgpu: fix UVD contiguous CS mapping problem (bsc#1236759).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/amdkfd: only flush the validate MES contex (stable-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \"gettin\" -\u003e \"getting\" (git-fixes).\n- drm/bridge: it6505: Change definition MAX_HDCP_DOWN_STREAM_COUNT (stable-fixes).\n- drm/bridge: it6505: fix HDCP Bstatus check (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS KSV list wait timer (stable-fixes).\n- drm/bridge: it6505: fix HDCP CTS compare V matching (stable-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: it6505: fix HDCP encryption when R0 ready (stable-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).\n- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).\n- drm/i915/dp: Iterate DSC BPP from high to low on all platforms (git-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/guc: Debug print LRC state entries only if the context is pinned (git-fixes).\n- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).\n- drm/i915/pmu: Fix zero delta busyness issue (git-fixes).\n- drm/i915/selftests: avoid using uninitialized context (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/i915: Drop 64bpp YUV formats from ICL+ SDR planes (stable-fixes).\n- drm/i915: Fix page cleanup on DMA remap failure (git-fixes).\n- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).\n- drm/komeda: Add check for komeda_get_layer_fourcc_list() (git-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/mgag200: Added support for the new device G200eH5 (jsc#PED-12094)\n- drm/modeset: Handle tiled displays in pan_display_atomic (stable-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: Disable dither in phys encoder cleanup (git-fixes).\n- drm/msm/dpu: Do not leak bits_per_component into random DSC_ENC fields (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).\n- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).\n- drm/msm: Avoid rounding up to one jiffy (git-fixes).\n- drm/nouveau/pmu: Fix gp10b firmware guard (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/rockchip: move output interface related definition to rockchip_drm_drv.h (stable-fixes).\n- drm/rockchip: vop2: Fix the windows switch between different layers (git-fixes).\n- drm/rockchip: vop2: Set YUV/RGB overlay mode (stable-fixes).\n- drm/rockchip: vop2: include rockchip_drm_drv.h (git-fixes).\n- drm/rockchip: vop2: set bg dly and prescan dly at vop2_post_config (stable-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/sched: Fix preprocessor guard (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/sti: remove duplicate object names (git-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/virtio: New fence for every plane update (stable-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- efi: Avoid cold plugged memory for placing the kernel (stable-fixes).\n- efi: libstub: Use \u0027-std=gnu11\u0027 to fix build with GCC 15 (stable-fixes).\n- eth: gve: use appropriate helper to set xdp_features (git-fixes).\n- exfat: convert to ctime accessor functions (git-fixes).\n- exfat: do not zero the extended part (bsc#1237356).\n- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).\n- exfat: fix file being changed by unaligned direct write (git-fixes).\n- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).\n- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).\n- exfat: fix zero the unwritten part for dio read (git-fixes).\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: omap: use threaded IRQ for LCD DMA (stable-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).\n- firmware: cs_dsp: Remove async regmap writes (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- futex: Do not include process MM in futex key on no-MMU (git-fixes).\n- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).\n- gpio: bcm-kona: Add missing newline to dev_err format string (git-fixes).\n- gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (git-fixes).\n- gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (git-fixes).\n- gpio: pca953x: Improve interrupt support (git-fixes).\n- gpio: rcar: Fix missing of_node_put() call (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (git-fixes).\n- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).\n- gpiolib: acpi: Add a quirk for Acer Nitro ANV14 (stable-fixes).\n- gpu: drm_dp_cec: fix broken CEC adapter properties check (git-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp() (git-fixes).\n- gup: make the stack expansion warning a bit more targeted (bsc#1238214).\n- hfs: Sanity check the root record (git-fixes).\n- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).\n- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).\n- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).\n- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).\n- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).\n- i2c: Force ELAN06FA touchpad I2C bus freq to 100KHz (stable-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: ls2x: Fix frequency division register access (git-fixes).\n- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- iavf: allow changing VLAN state without calling PF (git-fixes).\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- ice: Skip PTP HW writes during PTP reset procedure (git-fixes).\n- ice: add ice_adapter for shared data across PFs on the same NIC (bsc#1237415).\n- ice: avoid the PTP hardware semaphore in gettimex64 path (bsc#1237415).\n- ice: check ICE_VSI_DOWN under rtnl_lock when preparing for reset (git-fixes).\n- ice: fix incorrect PHY settings for 100 GB/s (git-fixes).\n- ice: fix max values for dpll pin phase adjust (git-fixes).\n- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (bsc#1237415).\n- ice: gather page_count()\u0027s of each frag right before XDP prog call (git-fixes).\n- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).\n- ice: put Rx buffers after being done with current frame (git-fixes).\n- ice: stop storing XDP verdict within ice_rx_buf (git-fixes).\n- ice: use internal pf id instead of function number (git-fixes).\n- idpf: add read memory barrier when checking descriptor done bit (git-fixes).\n- idpf: call set_real_num_queues in idpf_open (bsc#1236661).\n- idpf: convert workqueues to unbound (git-fixes).\n- idpf: fix VF dynamic interrupt ctl register initialization (git-fixes).\n- idpf: fix handling rsc packet with a single segment (git-fixes).\n- igc: Fix HW RX timestamp when passed by ZC XDP (git-fixes).\n- igc: Set buffer type for empty frames in igc_init_empty_frame (git-fixes).\n- igc: return early when failing to read EECD register (git-fixes).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).\n- iio: dac: ad3552r: clear reset status flag (git-fixes).\n- iio: filter: admv8818: Force initialization of SDO (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- init: add initramfs_internal.h (bsc#1232848).\n- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/arm-smmu-v3: Clean up more on probe failure (stable-fixes).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kabi: fix bus type (bsc#1236896).\n- kabi: fix group_cpus_evenly (bsc#1236897).\n- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).\n- kasan: do not call find_vm_area() in a PREEMPT_RT kernel (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kbuild: userprogs: fix bitsize and target detection on clang (git-fixes).\n- kernel-binary: Support livepatch_rt with merged RT branch\n- kernel-source: Also replace bin/env\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).\n- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).\n- l2tp: fix lockdep splat (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib/group_cpus: honor housekeeping config when grouping CPUs (bsc#1236897).\n- lib/group_cpus: let group_cpu_evenly return number initialized masks (bsc#1236897).\n- lib/iov_iter: fix import_iovec_ubuf iovec management (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).\n- lib: stackinit: hide never-taken branch from compiler (stable-fixes).\n- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__default_new() to\n perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698\n jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- lockdep: Fix upper limit for LOCKDEP_*_BITS configs (stable-fixes).\n- lockdep: fix deadlock issue between lockdep and rcu (git-fixes).\n- locking/lockdep: Avoid creating new name string literals in lockdep_set_subclass() (git-fixes).\n- locking/rwsem: Add __always_inline annotation to __down_write_common() and inlined callers (git-fixes).\n- loop: do not set QUEUE_FLAG_NOMERGES (git-fixes).\n- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).\n- md/md-bitmap: add \u0027sync_size\u0027 into struct md_bitmap_stats (git-fixes).\n- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).\n- md/md-cluster: fix spares warnings for __le64 (git-fixes).\n- md/raid0: do not free conf on raid0_run failure (git-fixes).\n- md/raid1: do not free conf on raid0_run failure (git-fixes).\n- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).\n- md: Do not flush sync_work in md_write_start() (git-fixes).\n- md: convert comma to semicolon (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: cxd2841er: fix 64-bit division on gcc-9 (stable-fixes).\n- media: dvb: mb86a16: check the return value of mb86a16_read() (git-fixes).\n- media: firewire: firedtv-avc.c: replace BUG with proper, error return (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: ov08x40: Fix hblank out of range issue (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: uvcvideo: Add Kurokesu C1 PRO camera (stable-fixes).\n- media: uvcvideo: Add new quirk definition for the Sonix Technology Co. 292a camera (stable-fixes).\n- media: uvcvideo: Implement dual stream quirk to fix loss of usb packets (stable-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread (stable-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- memblock tests: fix warning: \"__ALIGN_KERNEL\" redefined (git-fixes).\n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (stable-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- mm/compaction: fix UBSAN shift-out-of-bounds warning (git fixes (mm/compaction)).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: core: Respect quirk_max_rate for non-UHS SDIO card (stable-fixes).\n- mmc: mtk-sd: Fix register settings for hs400(es) mode (git-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-msm: Correctly set the load for the regulator (stable-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).\n- mptcp: export local_address (git-fixes)\n- mptcp: fix NL PM announced address accounting (git-fixes)\n- mptcp: fix data races on local_id (git-fixes)\n- mptcp: fix inconsistent state on fastopen race (bsc#1222672).\n- mptcp: fix recvbuffer adjust on sleeping rcvmsg (git-fixes)\n- mptcp: fully established after ADD_ADDR echo on MPJ (git-fixes)\n- mptcp: pass addr to mptcp_pm_alloc_anno_list (git-fixes)\n- mptcp: pm: check add_addr_accept_max before accepting new ADD_ADDR (git-fixes)\n- mptcp: pm: deny endp with signal + subflow + port (git-fixes)\n- mptcp: pm: do not ignore \u0027subflow\u0027 if \u0027signal\u0027 flag is also set (git-fixes)\n- mptcp: pm: do not try to create sf if alloc failed (git-fixes)\n- mptcp: pm: fullmesh: select the right ID later (git-fixes)\n- mptcp: pm: inc RmAddr MIB counter once per RM_ADDR ID (git-fixes)\n- mptcp: pm: only in-kernel cannot have entries with ID 0 (git-fixes)\n- mptcp: pm: re-using ID of unused flushed subflows (git-fixes)\n- mptcp: pm: re-using ID of unused removed ADD_ADDR (git-fixes)\n- mptcp: pm: re-using ID of unused removed subflows (git-fixes)\n- mptcp: pm: reduce indentation blocks (git-fixes)\n- mptcp: pm: remove mptcp_pm_remove_subflow (git-fixes)\n- mptcp: unify pm get_flags_and_ifindex_by_id (git-fixes)\n- mptcp: unify pm get_local_id interfaces (git-fixes)\n- mptcp: unify pm set_flags interfaces (git-fixes)\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: rawnand: Add status chack in r852_ready() (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- mtd: rawnand: cadence: fix error code in cadence_nand_init() (git-fixes).\n- mtd: rawnand: cadence: fix incorrect device in dma_unmap_single (git-fixes).\n- mtd: rawnand: cadence: fix unchecked dereference (git-fixes).\n- mtd: rawnand: cadence: use dma_map_resource for sdma address (git-fixes).\n- nbd: Fix signal handling (git-fixes).\n- nbd: Improve the documentation of the locking assumptions (git-fixes).\n- nbd: do not allow reconnect after disconnect (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- net l2tp: drop flow hash on forward (git-fixes).\n- net/mlx5: Correct TASR typo into TSAR (git-fixes).\n- net/mlx5: Fix RDMA TX steering prio (git-fixes).\n- net/mlx5: Fix msix vectors to respect platform limit (bsc#1225981).\n- net/mlx5: SF, Fix add port error handling (git-fixes).\n- net/mlx5: Verify support for scheduling element and TSAR type (git-fixes).\n- net/mlx5e: Always start IPsec sequence number from 1 (git-fixes).\n- net/mlx5e: Rely on reqid in IPsec tunnel mode (git-fixes).\n- net/mlx5e: macsec: Maintain TX SA from encoding_sa (git-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (bsc#1236994).\n- net: Fix undefined behavior in netdev name allocation (bsc#1233749).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: avoid UAF on deleted altname (bsc#1233749).\n- net: check for altname conflicts when changing netdev\u0027s netns (bsc#1233749).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).\n- net: do not send a MOVE event when netdev changes netns (bsc#1233749).\n- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).\n- net: fix ifname in netlink ntf during netns move (bsc#1233749).\n- net: fix removing a namespace with conflicting altnames (bsc#1233749).\n- net: free altname using an RCU callback (bsc#1233749).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Add get_link and get_link_ksettings in ethtool (bsc#1236761).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: Cleanup \"mana\" debugfs dir after cleanup of all children (bsc#1236760).\n- net: mana: Enable debugfs files for MANA device (bsc#1236758).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: move altnames together with the netdevice (bsc#1233749).\n- net: netvsc: Update default VMBus channels (bsc#1236757).\n- net: reduce indentation of __dev_alloc_name() (bsc#1233749).\n- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).\n- net: remove else after return in dev_prep_valid_name() (bsc#1233749).\n- net: rose: lock the socket in rose_bind() (git-fixes).\n- net: sfc: Correct key_len for efx_tc_ct_zone_ht_params (git-fixes).\n- net: smc: fix spurious error message from __sock_release() (bsc#1237126).\n- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).\n- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: iosm: Fix hibernation by re-binding the driver around it (stable-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).\n- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).\n- nfsd: clear acl_access/acl_default after releasing them (git-fixes).\n- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).\n- nouveau/svm: fix missing folio unlock + put after make_device_exclusive_range() (git-fixes).\n- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).\n- ntb: intel: Fix using link status DB\u0027s (git-fixes).\n- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).\n- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).\n- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).\n- ntb_perf: Fix printk format (git-fixes).\n- null_blk: Do not allow runt zone with zone capacity smaller then zone size (git-fixes).\n- null_blk: Fix missing mutex_destroy() at module removal (git-fixes).\n- null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (git-fixes).\n- null_blk: Print correct max open zones limit in null_init_zoned_dev() (git-fixes).\n- null_blk: Remove usage of the deprecated ida_simple_xx() API (git-fixes).\n- null_blk: do not cap max_hw_sectors to BLK_DEF_MAX_SECTORS (git-fixes).\n- null_blk: fix validation of block size (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).\n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-fc: use ctrl state getter (git-fixes).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).\n- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-pci: use block layer helpers to calculate num of queues (bsc#1236897).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme/ioctl: add missing space in err message (git-fixes).\n- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: make nvme_tls_attrs_group static (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvme: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- nvme: tcp: Fix compilation warning with W=1 (git-fixes).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet: Fix crash when a namespace is disabled (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).\n- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).\n- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: fix incorrect CPU endianness conversion causing mount failure (bsc#1236138).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- orangefs: fix a oob in orangefs_debug_write (git-fixes).\n- padata: Clean up in padata_do_multithreaded() (bsc#1237563).\n- padata: Honor the caller\u0027s alignment in case of chunk_size 0 (bsc#1237563).\n- padata: fix sysfs store callback check (git-fixes).\n- partitions: ldm: remove the initial kernel-doc notation (git-fixes).\n- partitions: mac: fix handling of bogus partition table (git-fixes).\n- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- perf tools: annotate asm_pure_loop.S (bsc#1239906).\n- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).\n- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).\n- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).\n- phy: tegra: xusb: reset VBUS \u0026 ID OVERRIDE (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: cy8c95x0: Respect IRQ trigger settings from firmware (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86/intel-uncore-freq: Ignore minor version change (bsc#1237452).\n- platform/x86/intel-uncore-freq: Increase minor number support (bsc#1237452).\n- platform/x86/intel/tpmi: Add defines to get version information (bsc#1237452).\n- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- platform/x86: ISST: Correct command storage data length (git-fixes).\n- platform/x86: ISST: Ignore minor version change (bsc#1237452).\n- platform/x86: acer-wmi: Ignore AC events (stable-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: int3472: Check for adev == NULL (stable-fixes).\n- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).\n- power: supply: da9150-fg: fix potential overflow (git-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).\n- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).\n- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).\n- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).\n- powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (bsc#1215199).\n- powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (bsc#1215199).\n- powerpc/code-patching: Disable KASAN report during patching via temporary mm (bsc#1215199).\n- powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (bsc#1215199).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: Split Dynamic DMA Window to be used in Hybrid\n mode (ltc#210895 bsc#1235933 ltc#210896 bsc#1235932).\n- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).\n- powerpc/trace: Add support for HAVE_FUNCTION_ARG_ACCESS_API (bsc#1236967 ltc#210988).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).\n- r8169: enable SG/TSO on selected chip versions per default (bsc#1235874).\n- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).\n- rapidio: fix an API misues when rio_add_net() fails (git-fixes).\n- rbd: do not assume RBD_LOCK_STATE_LOCKED for exclusive mappings (git-fixes).\n- rbd: do not assume rbd_is_lock_owner() for exclusive mappings (git-fixes).\n- rbd: do not move requests to the running list on errors (git-fixes).\n- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (git-fixes).\n- regmap-irq: Add missing kfree() (git-fixes).\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)\n- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).\n- s390/cio: Fix CHPID \"configure\" attribute caching (git-fixes bsc#1240979).\n- s390/cio: rename bitmap_size() -\u003e idset_bitmap_size() (git-fixes bsc#1236205).\n- s390/futex: Fix FUTEX_OP_ANDN implementation (git-fixes bsc#1237158).\n- s390/iucv: fix receive buffer virtual vs physical address confusion (git-fixes bsc#1236200).\n- s390/pci: Fix SR-IOV for PFs initially in standby (git-fixes bsc#1236752).\n- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).\n- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (bsc#1236752).\n- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).\n- s390/pci: Ignore RID for isolated VFs (bsc#1236752).\n- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).\n- s390/pci: Sort PCI functions prior to creating virtual busses (bsc#1236752).\n- s390/pci: Use topology ID for multi-function devices (bsc#1236752).\n- s390/smp,mcck: fix early IPI handling (git-fixes bsc#1236199).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/topology: Improve topology detection (bsc#1236591).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- s390/vfio-ap: Remove gmap_convert_to_secure() from vfio_ap_ops (git-fixes bsc#1236203).\n- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).\n- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)\n- scripts/gdb: fix aarch64 userspace detection in get_current_task (stable-fixes).\n- scsi: core: Clear driver private data when retrying request (git-fixes).\n- scsi: core: Do not retry I/Os during depopulation (git-fixes).\n- scsi: core: Handle depopulation and restoration in progress (git-fixes).\n- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).\n- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).\n- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).\n- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).\n- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).\n- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).\n- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).\n- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).\n- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).\n- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).\n- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).\n- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).\n- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).\n- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).\n- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).\n- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).\n- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).\n- scsi: myrb: Remove dead code (git-fixes).\n- scsi: qedi: Fix potential deadlock on \u0026qedi_percpu-\u003ep_work_lock (git-fixes).\n- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).\n- scsi: replace blk_mq_pci_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).\n- scsi: sg: Enable runtime power management (git-fixes).\n- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).\n- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).\n- scsi: storvsc: Set correct data length for sending SCSI command without payload (git-fixes).\n- scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).\n- selftest: hugetlb_dio: fix test naming (git-fixes).\n- selftest: mm: Test if hugepage does not get leaked during __bio_release_pages() (git-fixes).\n- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).\n- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).\n- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).\n- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).\n- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).\n- selftests/futex: pass _GNU_SOURCE without a value to the compiler (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/net/ipsec: Fix Null pointer dereference in rtattr_pack() (stable-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- selftests: gpio: gpio-sim: Fix missing chip disablements (stable-fixes).\n- selftests: hugetlb_dio: check for initial conditions to skip in the start (git-fixes).\n- selftests: hugetlb_dio: fixup check for initial conditions to skip in the start (git-fixes).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: connect: -f: no reconnect (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selftests: rtnetlink: update netdevsim ipsec output format (stable-fixes).\n- selinux: Implement mptcp_add_subflow hook (bsc#1240375).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- serial: 8250: Fix fifo underflow on flush (git-fixes).\n- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).\n- serial: sc16is7xx: use device_property APIs when configuring irda mode (stable-fixes).\n- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).\n- smb3: fix creating FIFOs when mounting with \"sfu\" mount option (git-fixes).\n- smb3: request handle caching when caching directories (bsc#1231432).\n- smb3: retrying on failed server close (bsc#1231432).\n- smb: cached directories can be more than root file handle (bsc#1231432).\n- smb: cilent: set reparse mount points as automounts (git-fixes).\n- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).\n- smb: client: Fix minor whitespace errors and warnings (git-fixes).\n- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).\n- smb: client: add support for WSL reparse points (git-fixes).\n- smb: client: allow creating special files via reparse points (git-fixes).\n- smb: client: allow creating symlinks via reparse points (git-fixes).\n- smb: client: cleanup smb2_query_reparse_point() (git-fixes).\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- smb: client: do not query reparse points twice on symlinks (git-fixes).\n- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).\n- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).\n- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).\n- smb: client: fix corruption in cifs_extend_writeback (bsc#1235609).\n- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).\n- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).\n- smb: client: fix hardlinking of reparse points (git-fixes).\n- smb: client: fix missing mode bits for SMB symlinks (git-fixes).\n- smb: client: fix open_cached_dir retries with \u0027hard\u0027 mount option (bsc#1240616).\n- smb: client: fix possible double free in smb2_set_ea() (git-fixes).\n- smb: client: fix potential broken compound request (git-fixes).\n- smb: client: fix renaming of reparse points (git-fixes).\n- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).\n- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).\n- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).\n- smb: client: handle path separator of created SMB symlinks (git-fixes).\n- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).\n- smb: client: ignore unhandled reparse tags (git-fixes).\n- smb: client: implement -\u003equery_reparse_point() for SMB1 (git-fixes).\n- smb: client: instantiate when creating SFU files (git-fixes).\n- smb: client: introduce -\u003eparse_reparse_point() (git-fixes).\n- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).\n- smb: client: introduce cifs_sfu_make_node() (git-fixes).\n- smb: client: introduce reparse mount option (git-fixes).\n- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).\n- smb: client: move most of reparse point handling code to common file (git-fixes).\n- smb: client: move some params to cifs_open_info_data (bsc#1231432).\n- smb: client: optimise reparse point querying (git-fixes).\n- smb: client: parse owner/group when creating reparse points (git-fixes).\n- smb: client: parse reparse point flag in create response (bsc#1231432).\n- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).\n- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).\n- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).\n- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).\n- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).\n- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).\n- smb: client: retry compound request without reusing lease (git-fixes).\n- smb: client: return reparse type in /proc/mounts (git-fixes).\n- smb: client: reuse file lease key in compound operations (git-fixes).\n- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).\n- smb: client: set correct file type from NFS reparse points (git-fixes).\n- smb: client: stop revalidating reparse points unnecessarily (git-fixes).\n- smb: use kernel_connect() and kernel_bind() (git-fixes).\n- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).\n- soc/tegra: fuse: Update Tegra234 nvmem keepout list (stable-fixes).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: qcom: smem: introduce qcom_smem_get_soc_id() (git-fixes).\n- soc: qcom: socinfo: move SMEM item struct and defines to a header (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: atmel-qspi: Memory barriers after memory-mapped I/O (git-fixes).\n- spi: atmel-quadspi: Create `atmel_qspi_ops` to support newer SoC families (stable-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- spi: sn-f-ospi: Fix division by zero (git-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).\n- sunrpc: suppress warnings for unused procfs functions (git-fixes).\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: Update window clamping condition (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tg3: Disable tg3 PCIe AER on system reboot (bsc#1219367).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- tomoyo: do not emit warning in tomoyo_write_control() (stable-fixes).\n- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).\n- tools: fix annoying \"mkdir -p ...\" logs when building tools in parallel (git-fixes).\n- tools: move alignment-related macros to new \u0026lt;linux/align.h\u003e (git-fixes).\n- topology: Set capacity_freq_ref in all cases (bsc#1238052)\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- tpm: tis: Double the timeout B to 4s (bsc#1235870).\n- tpm_tis: Move CRC check to generic send routine (bsc#1235870).\n- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).\n- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).\n- tty: serial: 8250: Add some more device IDs (stable-fixes).\n- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).\n- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).\n- tty: xilinx_uartps: split sysrq handling (git-fixes).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- ublk: fix error code for unsupported command (git-fixes).\n- ublk: fix ublk_ch_mmap() for 64K page size (git-fixes).\n- ublk: move ublk_cancel_dev() out of ub-\u003emutex (git-fixes).\n- ublk: move zone report data out of request pdu (git-fixes).\n- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).\n- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).\n- usb: cdc-acm: Check control transfer buffer size before access (git-fixes).\n- usb: cdc-acm: Fix handling of oversized fragments (git-fixes).\n- usb: chipidea: ci_hdrc_imx: decrement device\u0027s refcount in .remove() and in the error path of .probe() (git-fixes).\n- usb: core: fix pipe creation for get_bMaxPacketSize0 (git-fixes).\n- usb: dwc2: gadget: remove of_node reference upon udc_stop (git-fixes).\n- usb: dwc3: Fix timeout issue during controller enter/exit from halt state (git-fixes).\n- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).\n- usb: dwc3: core: Defer the probe until USB power supply ready (git-fixes).\n- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).\n- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).\n- usb: gadget: Fix setting self-powered state on suspend (git-fixes).\n- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).\n- usb: gadget: core: flush gadget workqueue after device removal (git-fixes).\n- usb: gadget: f_midi: Fixing wMaxPacketSize exceeded issue during MIDI bind retries (git-fixes).\n- usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (git-fixes).\n- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).\n- usb: gadget: udc: renesas_usb3: Fix compiler warning (git-fixes).\n- usb: hub: lack of clearing xHC resources (git-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: quirks: Add NO_LPM quirk for TOSHIBA TransMemory-Mx device (git-fixes).\n- usb: renesas_usbhs: Call clk_put() (git-fixes).\n- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).\n- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).\n- usb: roles: set switch registered flag early on (git-fixes).\n- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).\n- usb: typec: ucsi: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: Fix NULL pointer dereference on certain command aborts (git-fixes).\n- usb: xhci: correct debug message page size calculation (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).\n- usbnet: ipheth: document scope of NCM implementation (stable-fixes).\n- usbnet:fix NPE during rx_complete (git-fixes).\n- util_macros.h: fix/rework find_closest() macros (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- vfio/pci: Lock external INTx masking ops (bsc#1222803).\n- vhost/net: Set num_buffers for virtio 1.0 (git-fixes).\n- virtio-mem: check if the config changed before fake offlining memory (git-fixes).\n- virtio-mem: convert most offline_and_remove_memory() errors to -EBUSY (git-fixes).\n- virtio-mem: keep retrying on offline_and_remove_memory() errors in Sub Block Mode (SBM) (git-fixes).\n- virtio-mem: remove unsafe unplug in Big Block Mode (BBM) (git-fixes).\n- virtio: blk/scsi: replace blk_mq_virtio_map_queues with blk_mq_map_hw_queues (bsc#1236896).\n- virtio: blk/scsi: use block layer helpers to calculate num of queues (bsc#1236897).\n- virtio: hookup irq_get_affinity callback (bsc#1236896).\n- virtio_blk: reverse request order in virtio_queue_rqs (git-fixes).\n- vsock/virtio: cancel close work in the destructor (git-fixes)\n- vsock: Keep the binding until socket destruction (git-fixes)\n- vsock: reset socket state when de-assigning the transport (git-fixes)\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath12k: fix handling of 6 GHz rules (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: brcmfmac: Check the return value of of_property_read_string_index() (stable-fixes).\n- wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (stable-fixes).\n- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).\n- wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (stable-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).\n- wifi: iwlwifi: avoid memory leak (stable-fixes).\n- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).\n- wifi: iwlwifi: limit printed string from FW file (git-fixes).\n- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: connac: move mt7615_mcu_del_wtbl_all to connac (stable-fixes).\n- wifi: mt76: mt7915: fix omac index assignment after hardware reset (git-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7915: improve hardware restart reliability (stable-fixes).\n- wifi: mt76: mt7921u: Add VID/PID for TP-Link TXE50UH (stable-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw88: sdio: Fix disconnection after beacon loss (stable-fixes).\n- wifi: rtw89: add crystal_cap check to avoid setting as overflow value (stable-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/asm: Make serialize() always_inline (git-fixes).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/bugs: Add SRSO_USER_KERNEL_NO support (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/cpu/kvm: SRSO: Fix possible missing IBPB on VM-Exit (git-fixes).\n- x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR implementation (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \"nosmt\" correctly (git-fixes).\n- x86/microcode: Handle \"offline\" CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/mm: Carve out INVLPG inline asm for use by others (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- x86/xen: add FRAME_END to xen_hypercall_hvm() (git-fixes).\n- x86/xen: allow larger contiguous memory regions in PV guests (git-fixes).\n- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (git-fixes).\n- xen/swiotlb: relax alignment requirements (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).\n- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: dbgtty: remove kfifo_out() wrapper (git-fixes).\n- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n- zram: clear IDLE flag after recompression (git-fixes).\n- zram: clear IDLE flag in mark_idle() (git-fixes).\n- zram: do not mark idle slots that cannot be idle (git-fixes).\n- zram: fix potential UAF of zram table (git-fixes).\n- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).\n- zram: refuse to use zero sized block device as backing device (git-fixes).\n- zram: split memory-tracking and ac-time tracking (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-14",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20192-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20192-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520192-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20192-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021150.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215211",
"url": "https://bugzilla.suse.com/1215211"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1219367",
"url": "https://bugzilla.suse.com/1219367"
},
{
"category": "self",
"summary": "SUSE Bug 1221651",
"url": "https://bugzilla.suse.com/1221651"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1222672",
"url": "https://bugzilla.suse.com/1222672"
},
{
"category": "self",
"summary": "SUSE Bug 1222803",
"url": "https://bugzilla.suse.com/1222803"
},
{
"category": "self",
"summary": "SUSE Bug 1223047",
"url": "https://bugzilla.suse.com/1223047"
},
{
"category": "self",
"summary": "SUSE Bug 1224013",
"url": "https://bugzilla.suse.com/1224013"
},
{
"category": "self",
"summary": "SUSE Bug 1224049",
"url": "https://bugzilla.suse.com/1224049"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224610",
"url": "https://bugzilla.suse.com/1224610"
},
{
"category": "self",
"summary": "SUSE Bug 1224757",
"url": "https://bugzilla.suse.com/1224757"
},
{
"category": "self",
"summary": "SUSE Bug 1225533",
"url": "https://bugzilla.suse.com/1225533"
},
{
"category": "self",
"summary": "SUSE Bug 1225606",
"url": "https://bugzilla.suse.com/1225606"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1225981",
"url": "https://bugzilla.suse.com/1225981"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1227937",
"url": "https://bugzilla.suse.com/1227937"
},
{
"category": "self",
"summary": "SUSE Bug 1228521",
"url": "https://bugzilla.suse.com/1228521"
},
{
"category": "self",
"summary": "SUSE Bug 1228653",
"url": "https://bugzilla.suse.com/1228653"
},
{
"category": "self",
"summary": "SUSE Bug 1228659",
"url": "https://bugzilla.suse.com/1228659"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1229361",
"url": "https://bugzilla.suse.com/1229361"
},
{
"category": "self",
"summary": "SUSE Bug 1230235",
"url": "https://bugzilla.suse.com/1230235"
},
{
"category": "self",
"summary": "SUSE Bug 1230438",
"url": "https://bugzilla.suse.com/1230438"
},
{
"category": "self",
"summary": "SUSE Bug 1230439",
"url": "https://bugzilla.suse.com/1230439"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230728",
"url": "https://bugzilla.suse.com/1230728"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1230832",
"url": "https://bugzilla.suse.com/1230832"
},
{
"category": "self",
"summary": "SUSE Bug 1231088",
"url": "https://bugzilla.suse.com/1231088"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231432",
"url": "https://bugzilla.suse.com/1231432"
},
{
"category": "self",
"summary": "SUSE Bug 1231910",
"url": "https://bugzilla.suse.com/1231910"
},
{
"category": "self",
"summary": "SUSE Bug 1231912",
"url": "https://bugzilla.suse.com/1231912"
},
{
"category": "self",
"summary": "SUSE Bug 1231920",
"url": "https://bugzilla.suse.com/1231920"
},
{
"category": "self",
"summary": "SUSE Bug 1231949",
"url": "https://bugzilla.suse.com/1231949"
},
{
"category": "self",
"summary": "SUSE Bug 1232159",
"url": "https://bugzilla.suse.com/1232159"
},
{
"category": "self",
"summary": "SUSE Bug 1232198",
"url": "https://bugzilla.suse.com/1232198"
},
{
"category": "self",
"summary": "SUSE Bug 1232201",
"url": "https://bugzilla.suse.com/1232201"
},
{
"category": "self",
"summary": "SUSE Bug 1232299",
"url": "https://bugzilla.suse.com/1232299"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232421",
"url": "https://bugzilla.suse.com/1232421"
},
{
"category": "self",
"summary": "SUSE Bug 1232508",
"url": "https://bugzilla.suse.com/1232508"
},
{
"category": "self",
"summary": "SUSE Bug 1232520",
"url": "https://bugzilla.suse.com/1232520"
},
{
"category": "self",
"summary": "SUSE Bug 1232743",
"url": "https://bugzilla.suse.com/1232743"
},
{
"category": "self",
"summary": "SUSE Bug 1232812",
"url": "https://bugzilla.suse.com/1232812"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1232919",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "self",
"summary": "SUSE Bug 1233028",
"url": "https://bugzilla.suse.com/1233028"
},
{
"category": "self",
"summary": "SUSE Bug 1233033",
"url": "https://bugzilla.suse.com/1233033"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233109",
"url": "https://bugzilla.suse.com/1233109"
},
{
"category": "self",
"summary": "SUSE Bug 1233221",
"url": "https://bugzilla.suse.com/1233221"
},
{
"category": "self",
"summary": "SUSE Bug 1233248",
"url": "https://bugzilla.suse.com/1233248"
},
{
"category": "self",
"summary": "SUSE Bug 1233259",
"url": "https://bugzilla.suse.com/1233259"
},
{
"category": "self",
"summary": "SUSE Bug 1233260",
"url": "https://bugzilla.suse.com/1233260"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233483",
"url": "https://bugzilla.suse.com/1233483"
},
{
"category": "self",
"summary": "SUSE Bug 1233522",
"url": "https://bugzilla.suse.com/1233522"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233749",
"url": "https://bugzilla.suse.com/1233749"
},
{
"category": "self",
"summary": "SUSE Bug 1234070",
"url": "https://bugzilla.suse.com/1234070"
},
{
"category": "self",
"summary": "SUSE Bug 1234074",
"url": "https://bugzilla.suse.com/1234074"
},
{
"category": "self",
"summary": "SUSE Bug 1234157",
"url": "https://bugzilla.suse.com/1234157"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234698",
"url": "https://bugzilla.suse.com/1234698"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234853",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "self",
"summary": "SUSE Bug 1234857",
"url": "https://bugzilla.suse.com/1234857"
},
{
"category": "self",
"summary": "SUSE Bug 1234891",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "self",
"summary": "SUSE Bug 1234894",
"url": "https://bugzilla.suse.com/1234894"
},
{
"category": "self",
"summary": "SUSE Bug 1234895",
"url": "https://bugzilla.suse.com/1234895"
},
{
"category": "self",
"summary": "SUSE Bug 1234896",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1234963",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "self",
"summary": "SUSE Bug 1235054",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "self",
"summary": "SUSE Bug 1235061",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "self",
"summary": "SUSE Bug 1235073",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "self",
"summary": "SUSE Bug 1235244",
"url": "https://bugzilla.suse.com/1235244"
},
{
"category": "self",
"summary": "SUSE Bug 1235435",
"url": "https://bugzilla.suse.com/1235435"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235441",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235485",
"url": "https://bugzilla.suse.com/1235485"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235550",
"url": "https://bugzilla.suse.com/1235550"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235592",
"url": "https://bugzilla.suse.com/1235592"
},
{
"category": "self",
"summary": "SUSE Bug 1235599",
"url": "https://bugzilla.suse.com/1235599"
},
{
"category": "self",
"summary": "SUSE Bug 1235609",
"url": "https://bugzilla.suse.com/1235609"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235698",
"url": "https://bugzilla.suse.com/1235698"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235761",
"url": "https://bugzilla.suse.com/1235761"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235874",
"url": "https://bugzilla.suse.com/1235874"
},
{
"category": "self",
"summary": "SUSE Bug 1235914",
"url": "https://bugzilla.suse.com/1235914"
},
{
"category": "self",
"summary": "SUSE Bug 1235932",
"url": "https://bugzilla.suse.com/1235932"
},
{
"category": "self",
"summary": "SUSE Bug 1235933",
"url": "https://bugzilla.suse.com/1235933"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236099",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236113",
"url": "https://bugzilla.suse.com/1236113"
},
{
"category": "self",
"summary": "SUSE Bug 1236114",
"url": "https://bugzilla.suse.com/1236114"
},
{
"category": "self",
"summary": "SUSE Bug 1236115",
"url": "https://bugzilla.suse.com/1236115"
},
{
"category": "self",
"summary": "SUSE Bug 1236122",
"url": "https://bugzilla.suse.com/1236122"
},
{
"category": "self",
"summary": "SUSE Bug 1236123",
"url": "https://bugzilla.suse.com/1236123"
},
{
"category": "self",
"summary": "SUSE Bug 1236133",
"url": "https://bugzilla.suse.com/1236133"
},
{
"category": "self",
"summary": "SUSE Bug 1236138",
"url": "https://bugzilla.suse.com/1236138"
},
{
"category": "self",
"summary": "SUSE Bug 1236199",
"url": "https://bugzilla.suse.com/1236199"
},
{
"category": "self",
"summary": "SUSE Bug 1236200",
"url": "https://bugzilla.suse.com/1236200"
},
{
"category": "self",
"summary": "SUSE Bug 1236203",
"url": "https://bugzilla.suse.com/1236203"
},
{
"category": "self",
"summary": "SUSE Bug 1236205",
"url": "https://bugzilla.suse.com/1236205"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236573",
"url": "https://bugzilla.suse.com/1236573"
},
{
"category": "self",
"summary": "SUSE Bug 1236575",
"url": "https://bugzilla.suse.com/1236575"
},
{
"category": "self",
"summary": "SUSE Bug 1236576",
"url": "https://bugzilla.suse.com/1236576"
},
{
"category": "self",
"summary": "SUSE Bug 1236591",
"url": "https://bugzilla.suse.com/1236591"
},
{
"category": "self",
"summary": "SUSE Bug 1236661",
"url": "https://bugzilla.suse.com/1236661"
},
{
"category": "self",
"summary": "SUSE Bug 1236677",
"url": "https://bugzilla.suse.com/1236677"
},
{
"category": "self",
"summary": "SUSE Bug 1236680",
"url": "https://bugzilla.suse.com/1236680"
},
{
"category": "self",
"summary": "SUSE Bug 1236681",
"url": "https://bugzilla.suse.com/1236681"
},
{
"category": "self",
"summary": "SUSE Bug 1236682",
"url": "https://bugzilla.suse.com/1236682"
},
{
"category": "self",
"summary": "SUSE Bug 1236683",
"url": "https://bugzilla.suse.com/1236683"
},
{
"category": "self",
"summary": "SUSE Bug 1236684",
"url": "https://bugzilla.suse.com/1236684"
},
{
"category": "self",
"summary": "SUSE Bug 1236685",
"url": "https://bugzilla.suse.com/1236685"
},
{
"category": "self",
"summary": "SUSE Bug 1236689",
"url": "https://bugzilla.suse.com/1236689"
},
{
"category": "self",
"summary": "SUSE Bug 1236692",
"url": "https://bugzilla.suse.com/1236692"
},
{
"category": "self",
"summary": "SUSE Bug 1236694",
"url": "https://bugzilla.suse.com/1236694"
},
{
"category": "self",
"summary": "SUSE Bug 1236698",
"url": "https://bugzilla.suse.com/1236698"
},
{
"category": "self",
"summary": "SUSE Bug 1236700",
"url": "https://bugzilla.suse.com/1236700"
},
{
"category": "self",
"summary": "SUSE Bug 1236702",
"url": "https://bugzilla.suse.com/1236702"
},
{
"category": "self",
"summary": "SUSE Bug 1236752",
"url": "https://bugzilla.suse.com/1236752"
},
{
"category": "self",
"summary": "SUSE Bug 1236757",
"url": "https://bugzilla.suse.com/1236757"
},
{
"category": "self",
"summary": "SUSE Bug 1236758",
"url": "https://bugzilla.suse.com/1236758"
},
{
"category": "self",
"summary": "SUSE Bug 1236759",
"url": "https://bugzilla.suse.com/1236759"
},
{
"category": "self",
"summary": "SUSE Bug 1236760",
"url": "https://bugzilla.suse.com/1236760"
},
{
"category": "self",
"summary": "SUSE Bug 1236761",
"url": "https://bugzilla.suse.com/1236761"
},
{
"category": "self",
"summary": "SUSE Bug 1236821",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "self",
"summary": "SUSE Bug 1236822",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "self",
"summary": "SUSE Bug 1236896",
"url": "https://bugzilla.suse.com/1236896"
},
{
"category": "self",
"summary": "SUSE Bug 1236897",
"url": "https://bugzilla.suse.com/1236897"
},
{
"category": "self",
"summary": "SUSE Bug 1236952",
"url": "https://bugzilla.suse.com/1236952"
},
{
"category": "self",
"summary": "SUSE Bug 1236967",
"url": "https://bugzilla.suse.com/1236967"
},
{
"category": "self",
"summary": "SUSE Bug 1236994",
"url": "https://bugzilla.suse.com/1236994"
},
{
"category": "self",
"summary": "SUSE Bug 1237007",
"url": "https://bugzilla.suse.com/1237007"
},
{
"category": "self",
"summary": "SUSE Bug 1237017",
"url": "https://bugzilla.suse.com/1237017"
},
{
"category": "self",
"summary": "SUSE Bug 1237025",
"url": "https://bugzilla.suse.com/1237025"
},
{
"category": "self",
"summary": "SUSE Bug 1237028",
"url": "https://bugzilla.suse.com/1237028"
},
{
"category": "self",
"summary": "SUSE Bug 1237029",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "self",
"summary": "SUSE Bug 1237045",
"url": "https://bugzilla.suse.com/1237045"
},
{
"category": "self",
"summary": "SUSE Bug 1237126",
"url": "https://bugzilla.suse.com/1237126"
},
{
"category": "self",
"summary": "SUSE Bug 1237132",
"url": "https://bugzilla.suse.com/1237132"
},
{
"category": "self",
"summary": "SUSE Bug 1237139",
"url": "https://bugzilla.suse.com/1237139"
},
{
"category": "self",
"summary": "SUSE Bug 1237155",
"url": "https://bugzilla.suse.com/1237155"
},
{
"category": "self",
"summary": "SUSE Bug 1237158",
"url": "https://bugzilla.suse.com/1237158"
},
{
"category": "self",
"summary": "SUSE Bug 1237159",
"url": "https://bugzilla.suse.com/1237159"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237232",
"url": "https://bugzilla.suse.com/1237232"
},
{
"category": "self",
"summary": "SUSE Bug 1237234",
"url": "https://bugzilla.suse.com/1237234"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237325",
"url": "https://bugzilla.suse.com/1237325"
},
{
"category": "self",
"summary": "SUSE Bug 1237356",
"url": "https://bugzilla.suse.com/1237356"
},
{
"category": "self",
"summary": "SUSE Bug 1237415",
"url": "https://bugzilla.suse.com/1237415"
},
{
"category": "self",
"summary": "SUSE Bug 1237452",
"url": "https://bugzilla.suse.com/1237452"
},
{
"category": "self",
"summary": "SUSE Bug 1237504",
"url": "https://bugzilla.suse.com/1237504"
},
{
"category": "self",
"summary": "SUSE Bug 1237521",
"url": "https://bugzilla.suse.com/1237521"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237558",
"url": "https://bugzilla.suse.com/1237558"
},
{
"category": "self",
"summary": "SUSE Bug 1237562",
"url": "https://bugzilla.suse.com/1237562"
},
{
"category": "self",
"summary": "SUSE Bug 1237563",
"url": "https://bugzilla.suse.com/1237563"
},
{
"category": "self",
"summary": "SUSE Bug 1237565",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "self",
"summary": "SUSE Bug 1237571",
"url": "https://bugzilla.suse.com/1237571"
},
{
"category": "self",
"summary": "SUSE Bug 1237848",
"url": "https://bugzilla.suse.com/1237848"
},
{
"category": "self",
"summary": "SUSE Bug 1237849",
"url": "https://bugzilla.suse.com/1237849"
},
{
"category": "self",
"summary": "SUSE Bug 1237853",
"url": "https://bugzilla.suse.com/1237853"
},
{
"category": "self",
"summary": "SUSE Bug 1237856",
"url": "https://bugzilla.suse.com/1237856"
},
{
"category": "self",
"summary": "SUSE Bug 1237873",
"url": "https://bugzilla.suse.com/1237873"
},
{
"category": "self",
"summary": "SUSE Bug 1237874",
"url": "https://bugzilla.suse.com/1237874"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237876",
"url": "https://bugzilla.suse.com/1237876"
},
{
"category": "self",
"summary": "SUSE Bug 1237877",
"url": "https://bugzilla.suse.com/1237877"
},
{
"category": "self",
"summary": "SUSE Bug 1237879",
"url": "https://bugzilla.suse.com/1237879"
},
{
"category": "self",
"summary": "SUSE Bug 1237881",
"url": "https://bugzilla.suse.com/1237881"
},
{
"category": "self",
"summary": "SUSE Bug 1237882",
"url": "https://bugzilla.suse.com/1237882"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237889",
"url": "https://bugzilla.suse.com/1237889"
},
{
"category": "self",
"summary": "SUSE Bug 1237890",
"url": "https://bugzilla.suse.com/1237890"
},
{
"category": "self",
"summary": "SUSE Bug 1237891",
"url": "https://bugzilla.suse.com/1237891"
},
{
"category": "self",
"summary": "SUSE Bug 1237894",
"url": "https://bugzilla.suse.com/1237894"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237900",
"url": "https://bugzilla.suse.com/1237900"
},
{
"category": "self",
"summary": "SUSE Bug 1237901",
"url": "https://bugzilla.suse.com/1237901"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1237907",
"url": "https://bugzilla.suse.com/1237907"
},
{
"category": "self",
"summary": "SUSE Bug 1237911",
"url": "https://bugzilla.suse.com/1237911"
},
{
"category": "self",
"summary": "SUSE Bug 1237912",
"url": "https://bugzilla.suse.com/1237912"
},
{
"category": "self",
"summary": "SUSE Bug 1237950",
"url": "https://bugzilla.suse.com/1237950"
},
{
"category": "self",
"summary": "SUSE Bug 1238052",
"url": "https://bugzilla.suse.com/1238052"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238214",
"url": "https://bugzilla.suse.com/1238214"
},
{
"category": "self",
"summary": "SUSE Bug 1238303",
"url": "https://bugzilla.suse.com/1238303"
},
{
"category": "self",
"summary": "SUSE Bug 1238347",
"url": "https://bugzilla.suse.com/1238347"
},
{
"category": "self",
"summary": "SUSE Bug 1238368",
"url": "https://bugzilla.suse.com/1238368"
},
{
"category": "self",
"summary": "SUSE Bug 1238474",
"url": "https://bugzilla.suse.com/1238474"
},
{
"category": "self",
"summary": "SUSE Bug 1238475",
"url": "https://bugzilla.suse.com/1238475"
},
{
"category": "self",
"summary": "SUSE Bug 1238479",
"url": "https://bugzilla.suse.com/1238479"
},
{
"category": "self",
"summary": "SUSE Bug 1238494",
"url": "https://bugzilla.suse.com/1238494"
},
{
"category": "self",
"summary": "SUSE Bug 1238496",
"url": "https://bugzilla.suse.com/1238496"
},
{
"category": "self",
"summary": "SUSE Bug 1238497",
"url": "https://bugzilla.suse.com/1238497"
},
{
"category": "self",
"summary": "SUSE Bug 1238500",
"url": "https://bugzilla.suse.com/1238500"
},
{
"category": "self",
"summary": "SUSE Bug 1238501",
"url": "https://bugzilla.suse.com/1238501"
},
{
"category": "self",
"summary": "SUSE Bug 1238502",
"url": "https://bugzilla.suse.com/1238502"
},
{
"category": "self",
"summary": "SUSE Bug 1238503",
"url": "https://bugzilla.suse.com/1238503"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238507",
"url": "https://bugzilla.suse.com/1238507"
},
{
"category": "self",
"summary": "SUSE Bug 1238509",
"url": "https://bugzilla.suse.com/1238509"
},
{
"category": "self",
"summary": "SUSE Bug 1238510",
"url": "https://bugzilla.suse.com/1238510"
},
{
"category": "self",
"summary": "SUSE Bug 1238511",
"url": "https://bugzilla.suse.com/1238511"
},
{
"category": "self",
"summary": "SUSE Bug 1238512",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "self",
"summary": "SUSE Bug 1238521",
"url": "https://bugzilla.suse.com/1238521"
},
{
"category": "self",
"summary": "SUSE Bug 1238523",
"url": "https://bugzilla.suse.com/1238523"
},
{
"category": "self",
"summary": "SUSE Bug 1238525",
"url": "https://bugzilla.suse.com/1238525"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238529",
"url": "https://bugzilla.suse.com/1238529"
},
{
"category": "self",
"summary": "SUSE Bug 1238531",
"url": "https://bugzilla.suse.com/1238531"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238565",
"url": "https://bugzilla.suse.com/1238565"
},
{
"category": "self",
"summary": "SUSE Bug 1238570",
"url": "https://bugzilla.suse.com/1238570"
},
{
"category": "self",
"summary": "SUSE Bug 1238715",
"url": "https://bugzilla.suse.com/1238715"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238734",
"url": "https://bugzilla.suse.com/1238734"
},
{
"category": "self",
"summary": "SUSE Bug 1238735",
"url": "https://bugzilla.suse.com/1238735"
},
{
"category": "self",
"summary": "SUSE Bug 1238736",
"url": "https://bugzilla.suse.com/1238736"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238739",
"url": "https://bugzilla.suse.com/1238739"
},
{
"category": "self",
"summary": "SUSE Bug 1238746",
"url": "https://bugzilla.suse.com/1238746"
},
{
"category": "self",
"summary": "SUSE Bug 1238747",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "self",
"summary": "SUSE Bug 1238751",
"url": "https://bugzilla.suse.com/1238751"
},
{
"category": "self",
"summary": "SUSE Bug 1238753",
"url": "https://bugzilla.suse.com/1238753"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238757",
"url": "https://bugzilla.suse.com/1238757"
},
{
"category": "self",
"summary": "SUSE Bug 1238759",
"url": "https://bugzilla.suse.com/1238759"
},
{
"category": "self",
"summary": "SUSE Bug 1238760",
"url": "https://bugzilla.suse.com/1238760"
},
{
"category": "self",
"summary": "SUSE Bug 1238762",
"url": "https://bugzilla.suse.com/1238762"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238767",
"url": "https://bugzilla.suse.com/1238767"
},
{
"category": "self",
"summary": "SUSE Bug 1238768",
"url": "https://bugzilla.suse.com/1238768"
},
{
"category": "self",
"summary": "SUSE Bug 1238771",
"url": "https://bugzilla.suse.com/1238771"
},
{
"category": "self",
"summary": "SUSE Bug 1238772",
"url": "https://bugzilla.suse.com/1238772"
},
{
"category": "self",
"summary": "SUSE Bug 1238773",
"url": "https://bugzilla.suse.com/1238773"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238781",
"url": "https://bugzilla.suse.com/1238781"
},
{
"category": "self",
"summary": "SUSE Bug 1238785",
"url": "https://bugzilla.suse.com/1238785"
},
{
"category": "self",
"summary": "SUSE Bug 1238860",
"url": "https://bugzilla.suse.com/1238860"
},
{
"category": "self",
"summary": "SUSE Bug 1238863",
"url": "https://bugzilla.suse.com/1238863"
},
{
"category": "self",
"summary": "SUSE Bug 1238864",
"url": "https://bugzilla.suse.com/1238864"
},
{
"category": "self",
"summary": "SUSE Bug 1238865",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1238877",
"url": "https://bugzilla.suse.com/1238877"
},
{
"category": "self",
"summary": "SUSE Bug 1238903",
"url": "https://bugzilla.suse.com/1238903"
},
{
"category": "self",
"summary": "SUSE Bug 1238904",
"url": "https://bugzilla.suse.com/1238904"
},
{
"category": "self",
"summary": "SUSE Bug 1238905",
"url": "https://bugzilla.suse.com/1238905"
},
{
"category": "self",
"summary": "SUSE Bug 1238909",
"url": "https://bugzilla.suse.com/1238909"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238917",
"url": "https://bugzilla.suse.com/1238917"
},
{
"category": "self",
"summary": "SUSE Bug 1238958",
"url": "https://bugzilla.suse.com/1238958"
},
{
"category": "self",
"summary": "SUSE Bug 1238959",
"url": "https://bugzilla.suse.com/1238959"
},
{
"category": "self",
"summary": "SUSE Bug 1238963",
"url": "https://bugzilla.suse.com/1238963"
},
{
"category": "self",
"summary": "SUSE Bug 1238964",
"url": "https://bugzilla.suse.com/1238964"
},
{
"category": "self",
"summary": "SUSE Bug 1238969",
"url": "https://bugzilla.suse.com/1238969"
},
{
"category": "self",
"summary": "SUSE Bug 1238970",
"url": "https://bugzilla.suse.com/1238970"
},
{
"category": "self",
"summary": "SUSE Bug 1238971",
"url": "https://bugzilla.suse.com/1238971"
},
{
"category": "self",
"summary": "SUSE Bug 1238973",
"url": "https://bugzilla.suse.com/1238973"
},
{
"category": "self",
"summary": "SUSE Bug 1238975",
"url": "https://bugzilla.suse.com/1238975"
},
{
"category": "self",
"summary": "SUSE Bug 1238978",
"url": "https://bugzilla.suse.com/1238978"
},
{
"category": "self",
"summary": "SUSE Bug 1238979",
"url": "https://bugzilla.suse.com/1238979"
},
{
"category": "self",
"summary": "SUSE Bug 1238981",
"url": "https://bugzilla.suse.com/1238981"
},
{
"category": "self",
"summary": "SUSE Bug 1238984",
"url": "https://bugzilla.suse.com/1238984"
},
{
"category": "self",
"summary": "SUSE Bug 1238986",
"url": "https://bugzilla.suse.com/1238986"
},
{
"category": "self",
"summary": "SUSE Bug 1238990",
"url": "https://bugzilla.suse.com/1238990"
},
{
"category": "self",
"summary": "SUSE Bug 1238993",
"url": "https://bugzilla.suse.com/1238993"
},
{
"category": "self",
"summary": "SUSE Bug 1238994",
"url": "https://bugzilla.suse.com/1238994"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239027",
"url": "https://bugzilla.suse.com/1239027"
},
{
"category": "self",
"summary": "SUSE Bug 1239029",
"url": "https://bugzilla.suse.com/1239029"
},
{
"category": "self",
"summary": "SUSE Bug 1239030",
"url": "https://bugzilla.suse.com/1239030"
},
{
"category": "self",
"summary": "SUSE Bug 1239033",
"url": "https://bugzilla.suse.com/1239033"
},
{
"category": "self",
"summary": "SUSE Bug 1239034",
"url": "https://bugzilla.suse.com/1239034"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239037",
"url": "https://bugzilla.suse.com/1239037"
},
{
"category": "self",
"summary": "SUSE Bug 1239038",
"url": "https://bugzilla.suse.com/1239038"
},
{
"category": "self",
"summary": "SUSE Bug 1239039",
"url": "https://bugzilla.suse.com/1239039"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239065",
"url": "https://bugzilla.suse.com/1239065"
},
{
"category": "self",
"summary": "SUSE Bug 1239066",
"url": "https://bugzilla.suse.com/1239066"
},
{
"category": "self",
"summary": "SUSE Bug 1239068",
"url": "https://bugzilla.suse.com/1239068"
},
{
"category": "self",
"summary": "SUSE Bug 1239073",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "self",
"summary": "SUSE Bug 1239076",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "self",
"summary": "SUSE Bug 1239080",
"url": "https://bugzilla.suse.com/1239080"
},
{
"category": "self",
"summary": "SUSE Bug 1239085",
"url": "https://bugzilla.suse.com/1239085"
},
{
"category": "self",
"summary": "SUSE Bug 1239087",
"url": "https://bugzilla.suse.com/1239087"
},
{
"category": "self",
"summary": "SUSE Bug 1239095",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "self",
"summary": "SUSE Bug 1239104",
"url": "https://bugzilla.suse.com/1239104"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239109",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "self",
"summary": "SUSE Bug 1239112",
"url": "https://bugzilla.suse.com/1239112"
},
{
"category": "self",
"summary": "SUSE Bug 1239114",
"url": "https://bugzilla.suse.com/1239114"
},
{
"category": "self",
"summary": "SUSE Bug 1239115",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239167",
"url": "https://bugzilla.suse.com/1239167"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239435",
"url": "https://bugzilla.suse.com/1239435"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239475",
"url": "https://bugzilla.suse.com/1239475"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239615",
"url": "https://bugzilla.suse.com/1239615"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239684",
"url": "https://bugzilla.suse.com/1239684"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239906",
"url": "https://bugzilla.suse.com/1239906"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1240167",
"url": "https://bugzilla.suse.com/1240167"
},
{
"category": "self",
"summary": "SUSE Bug 1240168",
"url": "https://bugzilla.suse.com/1240168"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240171",
"url": "https://bugzilla.suse.com/1240171"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240176",
"url": "https://bugzilla.suse.com/1240176"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240184",
"url": "https://bugzilla.suse.com/1240184"
},
{
"category": "self",
"summary": "SUSE Bug 1240185",
"url": "https://bugzilla.suse.com/1240185"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE Bug 1240375",
"url": "https://bugzilla.suse.com/1240375"
},
{
"category": "self",
"summary": "SUSE Bug 1240575",
"url": "https://bugzilla.suse.com/1240575"
},
{
"category": "self",
"summary": "SUSE Bug 1240581",
"url": "https://bugzilla.suse.com/1240581"
},
{
"category": "self",
"summary": "SUSE Bug 1240582",
"url": "https://bugzilla.suse.com/1240582"
},
{
"category": "self",
"summary": "SUSE Bug 1240583",
"url": "https://bugzilla.suse.com/1240583"
},
{
"category": "self",
"summary": "SUSE Bug 1240584",
"url": "https://bugzilla.suse.com/1240584"
},
{
"category": "self",
"summary": "SUSE Bug 1240585",
"url": "https://bugzilla.suse.com/1240585"
},
{
"category": "self",
"summary": "SUSE Bug 1240587",
"url": "https://bugzilla.suse.com/1240587"
},
{
"category": "self",
"summary": "SUSE Bug 1240590",
"url": "https://bugzilla.suse.com/1240590"
},
{
"category": "self",
"summary": "SUSE Bug 1240591",
"url": "https://bugzilla.suse.com/1240591"
},
{
"category": "self",
"summary": "SUSE Bug 1240592",
"url": "https://bugzilla.suse.com/1240592"
},
{
"category": "self",
"summary": "SUSE Bug 1240594",
"url": "https://bugzilla.suse.com/1240594"
},
{
"category": "self",
"summary": "SUSE Bug 1240595",
"url": "https://bugzilla.suse.com/1240595"
},
{
"category": "self",
"summary": "SUSE Bug 1240596",
"url": "https://bugzilla.suse.com/1240596"
},
{
"category": "self",
"summary": "SUSE Bug 1240600",
"url": "https://bugzilla.suse.com/1240600"
},
{
"category": "self",
"summary": "SUSE Bug 1240612",
"url": "https://bugzilla.suse.com/1240612"
},
{
"category": "self",
"summary": "SUSE Bug 1240616",
"url": "https://bugzilla.suse.com/1240616"
},
{
"category": "self",
"summary": "SUSE Bug 1240639",
"url": "https://bugzilla.suse.com/1240639"
},
{
"category": "self",
"summary": "SUSE Bug 1240643",
"url": "https://bugzilla.suse.com/1240643"
},
{
"category": "self",
"summary": "SUSE Bug 1240647",
"url": "https://bugzilla.suse.com/1240647"
},
{
"category": "self",
"summary": "SUSE Bug 1240691",
"url": "https://bugzilla.suse.com/1240691"
},
{
"category": "self",
"summary": "SUSE Bug 1240700",
"url": "https://bugzilla.suse.com/1240700"
},
{
"category": "self",
"summary": "SUSE Bug 1240701",
"url": "https://bugzilla.suse.com/1240701"
},
{
"category": "self",
"summary": "SUSE Bug 1240703",
"url": "https://bugzilla.suse.com/1240703"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240714",
"url": "https://bugzilla.suse.com/1240714"
},
{
"category": "self",
"summary": "SUSE Bug 1240715",
"url": "https://bugzilla.suse.com/1240715"
},
{
"category": "self",
"summary": "SUSE Bug 1240716",
"url": "https://bugzilla.suse.com/1240716"
},
{
"category": "self",
"summary": "SUSE Bug 1240718",
"url": "https://bugzilla.suse.com/1240718"
},
{
"category": "self",
"summary": "SUSE Bug 1240719",
"url": "https://bugzilla.suse.com/1240719"
},
{
"category": "self",
"summary": "SUSE Bug 1240720",
"url": "https://bugzilla.suse.com/1240720"
},
{
"category": "self",
"summary": "SUSE Bug 1240722",
"url": "https://bugzilla.suse.com/1240722"
},
{
"category": "self",
"summary": "SUSE Bug 1240727",
"url": "https://bugzilla.suse.com/1240727"
},
{
"category": "self",
"summary": "SUSE Bug 1240739",
"url": "https://bugzilla.suse.com/1240739"
},
{
"category": "self",
"summary": "SUSE Bug 1240742",
"url": "https://bugzilla.suse.com/1240742"
},
{
"category": "self",
"summary": "SUSE Bug 1240779",
"url": "https://bugzilla.suse.com/1240779"
},
{
"category": "self",
"summary": "SUSE Bug 1240783",
"url": "https://bugzilla.suse.com/1240783"
},
{
"category": "self",
"summary": "SUSE Bug 1240784",
"url": "https://bugzilla.suse.com/1240784"
},
{
"category": "self",
"summary": "SUSE Bug 1240795",
"url": "https://bugzilla.suse.com/1240795"
},
{
"category": "self",
"summary": "SUSE Bug 1240796",
"url": "https://bugzilla.suse.com/1240796"
},
{
"category": "self",
"summary": "SUSE Bug 1240797",
"url": "https://bugzilla.suse.com/1240797"
},
{
"category": "self",
"summary": "SUSE Bug 1240799",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "self",
"summary": "SUSE Bug 1240801",
"url": "https://bugzilla.suse.com/1240801"
},
{
"category": "self",
"summary": "SUSE Bug 1240806",
"url": "https://bugzilla.suse.com/1240806"
},
{
"category": "self",
"summary": "SUSE Bug 1240808",
"url": "https://bugzilla.suse.com/1240808"
},
{
"category": "self",
"summary": "SUSE Bug 1240812",
"url": "https://bugzilla.suse.com/1240812"
},
{
"category": "self",
"summary": "SUSE Bug 1240813",
"url": "https://bugzilla.suse.com/1240813"
},
{
"category": "self",
"summary": "SUSE Bug 1240815",
"url": "https://bugzilla.suse.com/1240815"
},
{
"category": "self",
"summary": "SUSE Bug 1240816",
"url": "https://bugzilla.suse.com/1240816"
},
{
"category": "self",
"summary": "SUSE Bug 1240819",
"url": "https://bugzilla.suse.com/1240819"
},
{
"category": "self",
"summary": "SUSE Bug 1240821",
"url": "https://bugzilla.suse.com/1240821"
},
{
"category": "self",
"summary": "SUSE Bug 1240825",
"url": "https://bugzilla.suse.com/1240825"
},
{
"category": "self",
"summary": "SUSE Bug 1240829",
"url": "https://bugzilla.suse.com/1240829"
},
{
"category": "self",
"summary": "SUSE Bug 1240873",
"url": "https://bugzilla.suse.com/1240873"
},
{
"category": "self",
"summary": "SUSE Bug 1240937",
"url": "https://bugzilla.suse.com/1240937"
},
{
"category": "self",
"summary": "SUSE Bug 1240938",
"url": "https://bugzilla.suse.com/1240938"
},
{
"category": "self",
"summary": "SUSE Bug 1240940",
"url": "https://bugzilla.suse.com/1240940"
},
{
"category": "self",
"summary": "SUSE Bug 1240942",
"url": "https://bugzilla.suse.com/1240942"
},
{
"category": "self",
"summary": "SUSE Bug 1240943",
"url": "https://bugzilla.suse.com/1240943"
},
{
"category": "self",
"summary": "SUSE Bug 1240978",
"url": "https://bugzilla.suse.com/1240978"
},
{
"category": "self",
"summary": "SUSE Bug 1240979",
"url": "https://bugzilla.suse.com/1240979"
},
{
"category": "self",
"summary": "SUSE Bug 1241038",
"url": "https://bugzilla.suse.com/1241038"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52831 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52924 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52925 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52926 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26708 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26810 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26873 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27415 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-44974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-44974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-45010 page",
"url": "https://www.suse.com/security/cve/CVE-2024-45010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46736 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47701 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50036 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50115 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50142 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50142/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50185 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50185/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50251 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50251/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50258 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50258/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50294 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50304 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50304/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53123 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53124 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53139 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53147 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53173 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53176 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53177 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53178 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53226 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53226/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56539 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56548 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56579 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56592 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56647 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56658 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56720 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58071 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58079 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21631 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21636 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21638 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21639 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21640 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21647 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21665 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21666 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21666/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21667 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21668 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21669 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21670 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21675 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21680 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21681 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21684 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21687 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21688 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21688/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21689 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21689/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21690 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21692 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21697 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21699 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21700 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21704 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21708 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21715 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21716 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21719 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21724 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21731 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21733 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21736 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21745 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21784 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21802 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21806 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21828 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21863 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21894 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21895 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21908 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21910 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21922 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21924 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21935 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21941 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21950 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21956 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21966 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21971 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21975 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21991 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21993 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22008 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2312/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-04-17T14:37:10Z",
"generator": {
"date": "2025-04-17T14:37:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20192-1",
"initial_release_date": "2025-04-17T14:37:10Z",
"revision_history": [
{
"date": "2025-04-17T14:37:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-28.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-28.1.aarch64",
"product_id": "kernel-default-6.4.0-28.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-28.1.21.6.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-28.1.21.6.aarch64",
"product_id": "kernel-default-base-6.4.0-28.1.21.6.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-28.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-28.1.noarch",
"product_id": "kernel-devel-6.4.0-28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-28.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-28.1.noarch",
"product_id": "kernel-macros-6.4.0-28.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-28.1.noarch",
"product": {
"name": "kernel-source-6.4.0-28.1.noarch",
"product_id": "kernel-source-6.4.0-28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-28.1.s390x",
"product": {
"name": "kernel-default-6.4.0-28.1.s390x",
"product_id": "kernel-default-6.4.0-28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-28.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-28.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-28.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"product_id": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-28.1.x86_64",
"product_id": "kernel-default-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-28.1.21.6.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-28.1.21.6.x86_64",
"product_id": "kernel-default-base-6.4.0-28.1.21.6.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-28.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-28.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-28.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-28.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-28.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x"
},
"product_reference": "kernel-default-6.4.0-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-28.1.21.6.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-28.1.21.6.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-28.1.21.6.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-28.1.21.6.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-28.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-28.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-28.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
},
"product_reference": "kernel-source-6.4.0-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52831",
"url": "https://www.suse.com/security/cve/CVE-2023-52831"
},
{
"category": "external",
"summary": "SUSE Bug 1225533 for CVE-2023-52831",
"url": "https://bugzilla.suse.com/1225533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t skip expired elements during walk\n\nThere is an asymmetry between commit/abort and preparation phase if the\nfollowing conditions are met:\n\n1. set is a verdict map (\"1.2.3.4 : jump foo\")\n2. timeouts are enabled\n\nIn this case, following sequence is problematic:\n\n1. element E in set S refers to chain C\n2. userspace requests removal of set S\n3. kernel does a set walk to decrement chain-\u003euse count for all elements\n from preparation phase\n4. kernel does another set walk to remove elements from the commit phase\n (or another walk to do a chain-\u003euse increment for all elements from\n abort phase)\n\nIf E has already expired in 1), it will be ignored during list walk, so its use count\nwon\u0027t have been changed.\n\nThen, when set is culled, -\u003edestroy callback will zap the element via\nnf_tables_set_elem_destroy(), but this function is only safe for\nelements that have been deactivated earlier from the preparation phase:\nlack of earlier deactivate removes the element but leaks the chain use\ncount, which results in a WARN splat when the chain gets removed later,\nplus a leak of the nft_chain structure.\n\nUpdate pipapo_get() not to skip expired elements, otherwise flush\ncommand reports bogus ENOENT errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52924",
"url": "https://www.suse.com/security/cve/CVE-2023-52924"
},
{
"category": "external",
"summary": "SUSE Bug 1236821 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1236821"
},
{
"category": "external",
"summary": "SUSE Bug 1244630 for CVE-2023-52924",
"url": "https://bugzilla.suse.com/1244630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2023-52924"
},
{
"cve": "CVE-2023-52925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t fail inserts if duplicate has expired\n\nnftables selftests fail:\nrun-tests.sh testcases/sets/0044interval_overlap_0\nExpected: 0-2 . 0-3, got:\nW: [FAILED] ./testcases/sets/0044interval_overlap_0: got 1\n\nInsertion must ignore duplicate but expired entries.\n\nMoreover, there is a strange asymmetry in nft_pipapo_activate:\n\nIt refetches the current element, whereas the other -\u003eactivate callbacks\n(bitmap, hash, rhash, rbtree) use elem-\u003epriv.\nSame for .remove: other set implementations take elem-\u003epriv,\nnft_pipapo_remove fetches elem-\u003epriv, then does a relookup,\nremove this.\n\nI suspect this was the reason for the change that prompted the\nremoval of the expired check in pipapo_get() in the first place,\nbut skipping exired elements there makes no sense to me, this helper\nis used for normal get requests, insertions (duplicate check)\nand deactivate callback.\n\nIn first two cases expired elements must be skipped.\n\nFor -\u003edeactivate(), this gets called for DELSETELEM, so it\nseems to me that expired elements should be skipped as well, i.e.\ndelete request should fail with -ENOENT error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52925",
"url": "https://www.suse.com/security/cve/CVE-2023-52925"
},
{
"category": "external",
"summary": "SUSE Bug 1236822 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1236822"
},
{
"category": "external",
"summary": "SUSE Bug 1246009 for CVE-2023-52925",
"url": "https://bugzilla.suse.com/1246009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2023-52925"
},
{
"cve": "CVE-2023-52926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIORING_OP_READ did not correctly consume the provided buffer list when\nread i/o returned \u003c 0 (except for -EAGAIN and -EIOCBQUEUED return).\nThis can lead to a potential use-after-free when the completion via\nio_rw_done runs at separate context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52926",
"url": "https://www.suse.com/security/cve/CVE-2023-52926"
},
{
"category": "external",
"summary": "SUSE Bug 1237565 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "external",
"summary": "SUSE Bug 1237567 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-26634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26634",
"url": "https://www.suse.com/security/cve/CVE-2024-26634"
},
{
"category": "external",
"summary": "SUSE Bug 1221651 for CVE-2024-26634",
"url": "https://bugzilla.suse.com/1221651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: really cope with fastopen race\n\nFastopen and PM-trigger subflow shutdown can race, as reported by\nsyzkaller.\n\nIn my first attempt to close such race, I missed the fact that\nthe subflow status can change again before the subflow_state_change\ncallback is invoked.\n\nAddress the issue additionally copying with all the states directly\nreachable from TCP_FIN_WAIT1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26708",
"url": "https://www.suse.com/security/cve/CVE-2024-26708"
},
{
"category": "external",
"summary": "SUSE Bug 1222672 for CVE-2024-26708",
"url": "https://bugzilla.suse.com/1222672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-26708"
},
{
"cve": "CVE-2024-26810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Lock external INTx masking ops\n\nMask operations through config space changes to DisINTx may race INTx\nconfiguration changes via ioctl. Create wrappers that add locking for\npaths outside of the core interrupt code.\n\nIn particular, irq_type is updated holding igate, therefore testing\nis_intx() requires holding igate. For example clearing DisINTx from\nconfig space can otherwise race changes of the interrupt configuration.\n\nThis aligns interfaces which may trigger the INTx eventfd into two\ncamps, one side serialized by igate and the other only enabled while\nINTx is configured. A subsequent patch introduces synchronization for\nthe latter flows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26810",
"url": "https://www.suse.com/security/cve/CVE-2024-26810"
},
{
"category": "external",
"summary": "SUSE Bug 1222803 for CVE-2024-26810",
"url": "https://bugzilla.suse.com/1222803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-26810"
},
{
"cve": "CVE-2024-26873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix a deadlock issue related to automatic dump\n\nIf we issue a disabling PHY command, the device attached with it will go\noffline, if a 2 bit ECC error occurs at the same time, a hung task may be\nfound:\n\n[ 4613.652388] INFO: task kworker/u256:0:165233 blocked for more than 120 seconds.\n[ 4613.666297] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.674809] task:kworker/u256:0 state:D stack: 0 pid:165233 ppid: 2 flags:0x00000208\n[ 4613.683959] Workqueue: 0000:74:02.0_disco_q sas_revalidate_domain [libsas]\n[ 4613.691518] Call trace:\n[ 4613.694678] __switch_to+0xf8/0x17c\n[ 4613.698872] __schedule+0x660/0xee0\n[ 4613.703063] schedule+0xac/0x240\n[ 4613.706994] schedule_timeout+0x500/0x610\n[ 4613.711705] __down+0x128/0x36c\n[ 4613.715548] down+0x240/0x2d0\n[ 4613.719221] hisi_sas_internal_abort_timeout+0x1bc/0x260 [hisi_sas_main]\n[ 4613.726618] sas_execute_internal_abort+0x144/0x310 [libsas]\n[ 4613.732976] sas_execute_internal_abort_dev+0x44/0x60 [libsas]\n[ 4613.739504] hisi_sas_internal_task_abort_dev.isra.0+0xbc/0x1b0 [hisi_sas_main]\n[ 4613.747499] hisi_sas_dev_gone+0x174/0x250 [hisi_sas_main]\n[ 4613.753682] sas_notify_lldd_dev_gone+0xec/0x2e0 [libsas]\n[ 4613.759781] sas_unregister_common_dev+0x4c/0x7a0 [libsas]\n[ 4613.765962] sas_destruct_devices+0xb8/0x120 [libsas]\n[ 4613.771709] sas_do_revalidate_domain.constprop.0+0x1b8/0x31c [libsas]\n[ 4613.778930] sas_revalidate_domain+0x60/0xa4 [libsas]\n[ 4613.784716] process_one_work+0x248/0x950\n[ 4613.789424] worker_thread+0x318/0x934\n[ 4613.793878] kthread+0x190/0x200\n[ 4613.797810] ret_from_fork+0x10/0x18\n[ 4613.802121] INFO: task kworker/u256:4:316722 blocked for more than 120 seconds.\n[ 4613.816026] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.824538] task:kworker/u256:4 state:D stack: 0 pid:316722 ppid: 2 flags:0x00000208\n[ 4613.833670] Workqueue: 0000:74:02.0 hisi_sas_rst_work_handler [hisi_sas_main]\n[ 4613.841491] Call trace:\n[ 4613.844647] __switch_to+0xf8/0x17c\n[ 4613.848852] __schedule+0x660/0xee0\n[ 4613.853052] schedule+0xac/0x240\n[ 4613.856984] schedule_timeout+0x500/0x610\n[ 4613.861695] __down+0x128/0x36c\n[ 4613.865542] down+0x240/0x2d0\n[ 4613.869216] hisi_sas_controller_prereset+0x58/0x1fc [hisi_sas_main]\n[ 4613.876324] hisi_sas_rst_work_handler+0x40/0x8c [hisi_sas_main]\n[ 4613.883019] process_one_work+0x248/0x950\n[ 4613.887732] worker_thread+0x318/0x934\n[ 4613.892204] kthread+0x190/0x200\n[ 4613.896118] ret_from_fork+0x10/0x18\n[ 4613.900423] INFO: task kworker/u256:1:348985 blocked for more than 121 seconds.\n[ 4613.914341] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.922852] task:kworker/u256:1 state:D stack: 0 pid:348985 ppid: 2 flags:0x00000208\n[ 4613.931984] Workqueue: 0000:74:02.0_event_q sas_port_event_worker [libsas]\n[ 4613.939549] Call trace:\n[ 4613.942702] __switch_to+0xf8/0x17c\n[ 4613.946892] __schedule+0x660/0xee0\n[ 4613.951083] schedule+0xac/0x240\n[ 4613.955015] schedule_timeout+0x500/0x610\n[ 4613.959725] wait_for_common+0x200/0x610\n[ 4613.964349] wait_for_completion+0x3c/0x5c\n[ 4613.969146] flush_workqueue+0x198/0x790\n[ 4613.973776] sas_porte_broadcast_rcvd+0x1e8/0x320 [libsas]\n[ 4613.979960] sas_port_event_worker+0x54/0xa0 [libsas]\n[ 4613.985708] process_one_work+0x248/0x950\n[ 4613.990420] worker_thread+0x318/0x934\n[ 4613.994868] kthread+0x190/0x200\n[ 4613.998800] ret_from_fork+0x10/0x18\n\nThis is because when the device goes offline, we obtain the hisi_hba\nsemaphore and send the ABORT_DEV command to the device. However, the\ninternal abort timed out due to the 2 bit ECC error and triggers automatic\ndump. In addition, since the hisi_hba semaphore has been obtained, the dump\ncannot be executed and the controller cannot be reset.\n\nTherefore, the deadlocks occur on the following circular dependencies\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26873",
"url": "https://www.suse.com/security/cve/CVE-2024-26873"
},
{
"category": "external",
"summary": "SUSE Bug 1223047 for CVE-2024-26873",
"url": "https://bugzilla.suse.com/1223047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-27415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: confirm multicast packets before passing them up the stack\n\nconntrack nf_confirm logic cannot handle cloned skbs referencing\nthe same nf_conn entry, which will happen for multicast (broadcast)\nframes on bridges.\n\n Example:\n macvlan0\n |\n br0\n / \\\n ethX ethY\n\n ethX (or Y) receives a L2 multicast or broadcast packet containing\n an IP packet, flow is not yet in conntrack table.\n\n 1. skb passes through bridge and fake-ip (br_netfilter)Prerouting.\n -\u003e skb-\u003e_nfct now references a unconfirmed entry\n 2. skb is broad/mcast packet. bridge now passes clones out on each bridge\n interface.\n 3. skb gets passed up the stack.\n 4. In macvlan case, macvlan driver retains clone(s) of the mcast skb\n and schedules a work queue to send them out on the lower devices.\n\n The clone skb-\u003e_nfct is not a copy, it is the same entry as the\n original skb. The macvlan rx handler then returns RX_HANDLER_PASS.\n 5. Normal conntrack hooks (in NF_INET_LOCAL_IN) confirm the orig skb.\n\nThe Macvlan broadcast worker and normal confirm path will race.\n\nThis race will not happen if step 2 already confirmed a clone. In that\ncase later steps perform skb_clone() with skb-\u003e_nfct already confirmed (in\nhash table). This works fine.\n\nBut such confirmation won\u0027t happen when eb/ip/nftables rules dropped the\npackets before they reached the nf_confirm step in postrouting.\n\nPablo points out that nf_conntrack_bridge doesn\u0027t allow use of stateful\nnat, so we can safely discard the nf_conn entry and let inet call\nconntrack again.\n\nThis doesn\u0027t work for bridge netfilter: skb could have a nat\ntransformation. Also bridge nf prevents re-invocation of inet prerouting\nvia \u0027sabotage_in\u0027 hook.\n\nWork around this problem by explicit confirmation of the entry at LOCAL_IN\ntime, before upper layer has a chance to clone the unconfirmed entry.\n\nThe downside is that this disables NAT and conntrack helpers.\n\nAlternative fix would be to add locking to all code parts that deal with\nunconfirmed packets, but even if that could be done in a sane way this\nopens up other problems, for example:\n\n-m physdev --physdev-out eth0 -j SNAT --snat-to 1.2.3.4\n-m physdev --physdev-out eth1 -j SNAT --snat-to 1.2.3.5\n\nFor multicast case, only one of such conflicting mappings will be\ncreated, conntrack only handles 1:1 NAT mappings.\n\nUsers should set create a setup that explicitly marks such traffic\nNOTRACK (conntrack bypass) to avoid this, but we cannot auto-bypass\nthem, ruleset might have accept rules for untracked traffic already,\nso user-visible behaviour would change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27415",
"url": "https://www.suse.com/security/cve/CVE-2024-27415"
},
{
"category": "external",
"summary": "SUSE Bug 1224757 for CVE-2024-27415",
"url": "https://bugzilla.suse.com/1224757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-27415"
},
{
"cve": "CVE-2024-35826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix page refcounts for unaligned buffers in __bio_release_pages()\n\nFix an incorrect number of pages being released for buffers that do not\nstart at the beginning of a page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35826",
"url": "https://www.suse.com/security/cve/CVE-2024-35826"
},
{
"category": "external",
"summary": "SUSE Bug 1224610 for CVE-2024-35826",
"url": "https://bugzilla.suse.com/1224610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-40980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: replace spin_lock by raw_spin_lock\n\ntrace_drop_common() is called with preemption disabled, and it acquires\na spin_lock. This is problematic for RT kernels because spin_locks are\nsleeping locks in this configuration, which causes the following splat:\n\nBUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\nin_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 449, name: rcuc/47\npreempt_count: 1, expected: 0\nRCU nest depth: 2, expected: 2\n5 locks held by rcuc/47/449:\n #0: ff1100086ec30a60 ((softirq_ctrl.lock)){+.+.}-{2:2}, at: __local_bh_disable_ip+0x105/0x210\n #1: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: rt_spin_lock+0xbf/0x130\n #2: ffffffffb394a280 (rcu_read_lock){....}-{1:2}, at: __local_bh_disable_ip+0x11c/0x210\n #3: ffffffffb394a160 (rcu_callback){....}-{0:0}, at: rcu_do_batch+0x360/0xc70\n #4: ff1100086ee07520 (\u0026data-\u003elock){+.+.}-{2:2}, at: trace_drop_common.constprop.0+0xb5/0x290\nirq event stamp: 139909\nhardirqs last enabled at (139908): [\u003cffffffffb1df2b33\u003e] _raw_spin_unlock_irqrestore+0x63/0x80\nhardirqs last disabled at (139909): [\u003cffffffffb19bd03d\u003e] trace_drop_common.constprop.0+0x26d/0x290\nsoftirqs last enabled at (139892): [\u003cffffffffb07a1083\u003e] __local_bh_enable_ip+0x103/0x170\nsoftirqs last disabled at (139898): [\u003cffffffffb0909b33\u003e] rcu_cpu_kthread+0x93/0x1f0\nPreemption disabled at:\n[\u003cffffffffb1de786b\u003e] rt_mutex_slowunlock+0xab/0x2e0\nCPU: 47 PID: 449 Comm: rcuc/47 Not tainted 6.9.0-rc2-rt1+ #7\nHardware name: Dell Inc. PowerEdge R650/0Y2G81, BIOS 1.6.5 04/15/2022\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x8c/0xd0\n dump_stack+0x14/0x20\n __might_resched+0x21e/0x2f0\n rt_spin_lock+0x5e/0x130\n ? trace_drop_common.constprop.0+0xb5/0x290\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_drop_common.constprop.0+0xb5/0x290\n ? preempt_count_sub+0x1c/0xd0\n ? _raw_spin_unlock_irqrestore+0x4a/0x80\n ? __pfx_trace_drop_common.constprop.0+0x10/0x10\n ? rt_mutex_slowunlock+0x26a/0x2e0\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_rt_mutex_slowunlock+0x10/0x10\n ? skb_queue_purge_reason.part.0+0x1bf/0x230\n trace_kfree_skb_hit+0x15/0x20\n trace_kfree_skb+0xe9/0x150\n kfree_skb_reason+0x7b/0x110\n skb_queue_purge_reason.part.0+0x1bf/0x230\n ? __pfx_skb_queue_purge_reason.part.0+0x10/0x10\n ? mark_lock.part.0+0x8a/0x520\n...\n\ntrace_drop_common() also disables interrupts, but this is a minor issue\nbecause we could easily replace it with a local_lock.\n\nReplace the spin_lock with raw_spin_lock to avoid sleeping in atomic\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40980",
"url": "https://www.suse.com/security/cve/CVE-2024-40980"
},
{
"category": "external",
"summary": "SUSE Bug 1227937 for CVE-2024-40980",
"url": "https://bugzilla.suse.com/1227937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-40980"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: prevent derefencing NULL ptr in pfn_section_valid()\n\nCommit 5ec8e8ea8b77 (\"mm/sparsemem: fix race in accessing\nmemory_section-\u003eusage\") changed pfn_section_valid() to add a READ_ONCE()\ncall around \"ms-\u003eusage\" to fix a race with section_deactivate() where\nms-\u003eusage can be cleared. The READ_ONCE() call, by itself, is not enough\nto prevent NULL pointer dereference. We need to check its value before\ndereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41055",
"url": "https://www.suse.com/security/cve/CVE-2024-41055"
},
{
"category": "external",
"summary": "SUSE Bug 1228521 for CVE-2024-41055",
"url": "https://bugzilla.suse.com/1228521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-41055"
},
{
"cve": "CVE-2024-41077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix validation of block size\n\nBlock size should be between 512 and PAGE_SIZE and be a power of 2. The current\ncheck does not validate this, so update the check.\n\nWithout this patch, null_blk would Oops due to a null pointer deref when\nloaded with bs=1536 [1].\n\n\n[axboe: remove unnecessary braces and != 0 check]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41077",
"url": "https://www.suse.com/security/cve/CVE-2024-41077"
},
{
"category": "external",
"summary": "SUSE Bug 1228653 for CVE-2024-41077",
"url": "https://bugzilla.suse.com/1228653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41149",
"url": "https://www.suse.com/security/cve/CVE-2024-41149"
},
{
"category": "external",
"summary": "SUSE Bug 1235698 for CVE-2024-41149",
"url": "https://bugzilla.suse.com/1235698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n fs/smb/client/cifsfs.c:1981 init_cifs()\n error: we previously assumed \u0027serverclose_wq\u0027 could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42307",
"url": "https://www.suse.com/security/cve/CVE-2024-42307"
},
{
"category": "external",
"summary": "SUSE Bug 1229361 for CVE-2024-42307",
"url": "https://bugzilla.suse.com/1229361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-44974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-44974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: avoid possible UaF when selecting endp\n\nselect_local_address() and select_signal_address() both select an\nendpoint entry from the list inside an RCU protected section, but return\na reference to it, to be read later on. If the entry is dereferenced\nafter the RCU unlock, reading info could cause a Use-after-Free.\n\nA simple solution is to copy the required info while inside the RCU\nprotected section to avoid any risk of UaF later. The address ID might\nneed to be modified later to handle the ID0 case later, so a copy seems\nOK to deal with.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-44974",
"url": "https://www.suse.com/security/cve/CVE-2024-44974"
},
{
"category": "external",
"summary": "SUSE Bug 1230235 for CVE-2024-44974",
"url": "https://bugzilla.suse.com/1230235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-44974"
},
{
"cve": "CVE-2024-45009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only decrement add_addr_accepted for MPJ req\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk-\u003epm.add_addr_accepted == 0)\n\n... before decrementing the add_addr_accepted counter helped to find a\nbug when running the \"remove single subflow\" subtest from the\nmptcp_join.sh selftest.\n\nRemoving a \u0027subflow\u0027 endpoint will first trigger a RM_ADDR, then the\nsubflow closure. Before this patch, and upon the reception of the\nRM_ADDR, the other peer will then try to decrement this\nadd_addr_accepted. That\u0027s not correct because the attached subflows have\nnot been created upon the reception of an ADD_ADDR.\n\nA way to solve that is to decrement the counter only if the attached\nsubflow was an MP_JOIN to a remote id that was not 0, and initiated by\nthe host receiving the RM_ADDR.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45009",
"url": "https://www.suse.com/security/cve/CVE-2024-45009"
},
{
"category": "external",
"summary": "SUSE Bug 1230438 for CVE-2024-45009",
"url": "https://bugzilla.suse.com/1230438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-45009"
},
{
"cve": "CVE-2024-45010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-45010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only mark \u0027subflow\u0027 endp as available\n\nAdding the following warning ...\n\n WARN_ON_ONCE(msk-\u003epm.local_addr_used == 0)\n\n... before decrementing the local_addr_used counter helped to find a bug\nwhen running the \"remove single address\" subtest from the mptcp_join.sh\nselftests.\n\nRemoving a \u0027signal\u0027 endpoint will trigger the removal of all subflows\nlinked to this endpoint via mptcp_pm_nl_rm_addr_or_subflow() with\nrm_type == MPTCP_MIB_RMSUBFLOW. This will decrement the local_addr_used\ncounter, which is wrong in this case because this counter is linked to\n\u0027subflow\u0027 endpoints, and here it is a \u0027signal\u0027 endpoint that is being\nremoved.\n\nNow, the counter is decremented, only if the ID is being used outside\nof mptcp_pm_nl_rm_addr_or_subflow(), only for \u0027subflow\u0027 endpoints, and\nif the ID is not 0 -- local_addr_used is not taking into account these\nones. This marking of the ID as being available, and the decrement is\ndone no matter if a subflow using this ID is currently available,\nbecause the subflow could have been closed before.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-45010",
"url": "https://www.suse.com/security/cve/CVE-2024-45010"
},
{
"category": "external",
"summary": "SUSE Bug 1230439 for CVE-2024-45010",
"url": "https://bugzilla.suse.com/1230439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-45010"
},
{
"cve": "CVE-2024-46736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46736",
"url": "https://www.suse.com/security/cve/CVE-2024-46736"
},
{
"category": "external",
"summary": "SUSE Bug 1230728 for CVE-2024-46736",
"url": "https://bugzilla.suse.com/1230728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n CIFS: Attempting to mount //w22-fs0/scratch\n run fstests generic/013 at 2024-09-02 19:48:59\n ==================================================================\n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n 04/01/2014\n Workqueue: cifsoplockd cifs_oplock_break [cifs]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? detach_if_pending+0xab/0x200\n print_report+0x156/0x4d9\n ? detach_if_pending+0xab/0x200\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? detach_if_pending+0xab/0x200\n kasan_report+0xda/0x110\n ? detach_if_pending+0xab/0x200\n detach_if_pending+0xab/0x200\n timer_delete+0x96/0xe0\n ? __pfx_timer_delete+0x10/0x10\n ? rcu_is_watching+0x20/0x50\n try_to_grab_pending+0x46/0x3b0\n __cancel_work+0x89/0x1b0\n ? __pfx___cancel_work+0x10/0x10\n ? kasan_save_track+0x14/0x30\n cifs_close_deferred_file+0x110/0x2c0 [cifs]\n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n ? __pfx_down_read+0x10/0x10\n cifs_oplock_break+0x4c1/0xa50 [cifs]\n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n ? lock_is_held_type+0x85/0xf0\n ? mark_held_locks+0x1a/0x90\n process_one_work+0x4c6/0x9f0\n ? find_held_lock+0x8a/0xa0\n ? __pfx_process_one_work+0x10/0x10\n ? lock_acquired+0x220/0x550\n ? __list_add_valid_or_report+0x37/0x100\n worker_thread+0x2e4/0x570\n ? __kthread_parkme+0xd1/0xf0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x17f/0x1c0\n ? kthread+0xda/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 1118:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n cifs_atomic_open+0x467/0x770 [cifs]\n lookup_open.isra.0+0x665/0x8b0\n path_openat+0x4c3/0x1380\n do_filp_open+0x167/0x270\n do_sys_openat2+0x129/0x160\n __x64_sys_creat+0xad/0xe0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 83:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n poison_slab_object+0xe9/0x160\n __kasan_slab_free+0x32/0x50\n kfree+0xf2/0x300\n process_one_work+0x4c6/0x9f0\n worker_thread+0x2e4/0x570\n kthread+0x17f/0x1c0\n ret_from_fork+0x31/0x60\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x30/0x50\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x29/0xe0\n __queue_work+0x5ea/0x760\n queue_work_on+0x6d/0x90\n _cifsFileInfo_put+0x3f6/0x770 [cifs]\n smb2_compound_op+0x911/0x3940 [cifs]\n smb2_set_path_size+0x228/0x270 [cifs]\n cifs_set_file_size+0x197/0x460 [cifs]\n cifs_setattr+0xd9c/0x14b0 [cifs]\n notify_change+0x4e3/0x740\n do_truncate+0xfa/0x180\n vfs_truncate+0x195/0x200\n __x64_sys_truncate+0x109/0x150\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46796",
"url": "https://www.suse.com/security/cve/CVE-2024-46796"
},
{
"category": "external",
"summary": "SUSE Bug 1230832 for CVE-2024-46796",
"url": "https://bugzilla.suse.com/1230832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-46858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: Fix uaf in __timer_delete_sync\n\nThere are two paths to access mptcp_pm_del_add_timer, result in a race\ncondition:\n\n CPU1\t\t\t\tCPU2\n ==== ====\n net_rx_action\n napi_poll netlink_sendmsg\n __napi_poll netlink_unicast\n process_backlog netlink_unicast_kernel\n __netif_receive_skb genl_rcv\n __netif_receive_skb_one_core netlink_rcv_skb\n NF_HOOK genl_rcv_msg\n ip_local_deliver_finish genl_family_rcv_msg\n ip_protocol_deliver_rcu genl_family_rcv_msg_doit\n tcp_v4_rcv mptcp_pm_nl_flush_addrs_doit\n tcp_v4_do_rcv mptcp_nl_remove_addrs_list\n tcp_rcv_established mptcp_pm_remove_addrs_and_subflows\n tcp_data_queue remove_anno_list_by_saddr\n mptcp_incoming_options mptcp_pm_del_add_timer\n mptcp_pm_del_add_timer kfree(entry)\n\nIn remove_anno_list_by_saddr(running on CPU2), after leaving the critical\nzone protected by \"pm.lock\", the entry will be released, which leads to the\noccurrence of uaf in the mptcp_pm_del_add_timer(running on CPU1).\n\nKeeping a reference to add_timer inside the lock, and calling\nsk_stop_timer_sync() with this reference, instead of \"entry-\u003eadd_timer\".\n\nMove list_del(\u0026entry-\u003elist) to mptcp_pm_del_add_timer and inside the pm lock,\ndo not directly access any members of the entry outside the pm lock, which\ncan avoid similar \"entry-\u003ex\" uaf.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46858",
"url": "https://www.suse.com/security/cve/CVE-2024-46858"
},
{
"category": "external",
"summary": "SUSE Bug 1231088 for CVE-2024-46858",
"url": "https://bugzilla.suse.com/1231088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-46858"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid OOB when system.data xattr changes underneath the filesystem\n\nWhen looking up for an entry in an inlined directory, if e_value_offs is\nchanged underneath the filesystem by some change in the block device, it\nwill lead to an out-of-bounds access that KASAN detects as an UAF.\n\nEXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.\nloop0: detected capacity change from 2048 to 2047\n==================================================================\nBUG: KASAN: use-after-free in ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\nRead of size 1 at addr ffff88803e91130f by task syz-executor269/5103\n\nCPU: 0 UID: 0 PID: 5103 Comm: syz-executor269 Not tainted 6.11.0-rc4-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n ext4_search_dir+0xf2/0x1c0 fs/ext4/namei.c:1500\n ext4_find_inline_entry+0x4be/0x5e0 fs/ext4/inline.c:1697\n __ext4_find_entry+0x2b4/0x1b30 fs/ext4/namei.c:1573\n ext4_lookup_entry fs/ext4/namei.c:1727 [inline]\n ext4_lookup+0x15f/0x750 fs/ext4/namei.c:1795\n lookup_one_qstr_excl+0x11f/0x260 fs/namei.c:1633\n filename_create+0x297/0x540 fs/namei.c:3980\n do_symlinkat+0xf9/0x3a0 fs/namei.c:4587\n __do_sys_symlinkat fs/namei.c:4610 [inline]\n __se_sys_symlinkat fs/namei.c:4607 [inline]\n __x64_sys_symlinkat+0x95/0xb0 fs/namei.c:4607\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f3e73ced469\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 21 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff4d40c258 EFLAGS: 00000246 ORIG_RAX: 000000000000010a\nRAX: ffffffffffffffda RBX: 0032656c69662f2e RCX: 00007f3e73ced469\nRDX: 0000000020000200 RSI: 00000000ffffff9c RDI: 00000000200001c0\nRBP: 0000000000000000 R08: 00007fff4d40c290 R09: 00007fff4d40c290\nR10: 0023706f6f6c2f76 R11: 0000000000000246 R12: 00007fff4d40c27c\nR13: 0000000000000003 R14: 431bde82d7b634db R15: 00007fff4d40c2b0\n \u003c/TASK\u003e\n\nCalling ext4_xattr_ibody_find right after reading the inode with\next4_get_inode_loc will lead to a check of the validity of the xattrs,\navoiding this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47701",
"url": "https://www.suse.com/security/cve/CVE-2024-47701"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1231920 for CVE-2024-47701",
"url": "https://bugzilla.suse.com/1231920"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix slab-use-after-free in ext4_split_extent_at()\n\nWe hit the following use-after-free:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in ext4_split_extent_at+0xba8/0xcc0\nRead of size 2 at addr ffff88810548ed08 by task kworker/u20:0/40\nCPU: 0 PID: 40 Comm: kworker/u20:0 Not tainted 6.9.0-dirty #724\nCall Trace:\n \u003cTASK\u003e\n kasan_report+0x93/0xc0\n ext4_split_extent_at+0xba8/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nAllocated by task 40:\n __kmalloc_noprof+0x1ac/0x480\n ext4_find_extent+0xf3b/0x1e70\n ext4_ext_map_blocks+0x188/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n\nFreed by task 40:\n kfree+0xf1/0x2b0\n ext4_find_extent+0xa71/0x1e70\n ext4_ext_insert_extent+0xa22/0x3260\n ext4_split_extent_at+0x3ef/0xcc0\n ext4_split_extent.isra.0+0x18f/0x500\n ext4_split_convert_extents+0x275/0x750\n ext4_ext_handle_unwritten_extents+0x73e/0x1580\n ext4_ext_map_blocks+0xe20/0x2dc0\n ext4_map_blocks+0x724/0x1700\n ext4_do_writepages+0x12d6/0x2a70\n[...]\n==================================================================\n\nThe flow of issue triggering is as follows:\n\next4_split_extent_at\n path = *ppath\n ext4_ext_insert_extent(ppath)\n ext4_ext_create_new_leaf(ppath)\n ext4_find_extent(orig_path)\n path = *orig_path\n read_extent_tree_block\n // return -ENOMEM or -EIO\n ext4_free_ext_path(path)\n kfree(path)\n *orig_path = NULL\n a. If err is -ENOMEM:\n ext4_ext_dirty(path + path-\u003ep_depth)\n // path use-after-free !!!\n b. If err is -EIO and we have EXT_DEBUG defined:\n ext4_ext_show_leaf(path)\n eh = path[depth].p_hdr\n // path also use-after-free !!!\n\nSo when trying to zeroout or fix the extent length, call ext4_find_extent()\nto update the path.\n\nIn addition we use *ppath directly as an ext4_ext_show_leaf() input to\navoid possible use-after-free when EXT_DEBUG is defined, and to avoid\nunnecessary path updates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49884",
"url": "https://www.suse.com/security/cve/CVE-2024-49884"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232198 for CVE-2024-49884",
"url": "https://bugzilla.suse.com/1232198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-49884"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session-\u003etunnel is non-NULL. However, session-\u003etunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession-\u003etunnel is non-NULL when the tunnel refcount hasn\u0027t been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession-\u003etunnel to get the tunnel\u0027s encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session-\u003etunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn\u0027t yet have session-\u003etunnel set. Add a check for\nthis case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49940",
"url": "https://www.suse.com/security/cve/CVE-2024-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1232812 for CVE-2024-49940",
"url": "https://bugzilla.suse.com/1232812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix uaf in l2cap_connect\n\n[Syzbot reported]\nBUG: KASAN: slab-use-after-free in l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\nRead of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54\n\nCPU: 0 UID: 0 PID: 54 Comm: kworker/u9:0 Not tainted 6.11.0-rc6-syzkaller-00268-g788220eee30d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nWorkqueue: hci2 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n l2cap_connect.constprop.0+0x10d8/0x1270 net/bluetooth/l2cap_core.c:3949\n l2cap_connect_req net/bluetooth/l2cap_core.c:4080 [inline]\n l2cap_bredr_sig_cmd net/bluetooth/l2cap_core.c:4772 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5543 [inline]\n l2cap_recv_frame+0xf0b/0x8eb0 net/bluetooth/l2cap_core.c:6825\n l2cap_recv_acldata+0x9b4/0xb70 net/bluetooth/l2cap_core.c:7514\n hci_acldata_packet net/bluetooth/hci_core.c:3791 [inline]\n hci_rx_work+0xaab/0x1610 net/bluetooth/hci_core.c:4028\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n...\n\nFreed by task 5245:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579\n poison_slab_object+0xf7/0x160 mm/kasan/common.c:240\n __kasan_slab_free+0x32/0x50 mm/kasan/common.c:256\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2256 [inline]\n slab_free mm/slub.c:4477 [inline]\n kfree+0x12a/0x3b0 mm/slub.c:4598\n l2cap_conn_free net/bluetooth/l2cap_core.c:1810 [inline]\n kref_put include/linux/kref.h:65 [inline]\n l2cap_conn_put net/bluetooth/l2cap_core.c:1822 [inline]\n l2cap_conn_del+0x59d/0x730 net/bluetooth/l2cap_core.c:1802\n l2cap_connect_cfm+0x9e6/0xf80 net/bluetooth/l2cap_core.c:7241\n hci_connect_cfm include/net/bluetooth/hci_core.h:1960 [inline]\n hci_conn_failed+0x1c3/0x370 net/bluetooth/hci_conn.c:1265\n hci_abort_conn_sync+0x75a/0xb50 net/bluetooth/hci_sync.c:5583\n abort_conn_sync+0x197/0x360 net/bluetooth/hci_conn.c:2917\n hci_cmd_sync_work+0x1a4/0x410 net/bluetooth/hci_sync.c:328\n process_one_work+0x9c5/0x1b40 kernel/workqueue.c:3231\n process_scheduled_works kernel/workqueue.c:3312 [inline]\n worker_thread+0x6c8/0xed0 kernel/workqueue.c:3389\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49950",
"url": "https://www.suse.com/security/cve/CVE-2024-49950"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232159 for CVE-2024-49950",
"url": "https://bugzilla.suse.com/1232159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-49950"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync\n\nThis checks if the ACL connection remains valid as it could be destroyed\nwhile hci_enhanced_setup_sync is pending on cmd_sync leading to the\nfollowing trace:\n\nBUG: KASAN: slab-use-after-free in hci_enhanced_setup_sync+0x91b/0xa60\nRead of size 1 at addr ffff888002328ffd by task kworker/u5:2/37\n\nCPU: 0 UID: 0 PID: 37 Comm: kworker/u5:2 Not tainted 6.11.0-rc6-01300-g810be445d8d6 #7099\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? hci_enhanced_setup_sync+0x91b/0xa60\n print_report+0x152/0x4c0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n ? __virt_addr_valid+0x1fa/0x420\n ? hci_enhanced_setup_sync+0x91b/0xa60\n kasan_report+0xda/0x1b0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n hci_enhanced_setup_sync+0x91b/0xa60\n ? __pfx_hci_enhanced_setup_sync+0x10/0x10\n ? __pfx___mutex_lock+0x10/0x10\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n ? __pfx_lock_acquire+0x10/0x10\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x167/0x240\n worker_thread+0x5b7/0xf60\n ? __kthread_parkme+0xac/0x1c0\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x293/0x360\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 34:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __hci_conn_add+0x187/0x17d0\n hci_connect_sco+0x2e1/0xb90\n sco_sock_connect+0x2a2/0xb80\n __sys_connect+0x227/0x2a0\n __x64_sys_connect+0x6d/0xb0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 37:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x101/0x160\n kfree+0xd0/0x250\n device_release+0x9a/0x210\n kobject_put+0x151/0x280\n hci_conn_del+0x448/0xbf0\n hci_abort_conn_sync+0x46f/0x980\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n worker_thread+0x5b7/0xf60\n kthread+0x293/0x360\n ret_from_fork+0x2f/0x70\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50029",
"url": "https://www.suse.com/security/cve/CVE-2024-50029"
},
{
"category": "external",
"summary": "SUSE Bug 1231949 for CVE-2024-50029",
"url": "https://bugzilla.suse.com/1231949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50029"
},
{
"cve": "CVE-2024-50036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not delay dst_entries_add() in dst_release()\n\ndst_entries_add() uses per-cpu data that might be freed at netns\ndismantle from ip6_route_net_exit() calling dst_entries_destroy()\n\nBefore ip6_route_net_exit() can be called, we release all\nthe dsts associated with this netns, via calls to dst_release(),\nwhich waits an rcu grace period before calling dst_destroy()\n\ndst_entries_add() use in dst_destroy() is racy, because\ndst_entries_destroy() could have been called already.\n\nDecrementing the number of dsts must happen sooner.\n\nNotes:\n\n1) in CONFIG_XFRM case, dst_destroy() can call\n dst_release_immediate(child), this might also cause UAF\n if the child does not have DST_NOCOUNT set.\n IPSEC maintainers might take a look and see how to address this.\n\n2) There is also discussion about removing this count of dst,\n which might happen in future kernels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50036",
"url": "https://www.suse.com/security/cve/CVE-2024-50036"
},
{
"category": "external",
"summary": "SUSE Bug 1231912 for CVE-2024-50036",
"url": "https://bugzilla.suse.com/1231912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50036"
},
{
"cve": "CVE-2024-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: avoid NFPROTO_UNSPEC where needed\n\nsyzbot managed to call xt_cluster match via ebtables:\n\n WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780\n [..]\n ebt_do_table+0x174b/0x2a40\n\nModule registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet\nprocessing. As this is only useful to restrict locally terminating\nTCP/UDP traffic, register this for ipv4 and ipv6 family only.\n\nPablo points out that this is a general issue, direct users of the\nset/getsockopt interface can call into targets/matches that were only\nintended for use with ip(6)tables.\n\nCheck all UNSPEC matches and targets for similar issues:\n\n- matches and targets are fine except if they assume skb_network_header()\n is valid -- this is only true when called from inet layer: ip(6) stack\n pulls the ip/ipv6 header into linear data area.\n- targets that return XT_CONTINUE or other xtables verdicts must be\n restricted too, they are incompatbile with the ebtables traverser, e.g.\n EBT_CONTINUE is a completely different value than XT_CONTINUE.\n\nMost matches/targets are changed to register for NFPROTO_IPV4/IPV6, as\nthey are provided for use by ip(6)tables.\n\nThe MARK target is also used by arptables, so register for NFPROTO_ARP too.\n\nWhile at it, bail out if connbytes fails to enable the corresponding\nconntrack family.\n\nThis change passes the selftests in iptables.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50038",
"url": "https://www.suse.com/security/cve/CVE-2024-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1231910 for CVE-2024-50038",
"url": "https://bugzilla.suse.com/1231910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50038"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Fix use-after-free in gsm_cleanup_mux\n\nBUG: KASAN: slab-use-after-free in gsm_cleanup_mux+0x77b/0x7b0\ndrivers/tty/n_gsm.c:3160 [n_gsm]\nRead of size 8 at addr ffff88815fe99c00 by task poc/3379\nCPU: 0 UID: 0 PID: 3379 Comm: poc Not tainted 6.11.0+ #56\nHardware name: VMware, Inc. VMware Virtual Platform/440BX\nDesktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n \u003cTASK\u003e\n gsm_cleanup_mux+0x77b/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n __pfx_gsm_cleanup_mux+0x10/0x10 drivers/tty/n_gsm.c:3124 [n_gsm]\n __pfx_sched_clock_cpu+0x10/0x10 kernel/sched/clock.c:389\n update_load_avg+0x1c1/0x27b0 kernel/sched/fair.c:4500\n __pfx_min_vruntime_cb_rotate+0x10/0x10 kernel/sched/fair.c:846\n __rb_insert_augmented+0x492/0xbf0 lib/rbtree.c:161\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n _raw_spin_lock_irqsave+0x92/0xf0 arch/x86/include/asm/atomic.h:107\n __pfx_gsmld_ioctl+0x10/0x10 drivers/tty/n_gsm.c:3822 [n_gsm]\n ktime_get+0x5e/0x140 kernel/time/timekeeping.c:195\n ldsem_down_read+0x94/0x4e0 arch/x86/include/asm/atomic64_64.h:79\n __pfx_ldsem_down_read+0x10/0x10 drivers/tty/tty_ldsem.c:338\n __pfx_do_vfs_ioctl+0x10/0x10 fs/ioctl.c:805\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\nAllocated by task 65:\n gsm_data_alloc.constprop.0+0x27/0x190 drivers/tty/n_gsm.c:926 [n_gsm]\n gsm_send+0x2c/0x580 drivers/tty/n_gsm.c:819 [n_gsm]\n gsm1_receive+0x547/0xad0 drivers/tty/n_gsm.c:3038 [n_gsm]\n gsmld_receive_buf+0x176/0x280 drivers/tty/n_gsm.c:3609 [n_gsm]\n tty_ldisc_receive_buf+0x101/0x1e0 drivers/tty/tty_buffer.c:391\n tty_port_default_receive_buf+0x61/0xa0 drivers/tty/tty_port.c:39\n flush_to_ldisc+0x1b0/0x750 drivers/tty/tty_buffer.c:445\n process_scheduled_works+0x2b0/0x10d0 kernel/workqueue.c:3229\n worker_thread+0x3dc/0x950 kernel/workqueue.c:3391\n kthread+0x2a3/0x370 kernel/kthread.c:389\n ret_from_fork+0x2d/0x70 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:257\n\nFreed by task 3367:\n kfree+0x126/0x420 mm/slub.c:4580\n gsm_cleanup_mux+0x36c/0x7b0 drivers/tty/n_gsm.c:3160 [n_gsm]\n gsmld_ioctl+0x395/0x1450 drivers/tty/n_gsm.c:3408 [n_gsm]\n tty_ioctl+0x643/0x1100 drivers/tty/tty_io.c:2818\n\n[Analysis]\ngsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux\ncan be freed by multi threads through ioctl,which leads\nto the occurrence of uaf. Protect it by gsm tx lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50073",
"url": "https://www.suse.com/security/cve/CVE-2024-50073"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232520 for CVE-2024-50073",
"url": "https://bugzilla.suse.com/1232520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-50073"
},
{
"cve": "CVE-2024-50085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow\n\nSyzkaller reported this splat:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n Read of size 4 at addr ffff8880569ac858 by task syz.1.2799/14662\n\n CPU: 0 UID: 0 PID: 14662 Comm: syz.1.2799 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n mptcp_pm_nl_rm_addr_or_subflow+0xb44/0xcc0 net/mptcp/pm_netlink.c:881\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:914 [inline]\n mptcp_nl_remove_id_zero_address+0x305/0x4a0 net/mptcp/pm_netlink.c:1572\n mptcp_pm_nl_del_addr_doit+0x5c9/0x770 net/mptcp/pm_netlink.c:1603\n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x165/0x410 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg net/socket.c:744 [inline]\n ____sys_sendmsg+0x9ae/0xb40 net/socket.c:2607\n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2661\n __sys_sendmsg+0x117/0x1f0 net/socket.c:2690\n do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]\n __do_fast_syscall_32+0x73/0x120 arch/x86/entry/common.c:386\n do_fast_syscall_32+0x32/0x80 arch/x86/entry/common.c:411\n entry_SYSENTER_compat_after_hwframe+0x84/0x8e\n RIP: 0023:0xf7fe4579\n Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 \u003c5d\u003e 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00\n RSP: 002b:00000000f574556c EFLAGS: 00000296 ORIG_RAX: 0000000000000172\n RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000020000140\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n \u003c/TASK\u003e\n\n Allocated by task 5387:\n kasan_save_stack+0x33/0x60 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kmalloc_noprof include/linux/slab.h:878 [inline]\n kzalloc_noprof include/linux/slab.h:1014 [inline]\n subflow_create_ctx+0x87/0x2a0 net/mptcp/subflow.c:1803\n subflow_ulp_init+0xc3/0x4d0 net/mptcp/subflow.c:1956\n __tcp_set_ulp net/ipv4/tcp_ulp.c:146 [inline]\n tcp_set_ulp+0x326/0x7f0 net/ipv4/tcp_ulp.c:167\n mptcp_subflow_create_socket+0x4ae/0x10a0 net/mptcp/subflow.c:1764\n __mptcp_subflow_connect+0x3cc/0x1490 net/mptcp/subflow.c:1592\n mptcp_pm_create_subflow_or_signal_addr+0xbda/0x23a0 net/mptcp/pm_netlink.c:642\n mptcp_pm_nl_fully_established net/mptcp/pm_netlink.c:650 [inline]\n mptcp_pm_nl_work+0x3a1/0x4f0 net/mptcp/pm_netlink.c:943\n mptcp_worker+0x15a/0x1240 net/mptcp/protocol.c:2777\n process_one_work+0x958/0x1b30 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/ke\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50085",
"url": "https://www.suse.com/security/cve/CVE-2024-50085"
},
{
"category": "external",
"summary": "SUSE Bug 1232508 for CVE-2024-50085",
"url": "https://bugzilla.suse.com/1232508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50085"
},
{
"cve": "CVE-2024-50115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Ignore nCR3[4:0] when loading PDPTEs from memory\n\nIgnore nCR3[4:0] when loading PDPTEs from memory for nested SVM, as bits\n4:0 of CR3 are ignored when PAE paging is used, and thus VMRUN doesn\u0027t\nenforce 32-byte alignment of nCR3.\n\nIn the absolute worst case scenario, failure to ignore bits 4:0 can result\nin an out-of-bounds read, e.g. if the target page is at the end of a\nmemslot, and the VMM isn\u0027t using guard pages.\n\nPer the APM:\n\n The CR3 register points to the base address of the page-directory-pointer\n table. The page-directory-pointer table is aligned on a 32-byte boundary,\n with the low 5 address bits 4:0 assumed to be 0.\n\nAnd the SDM\u0027s much more explicit:\n\n 4:0 Ignored\n\nNote, KVM gets this right when loading PDPTRs, it\u0027s only the nSVM flow\nthat is broken.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50115",
"url": "https://www.suse.com/security/cve/CVE-2024-50115"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1232919 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1232919"
},
{
"category": "external",
"summary": "SUSE Bug 1233019 for CVE-2024-50115",
"url": "https://bugzilla.suse.com/1233019"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-50115"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50142"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset\n\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:\nValidate address prefix lengths in the xfrm selector.\")\n\nsyzbot created an SA with\n usersa.sel.family = AF_UNSPEC\n usersa.sel.prefixlen_s = 128\n usersa.family = AF_INET\n\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn\u0027t put\nlimits on prefixlen_{s,d}. But then copy_from_user_state sets\nx-\u003esel.family to usersa.family (AF_INET). Do the same conversion in\nverify_newsa_info before validating prefixlen_{s,d}, since that\u0027s how\nprefixlen is going to be used later on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50142",
"url": "https://www.suse.com/security/cve/CVE-2024-50142"
},
{
"category": "external",
"summary": "SUSE Bug 1233028 for CVE-2024-50142",
"url": "https://bugzilla.suse.com/1233028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50142"
},
{
"cve": "CVE-2024-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n\u0027ea is initialized to NULL\u0027 -\u003e \u0027first successful memory allocation for\nea\u0027 -\u003e \u0027something failed, goto sea_exit\u0027 -\u003e \u0027first memory release for ea\u0027\n-\u003e \u0027goto replay_again\u0027 -\u003e \u0027second goto sea_exit before allocate memory\nfor ea\u0027 -\u003e \u0027second memory release for ea resulted in double free\u0027.\n\nRe-initialie \u0027ea\u0027 to NULL near to the replay_again label, it can fix this\ndouble free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50152",
"url": "https://www.suse.com/security/cve/CVE-2024-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1233033 for CVE-2024-50152",
"url": "https://bugzilla.suse.com/1233033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50185",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50185"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle consistently DSS corruption\n\nBugged peer implementation can send corrupted DSS options, consistently\nhitting a few warning in the data path. Use DEBUG_NET assertions, to\navoid the splat on some builds and handle consistently the error, dumping\nrelated MIBs and performing fallback and/or reset according to the\nsubflow type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50185",
"url": "https://www.suse.com/security/cve/CVE-2024-50185"
},
{
"category": "external",
"summary": "SUSE Bug 1233109 for CVE-2024-50185",
"url": "https://bugzilla.suse.com/1233109"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50185"
},
{
"cve": "CVE-2024-50251",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50251"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_payload: sanitize offset and length before calling skb_checksum()\n\nIf access to offset + length is larger than the skbuff length, then\nskb_checksum() triggers BUG_ON().\n\nskb_checksum() internally subtracts the length parameter while iterating\nover skbuff, BUG_ON(len) at the end of it checks that the expected\nlength to be included in the checksum calculation is fully consumed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50251",
"url": "https://www.suse.com/security/cve/CVE-2024-50251"
},
{
"category": "external",
"summary": "SUSE Bug 1233248 for CVE-2024-50251",
"url": "https://bugzilla.suse.com/1233248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50251"
},
{
"cve": "CVE-2024-50258",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50258"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix crash when config small gso_max_size/gso_ipv4_max_size\n\nConfig a small gso_max_size/gso_ipv4_max_size will lead to an underflow\nin sk_dst_gso_max_size(), which may trigger a BUG_ON crash,\nbecause sk-\u003esk_gso_max_size would be much bigger than device limits.\nCall Trace:\ntcp_write_xmit\n tso_segs = tcp_init_tso_segs(skb, mss_now);\n tcp_set_skb_tso_segs\n tcp_skb_pcount_set\n // skb-\u003elen = 524288, mss_now = 8\n // u16 tso_segs = 524288/8 = 65535 -\u003e 0\n tso_segs = DIV_ROUND_UP(skb-\u003elen, mss_now)\n BUG_ON(!tso_segs)\nAdd check for the minimum value of gso_max_size and gso_ipv4_max_size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50258",
"url": "https://www.suse.com/security/cve/CVE-2024-50258"
},
{
"category": "external",
"summary": "SUSE Bug 1233221 for CVE-2024-50258",
"url": "https://bugzilla.suse.com/1233221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50258"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50294"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix missing locking causing hanging calls\n\nIf a call gets aborted (e.g. because kafs saw a signal) between it being\nqueued for connection and the I/O thread picking up the call, the abort\nwill be prioritised over the connection and it will be removed from\nlocal-\u003enew_client_calls by rxrpc_disconnect_client_call() without a lock\nbeing held. This may cause other calls on the list to disappear if a race\noccurs.\n\nFix this by taking the client_call_lock when removing a call from whatever\nlist its -\u003ewait_link happens to be on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50294",
"url": "https://www.suse.com/security/cve/CVE-2024-50294"
},
{
"category": "external",
"summary": "SUSE Bug 1233483 for CVE-2024-50294",
"url": "https://bugzilla.suse.com/1233483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50294"
},
{
"cve": "CVE-2024-50304",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50304"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find()\n\nThe per-netns IP tunnel hash table is protected by the RTNL mutex and\nip_tunnel_find() is only called from the control path where the mutex is\ntaken.\n\nAdd a lockdep expression to hlist_for_each_entry_rcu() in\nip_tunnel_find() in order to validate that the mutex is held and to\nsilence the suspicious RCU usage warning [1].\n\n[1]\nWARNING: suspicious RCU usage\n6.12.0-rc3-custom-gd95d9a31aceb #139 Not tainted\n-----------------------------\nnet/ipv4/ip_tunnel.c:221 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n1 lock held by ip/362:\n #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60\n\nstack backtrace:\nCPU: 12 UID: 0 PID: 362 Comm: ip Not tainted 6.12.0-rc3-custom-gd95d9a31aceb #139\nHardware name: Bochs Bochs, BIOS Bochs 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xba/0x110\n lockdep_rcu_suspicious.cold+0x4f/0xd6\n ip_tunnel_find+0x435/0x4d0\n ip_tunnel_newlink+0x517/0x7a0\n ipgre_newlink+0x14c/0x170\n __rtnl_newlink+0x1173/0x19c0\n rtnl_newlink+0x6c/0xa0\n rtnetlink_rcv_msg+0x3cc/0xf60\n netlink_rcv_skb+0x171/0x450\n netlink_unicast+0x539/0x7f0\n netlink_sendmsg+0x8c1/0xd80\n ____sys_sendmsg+0x8f9/0xc20\n ___sys_sendmsg+0x197/0x1e0\n __sys_sendmsg+0x122/0x1f0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50304",
"url": "https://www.suse.com/security/cve/CVE-2024-50304"
},
{
"category": "external",
"summary": "SUSE Bug 1233522 for CVE-2024-50304",
"url": "https://bugzilla.suse.com/1233522"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-50304"
},
{
"cve": "CVE-2024-52559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52559",
"url": "https://www.suse.com/security/cve/CVE-2024-52559"
},
{
"category": "external",
"summary": "SUSE Bug 1238507 for CVE-2024-52559",
"url": "https://bugzilla.suse.com/1238507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: error out earlier on disconnect\n\nEric reported a division by zero splat in the MPTCP protocol:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 1 UID: 0 PID: 6094 Comm: syz-executor317 Not tainted\n6.12.0-rc5-syzkaller-00291-g05b92660cdfe #0\nHardware name: Google Google Compute Engine/Google Compute Engine,\nBIOS Google 09/13/2024\nRIP: 0010:__tcp_select_window+0x5b4/0x1310 net/ipv4/tcp_output.c:3163\nCode: f6 44 01 e3 89 df e8 9b 75 09 f8 44 39 f3 0f 8d 11 ff ff ff e8\n0d 74 09 f8 45 89 f4 e9 04 ff ff ff e8 00 74 09 f8 44 89 f0 99 \u003cf7\u003e 7c\n24 14 41 29 d6 45 89 f4 e9 ec fe ff ff e8 e8 73 09 f8 48 89\nRSP: 0018:ffffc900041f7930 EFLAGS: 00010293\nRAX: 0000000000017e67 RBX: 0000000000017e67 RCX: ffffffff8983314b\nRDX: 0000000000000000 RSI: ffffffff898331b0 RDI: 0000000000000004\nRBP: 00000000005d6000 R08: 0000000000000004 R09: 0000000000017e67\nR10: 0000000000003e80 R11: 0000000000000000 R12: 0000000000003e80\nR13: ffff888031d9b440 R14: 0000000000017e67 R15: 00000000002eb000\nFS: 00007feb5d7f16c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007feb5d8adbb8 CR3: 0000000074e4c000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n__tcp_cleanup_rbuf+0x3e7/0x4b0 net/ipv4/tcp.c:1493\nmptcp_rcv_space_adjust net/mptcp/protocol.c:2085 [inline]\nmptcp_recvmsg+0x2156/0x2600 net/mptcp/protocol.c:2289\ninet_recvmsg+0x469/0x6a0 net/ipv4/af_inet.c:885\nsock_recvmsg_nosec net/socket.c:1051 [inline]\nsock_recvmsg+0x1b2/0x250 net/socket.c:1073\n__sys_recvfrom+0x1a5/0x2e0 net/socket.c:2265\n__do_sys_recvfrom net/socket.c:2283 [inline]\n__se_sys_recvfrom net/socket.c:2279 [inline]\n__x64_sys_recvfrom+0xe0/0x1c0 net/socket.c:2279\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7feb5d857559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48\n89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d\n01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007feb5d7f1208 EFLAGS: 00000246 ORIG_RAX: 000000000000002d\nRAX: ffffffffffffffda RBX: 00007feb5d8e1318 RCX: 00007feb5d857559\nRDX: 000000800000000e RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007feb5d8e1310 R08: 0000000000000000 R09: ffffffff81000000\nR10: 0000000000000100 R11: 0000000000000246 R12: 00007feb5d8e131c\nR13: 00007feb5d8ae074 R14: 000000800000000e R15: 00000000fffffdef\n\nand provided a nice reproducer.\n\nThe root cause is the current bad handling of racing disconnect.\nAfter the blamed commit below, sk_wait_data() can return (with\nerror) with the underlying socket disconnected and a zero rcv_mss.\n\nCatch the error and return without performing any additional\noperations on the current socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53123",
"url": "https://www.suse.com/security/cve/CVE-2024-53123"
},
{
"category": "external",
"summary": "SUSE Bug 1234070 for CVE-2024-53123",
"url": "https://bugzilla.suse.com/1234070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53123"
},
{
"cve": "CVE-2024-53124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix data-races around sk-\u003esk_forward_alloc\n\nSyzkaller reported this warning:\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0\n Modules linked in:\n CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:inet_sock_destruct+0x1c5/0x1e0\n Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 \u003c0f\u003e 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00\n RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206\n RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007\n RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00\n RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007\n R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00\n R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78\n FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x88/0x130\n ? inet_sock_destruct+0x1c5/0x1e0\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? inet_sock_destruct+0x1c5/0x1e0\n __sk_destruct+0x2a/0x200\n rcu_do_batch+0x1aa/0x530\n ? rcu_do_batch+0x13b/0x530\n rcu_core+0x159/0x2f0\n handle_softirqs+0xd3/0x2b0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n run_ksoftirqd+0x25/0x30\n smpboot_thread_fn+0xdd/0x1d0\n kthread+0xd3/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nIts possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add()\nconcurrently when sk-\u003esk_state == TCP_LISTEN with sk-\u003esk_lock unlocked,\nwhich triggers a data-race around sk-\u003esk_forward_alloc:\ntcp_v6_rcv\n tcp_v6_do_rcv\n skb_clone_and_charge_r\n sk_rmem_schedule\n __sk_mem_schedule\n sk_forward_alloc_add()\n skb_set_owner_r\n sk_mem_charge\n sk_forward_alloc_add()\n __kfree_skb\n skb_release_all\n skb_release_head_state\n sock_rfree\n sk_mem_uncharge\n sk_forward_alloc_add()\n sk_mem_reclaim\n // set local var reclaimable\n __sk_mem_reclaim\n sk_forward_alloc_add()\n\nIn this syzkaller testcase, two threads call\ntcp_v6_do_rcv() with skb-\u003etruesize=768, the sk_forward_alloc changes like\nthis:\n (cpu 1) | (cpu 2) | sk_forward_alloc\n ... | ... | 0\n __sk_mem_schedule() | | +4096 = 4096\n | __sk_mem_schedule() | +4096 = 8192\n sk_mem_charge() | | -768 = 7424\n | sk_mem_charge() | -768 = 6656\n ... | ... |\n sk_mem_uncharge() | | +768 = 7424\n reclaimable=7424 | |\n | sk_mem_uncharge() | +768 = 8192\n | reclaimable=8192 |\n __sk_mem_reclaim() | | -4096 = 4096\n | __sk_mem_reclaim() | -8192 = -4096 != 0\n\nThe skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when\nsk-\u003esk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock().\nFix the same issue in dccp_v6_do_rcv().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53124",
"url": "https://www.suse.com/security/cve/CVE-2024-53124"
},
{
"category": "external",
"summary": "SUSE Bug 1234074 for CVE-2024-53124",
"url": "https://bugzilla.suse.com/1234074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53124"
},
{
"cve": "CVE-2024-53139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix possible UAF in sctp_v6_available()\n\nA lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints\nthat sctp_v6_available() is calling dev_get_by_index_rcu()\nand ipv6_chk_addr() without holding rcu.\n\n[1]\n =============================\n WARNING: suspicious RCU usage\n 6.12.0-rc5-virtme #1216 Tainted: G W\n -----------------------------\n net/core/dev.c:876 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by sctp_hello/31495:\n #0: ffff9f1ebbdb7418 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_bind (./arch/x86/include/asm/jump_label.h:27 net/sctp/socket.c:315) sctp\n\nstack backtrace:\n CPU: 7 UID: 0 PID: 31495 Comm: sctp_hello Tainted: G W 6.12.0-rc5-virtme #1216\n Tainted: [W]=WARN\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:123)\n lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)\n dev_get_by_index_rcu (net/core/dev.c:876 (discriminator 7))\n sctp_v6_available (net/sctp/ipv6.c:701) sctp\n sctp_do_bind (net/sctp/socket.c:400 (discriminator 1)) sctp\n sctp_bind (net/sctp/socket.c:320) sctp\n inet6_bind_sk (net/ipv6/af_inet6.c:465)\n ? security_socket_bind (security/security.c:4581 (discriminator 1))\n __sys_bind (net/socket.c:1848 net/socket.c:1869)\n ? do_user_addr_fault (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 ./include/linux/mm.h:729 arch/x86/mm/fault.c:1340)\n ? do_user_addr_fault (./arch/x86/include/asm/preempt.h:84 (discriminator 13) ./include/linux/rcupdate.h:98 (discriminator 13) ./include/linux/rcupdate.h:882 (discriminator 13) ./include/linux/mm.h:729 (discriminator 13) arch/x86/mm/fault.c:1340 (discriminator 13))\n __x64_sys_bind (net/socket.c:1877 (discriminator 1) net/socket.c:1875 (discriminator 1) net/socket.c:1875 (discriminator 1))\n do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n RIP: 0033:0x7f59b934a1e7\n Code: 44 00 00 48 8b 15 39 8c 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 31 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 09 8c 0c 00 f7 d8 64 89 01 48\nAll code\n========\n 0:\t44 00 00 \tadd %r8b,(%rax)\n 3:\t48 8b 15 39 8c 0c 00 \tmov 0xc8c39(%rip),%rdx # 0xc8c43\n a:\tf7 d8 \tneg %eax\n c:\t64 89 02 \tmov %eax,%fs:(%rdx)\n f:\tb8 ff ff ff ff \tmov $0xffffffff,%eax\n 14:\teb bd \tjmp 0xffffffffffffffd3\n 16:\t66 2e 0f 1f 84 00 00 \tcs nopw 0x0(%rax,%rax,1)\n 1d:\t00 00 00\n 20:\t0f 1f 00 \tnopl (%rax)\n 23:\tb8 31 00 00 00 \tmov $0x31,%eax\n 28:\t0f 05 \tsyscall\n 2a:*\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\t\t\u003c-- trapping instruction\n 30:\t73 01 \tjae 0x33\n 32:\tc3 \tret\n 33:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c43\n 3a:\tf7 d8 \tneg %eax\n 3c:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 3f:\t48 \trex.W\n\nCode starting with the faulting instruction\n===========================================\n 0:\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\n 6:\t73 01 \tjae 0x9\n 8:\tc3 \tret\n 9:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c19\n 10:\tf7 d8 \tneg %eax\n 12:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 15:\t48 \trex.W\n RSP: 002b:00007ffe2d0ad398 EFLAGS: 00000202 ORIG_RAX: 0000000000000031\n RAX: ffffffffffffffda RBX: 00007ffe2d0ad3d0 RCX: 00007f59b934a1e7\n RDX: 000000000000001c RSI: 00007ffe2d0ad3d0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 1999999999999999 R09: 0000000000000000\n R10: 00007f59b9253298 R11: 000000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53139",
"url": "https://www.suse.com/security/cve/CVE-2024-53139"
},
{
"category": "external",
"summary": "SUSE Bug 1234157 for CVE-2024-53139",
"url": "https://bugzilla.suse.com/1234157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53139"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53147"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix out-of-bounds access of directory entries\n\nIn the case of the directory size is greater than or equal to\nthe cluster size, if start_clu becomes an EOF cluster(an invalid\ncluster) due to file system corruption, then the directory entry\nwhere ei-\u003ehint_femp.eidx hint is outside the directory, resulting\nin an out-of-bounds access, which may cause further file system\ncorruption.\n\nThis commit adds a check for start_clu, if it is an invalid cluster,\nthe file or directory will be treated as empty.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53147",
"url": "https://www.suse.com/security/cve/CVE-2024-53147"
},
{
"category": "external",
"summary": "SUSE Bug 1234857 for CVE-2024-53147",
"url": "https://bugzilla.suse.com/1234857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53147"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53173",
"url": "https://www.suse.com/security/cve/CVE-2024-53173"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234891 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "external",
"summary": "SUSE Bug 1234892 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-53173"
},
{
"cve": "CVE-2024-53176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: During unmount, ensure all cached dir instances drop their dentry\n\nThe unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can\nrace with various cached directory operations, which ultimately results\nin dentries not being dropped and these kernel BUGs:\n\nBUG: Dentry ffff88814f37e358{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nVFS: Busy inodes after unmount of cifs (cifs)\n------------[ cut here ]------------\nkernel BUG at fs/super.c:661!\n\nThis happens when a cfid is in the process of being cleaned up when, and\nhas been removed from the cfids-\u003eentries list, including:\n\n- Receiving a lease break from the server\n- Server reconnection triggers invalidate_all_cached_dirs(), which\n removes all the cfids from the list\n- The laundromat thread decides to expire an old cfid.\n\nTo solve these problems, dropping the dentry is done in queued work done\nin a newly-added cfid_put_wq workqueue, and close_all_cached_dirs()\nflushes that workqueue after it drops all the dentries of which it\u0027s\naware. This is a global workqueue (rather than scoped to a mount), but\nthe queued work is minimal.\n\nThe final cleanup work for cleaning up a cfid is performed via work\nqueued in the serverclose_wq workqueue; this is done separate from\ndropping the dentries so that close_all_cached_dirs() doesn\u0027t block on\nany server operations.\n\nBoth of these queued works expect to invoked with a cfid reference and\na tcon reference to avoid those objects from being freed while the work\nis ongoing.\n\nWhile we\u0027re here, add proper locking to close_all_cached_dirs(), and\nlocking around the freeing of cfid-\u003edentry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53176",
"url": "https://www.suse.com/security/cve/CVE-2024-53176"
},
{
"category": "external",
"summary": "SUSE Bug 1234894 for CVE-2024-53176",
"url": "https://bugzilla.suse.com/1234894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53176"
},
{
"cve": "CVE-2024-53177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: prevent use-after-free due to open_cached_dir error paths\n\nIf open_cached_dir() encounters an error parsing the lease from the\nserver, the error handling may race with receiving a lease break,\nresulting in open_cached_dir() freeing the cfid while the queued work is\npending.\n\nUpdate open_cached_dir() to drop refs rather than directly freeing the\ncfid.\n\nHave cached_dir_lease_break(), cfids_laundromat_worker(), and\ninvalidate_all_cached_dirs() clear has_lease immediately while still\nholding cfids-\u003ecfid_list_lock, and then use this to also simplify the\nreference counting in cfids_laundromat_worker() and\ninvalidate_all_cached_dirs().\n\nFixes this KASAN splat (which manually injects an error and lease break\nin open_cached_dir()):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in smb2_cached_lease_break+0x27/0xb0\nRead of size 8 at addr ffff88811cc24c10 by task kworker/3:1/65\n\nCPU: 3 UID: 0 PID: 65 Comm: kworker/3:1 Not tainted 6.12.0-rc6-g255cf264e6e5-dirty #87\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nWorkqueue: cifsiod smb2_cached_lease_break\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x77/0xb0\n print_report+0xce/0x660\n kasan_report+0xd3/0x110\n smb2_cached_lease_break+0x27/0xb0\n process_one_work+0x50a/0xc50\n worker_thread+0x2ba/0x530\n kthread+0x17c/0x1c0\n ret_from_fork+0x34/0x60\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n open_cached_dir+0xa7d/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x51/0x70\n kfree+0x174/0x520\n open_cached_dir+0x97f/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x33/0x60\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x32/0x100\n __queue_work+0x5c9/0x870\n queue_work_on+0x82/0x90\n open_cached_dir+0x1369/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe buggy address belongs to the object at ffff88811cc24c00\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 16 bytes inside of\n freed 1024-byte region [ffff88811cc24c00, ffff88811cc25000)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53177",
"url": "https://www.suse.com/security/cve/CVE-2024-53177"
},
{
"category": "external",
"summary": "SUSE Bug 1234896 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "external",
"summary": "SUSE Bug 1235103 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1235103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-53177"
},
{
"cve": "CVE-2024-53178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Don\u0027t leak cfid when reconnect races with open_cached_dir\n\nopen_cached_dir() may either race with the tcon reconnection even before\ncompound_send_recv() or directly trigger a reconnection via\nSMB2_open_init() or SMB_query_info_init().\n\nThe reconnection process invokes invalidate_all_cached_dirs() via\ncifs_mark_open_files_invalid(), which removes all cfids from the\ncfids-\u003eentries list but doesn\u0027t drop a ref if has_lease isn\u0027t true. This\nresults in the currently-being-constructed cfid not being on the list,\nbut still having a refcount of 2. It leaks if returned from\nopen_cached_dir().\n\nFix this by setting cfid-\u003ehas_lease when the ref is actually taken; the\ncfid will not be used by other threads until it has a valid time.\n\nAddresses these kmemleaks:\n\nunreferenced object 0xffff8881090c4000 (size 1024):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 32 bytes):\n 00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de ........\".......\n 00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff ..E\"......O.....\n backtrace (crc 6f58c20f):\n [\u003cffffffff8b895a1e\u003e] __kmalloc_cache_noprof+0x2be/0x350\n [\u003cffffffff8bda06e3\u003e] open_cached_dir+0x993/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\nunreferenced object 0xffff8881044fdcf8 (size 8):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 8 bytes):\n 00 cc cc cc cc cc cc cc ........\n backtrace (crc 10c106a9):\n [\u003cffffffff8b89a3d3\u003e] __kmalloc_node_track_caller_noprof+0x363/0x480\n [\u003cffffffff8b7d7256\u003e] kstrdup+0x36/0x60\n [\u003cffffffff8bda0700\u003e] open_cached_dir+0x9b0/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAnd addresses these BUG splats when unmounting the SMB filesystem:\n\nBUG: Dentry ffff888140590ba0{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nWARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100\nModules linked in:\nCPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:umount_check+0xd0/0x100\nCode: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff \u003c0f\u003e 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41\nRSP: 0018:ffff88811cc27978 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40\nRBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3\nR10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08\nR13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0\nFS: 00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n d_walk+0x6a/0x530\n shrink_dcache_for_umount+0x6a/0x200\n generic_shutdown_super+0x52/0x2a0\n kill_anon_super+0x22/0x40\n cifs_kill_sb+0x159/0x1e0\n deactivate_locked_super+0x66/0xe0\n cleanup_mnt+0x140/0x210\n task_work_run+0xfb/0x170\n syscall_exit_to_user_mode+0x29f/0x2b0\n do_syscall_64+0xa1/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f23bfb93ae7\nCode: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53178",
"url": "https://www.suse.com/security/cve/CVE-2024-53178"
},
{
"category": "external",
"summary": "SUSE Bug 1234895 for CVE-2024-53178",
"url": "https://bugzilla.suse.com/1234895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53178"
},
{
"cve": "CVE-2024-53226",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53226"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix NULL pointer derefernce in hns_roce_map_mr_sg()\n\nib_map_mr_sg() allows ULPs to specify NULL as the sg_offset argument.\nThe driver needs to check whether it is a NULL pointer before\ndereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53226",
"url": "https://www.suse.com/security/cve/CVE-2024-53226"
},
{
"category": "external",
"summary": "SUSE Bug 1236576 for CVE-2024-53226",
"url": "https://bugzilla.suse.com/1236576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53226"
},
{
"cve": "CVE-2024-53239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: 6fire: Release resources at card release\n\nThe current 6fire code tries to release the resources right after the\ncall of usb6fire_chip_abort(). But at this moment, the card object\nmight be still in use (as we\u0027re calling snd_card_free_when_closed()).\n\nFor avoid potential UAFs, move the release of resources to the card\u0027s\nprivate_free instead of the manual call of usb6fire_chip_destroy() at\nthe USB disconnect callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53239",
"url": "https://www.suse.com/security/cve/CVE-2024-53239"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235054 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "external",
"summary": "SUSE Bug 1235055 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-53239"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[ 356.775250] ------------[ cut here ]------------\n[ 356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv-\u003essid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n ssid_len = user_scan_in-\u003essid_list[i].ssid_len;\n [...]\n memcpy(wildcard_ssid_tlv-\u003essid,\n user_scan_in-\u003essid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn\u0027t account for the size of the one-element\narray, so it doesn\u0027t need to be changed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56539",
"url": "https://www.suse.com/security/cve/CVE-2024-56539"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234963 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "external",
"summary": "SUSE Bug 1234964 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-56539"
},
{
"cve": "CVE-2024-56548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don\u0027t query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[ 419.944641] ==================================================================\n[ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[ 419.947612]\n[ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 419.950035] Call Trace:\n[ 419.950384] \u003cTASK\u003e\n[ 419.950676] dump_stack_lvl+0x57/0x78\n[ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.951830] print_report+0x14c/0x49e\n[ 419.952361] ? __virt_addr_valid+0x267/0x278\n[ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d\n[ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.954231] kasan_report+0x89/0xb0\n[ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955367] hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9\n[ 419.957214] ? _raw_spin_unlock+0x1a/0x2e\n[ 419.957772] hfsplus_fill_super+0x348/0x1590\n[ 419.958355] ? hlock_class+0x4c/0x109\n[ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.959499] ? __pfx_string+0x10/0x10\n[ 419.960006] ? lock_acquire+0x3e2/0x454\n[ 419.960532] ? bdev_name.constprop.0+0xce/0x243\n[ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10\n[ 419.961799] ? pointer+0x3f0/0x62f\n[ 419.962277] ? __pfx_pointer+0x10/0x10\n[ 419.962761] ? vsnprintf+0x6c4/0xfba\n[ 419.963178] ? __pfx_vsnprintf+0x10/0x10\n[ 419.963621] ? setup_bdev_super+0x376/0x3b3\n[ 419.964029] ? snprintf+0x9d/0xd2\n[ 419.964344] ? __pfx_snprintf+0x10/0x10\n[ 419.964675] ? lock_acquired+0x45c/0x5e9\n[ 419.965016] ? set_blocksize+0x139/0x1c1\n[ 419.965381] ? sb_set_blocksize+0x6d/0xae\n[ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.966179] mount_bdev+0x12f/0x1bf\n[ 419.966512] ? __pfx_mount_bdev+0x10/0x10\n[ 419.966886] ? vfs_parse_fs_string+0xce/0x111\n[ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10\n[ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10\n[ 419.968073] legacy_get_tree+0x104/0x178\n[ 419.968414] vfs_get_tree+0x86/0x296\n[ 419.968751] path_mount+0xba3/0xd0b\n[ 419.969157] ? __pfx_path_mount+0x10/0x10\n[ 419.969594] ? kmem_cache_free+0x1e2/0x260\n[ 419.970311] do_mount+0x99/0xe0\n[ 419.970630] ? __pfx_do_mount+0x10/0x10\n[ 419.971008] __do_sys_mount+0x199/0x1c9\n[ 419.971397] do_syscall_64+0xd0/0x135\n[ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 419.972233] RIP: 0033:0x7c3cb812972e\n[ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56548",
"url": "https://www.suse.com/security/cve/CVE-2024-56548"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235073 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "external",
"summary": "SUSE Bug 1235074 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-56548"
},
{
"cve": "CVE-2024-56579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: amphion: Set video drvdata before register video device\n\nThe video drvdata should be set before the video device is registered,\notherwise video_drvdata() may return NULL in the open() file ops, and led\nto oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56579",
"url": "https://www.suse.com/security/cve/CVE-2024-56579"
},
{
"category": "external",
"summary": "SUSE Bug 1236575 for CVE-2024-56579",
"url": "https://bugzilla.suse.com/1236575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56579"
},
{
"cve": "CVE-2024-56592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Call free_htab_elem() after htab_unlock_bucket()\n\nFor htab of maps, when the map is removed from the htab, it may hold the\nlast reference of the map. bpf_map_fd_put_ptr() will invoke\nbpf_map_free_id() to free the id of the removed map element. However,\nbpf_map_fd_put_ptr() is invoked while holding a bucket lock\n(raw_spin_lock_t), and bpf_map_free_id() attempts to acquire map_idr_lock\n(spinlock_t), triggering the following lockdep warning:\n\n =============================\n [ BUG: Invalid wait context ]\n 6.11.0-rc4+ #49 Not tainted\n -----------------------------\n test_maps/4881 is trying to lock:\n ffffffff84884578 (map_idr_lock){+...}-{3:3}, at: bpf_map_free_id.part.0+0x21/0x70\n other info that might help us debug this:\n context-{5:5}\n 2 locks held by test_maps/4881:\n #0: ffffffff846caf60 (rcu_read_lock){....}-{1:3}, at: bpf_fd_htab_map_update_elem+0xf9/0x270\n #1: ffff888149ced148 (\u0026htab-\u003elockdep_key#2){....}-{2:2}, at: htab_map_update_elem+0x178/0xa80\n stack backtrace:\n CPU: 0 UID: 0 PID: 4881 Comm: test_maps Not tainted 6.11.0-rc4+ #49\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), ...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x6e/0xb0\n dump_stack+0x10/0x20\n __lock_acquire+0x73e/0x36c0\n lock_acquire+0x182/0x450\n _raw_spin_lock_irqsave+0x43/0x70\n bpf_map_free_id.part.0+0x21/0x70\n bpf_map_put+0xcf/0x110\n bpf_map_fd_put_ptr+0x9a/0xb0\n free_htab_elem+0x69/0xe0\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n htab_map_update_elem+0x50f/0xa80\n bpf_fd_htab_map_update_elem+0x131/0x270\n bpf_map_update_value+0x266/0x380\n __sys_bpf+0x21bb/0x36b0\n __x64_sys_bpf+0x45/0x60\n x64_sys_call+0x1b2a/0x20d0\n do_syscall_64+0x5d/0x100\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nOne way to fix the lockdep warning is using raw_spinlock_t for\nmap_idr_lock as well. However, bpf_map_alloc_id() invokes\nidr_alloc_cyclic() after acquiring map_idr_lock, it will trigger a\nsimilar lockdep warning because the slab\u0027s lock (s-\u003ecpu_slab-\u003elock) is\nstill a spinlock.\n\nInstead of changing map_idr_lock\u0027s type, fix the issue by invoking\nhtab_put_fd_value() after htab_unlock_bucket(). However, only deferring\nthe invocation of htab_put_fd_value() is not enough, because the old map\npointers in htab of maps can not be saved during batched deletion.\nTherefore, also defer the invocation of free_htab_elem(), so these\nto-be-freed elements could be linked together similar to lru map.\n\nThere are four callers for -\u003emap_fd_put_ptr:\n\n(1) alloc_htab_elem() (through htab_put_fd_value())\nIt invokes -\u003emap_fd_put_ptr() under a raw_spinlock_t. The invocation of\nhtab_put_fd_value() can not simply move after htab_unlock_bucket(),\nbecause the old element has already been stashed in htab-\u003eextra_elems.\nIt may be reused immediately after htab_unlock_bucket() and the\ninvocation of htab_put_fd_value() after htab_unlock_bucket() may release\nthe newly-added element incorrectly. Therefore, saving the map pointer\nof the old element for htab of maps before unlocking the bucket and\nreleasing the map_ptr after unlock. Beside the map pointer in the old\nelement, should do the same thing for the special fields in the old\nelement as well.\n\n(2) free_htab_elem() (through htab_put_fd_value())\nIts caller includes __htab_map_lookup_and_delete_elem(),\nhtab_map_delete_elem() and __htab_map_lookup_and_delete_batch().\n\nFor htab_map_delete_elem(), simply invoke free_htab_elem() after\nhtab_unlock_bucket(). For __htab_map_lookup_and_delete_batch(), just\nlike lru map, linking the to-be-freed element into node_to_free list\nand invoking free_htab_elem() for these element after unlock. It is safe\nto reuse batch_flink as the link for node_to_free, because these\nelements have been removed from the hash llist.\n\nBecause htab of maps doesn\u0027t support lookup_and_delete operation,\n__htab_map_lookup_and_delete_elem() doesn\u0027t have the problem, so kept\nit as\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56592",
"url": "https://www.suse.com/security/cve/CVE-2024-56592"
},
{
"category": "external",
"summary": "SUSE Bug 1235244 for CVE-2024-56592",
"url": "https://bugzilla.suse.com/1235244"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56592"
},
{
"cve": "CVE-2024-56605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56605",
"url": "https://www.suse.com/security/cve/CVE-2024-56605"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235061 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "external",
"summary": "SUSE Bug 1235062 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-56605"
},
{
"cve": "CVE-2024-56633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg\n\nThe current sk memory accounting logic in __SK_REDIRECT is pre-uncharging\ntosend bytes, which is either msg-\u003esg.size or a smaller value apply_bytes.\n\nPotential problems with this strategy are as follows:\n\n- If the actual sent bytes are smaller than tosend, we need to charge some\n bytes back, as in line 487, which is okay but seems not clean.\n\n- When tosend is set to apply_bytes, as in line 417, and (ret \u003c 0), we may\n miss uncharging (msg-\u003esg.size - apply_bytes) bytes.\n\n[...]\n415 tosend = msg-\u003esg.size;\n416 if (psock-\u003eapply_bytes \u0026\u0026 psock-\u003eapply_bytes \u003c tosend)\n417 tosend = psock-\u003eapply_bytes;\n[...]\n443 sk_msg_return(sk, msg, tosend);\n444 release_sock(sk);\n446 origsize = msg-\u003esg.size;\n447 ret = tcp_bpf_sendmsg_redir(sk_redir, redir_ingress,\n448 msg, tosend, flags);\n449 sent = origsize - msg-\u003esg.size;\n[...]\n454 lock_sock(sk);\n455 if (unlikely(ret \u003c 0)) {\n456 int free = sk_msg_free_nocharge(sk, msg);\n458 if (!cork)\n459 *copied -= free;\n460 }\n[...]\n487 if (eval == __SK_REDIRECT)\n488 sk_mem_charge(sk, tosend - sent);\n[...]\n\nWhen running the selftest test_txmsg_redir_wait_sndmem with txmsg_apply,\nthe following warning will be reported:\n\n------------[ cut here ]------------\nWARNING: CPU: 6 PID: 57 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x190/0x1a0\nModules linked in:\nCPU: 6 UID: 0 PID: 57 Comm: kworker/6:0 Not tainted 6.12.0-rc1.bm.1-amd64+ #43\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014\nWorkqueue: events sk_psock_destroy\nRIP: 0010:inet_sock_destruct+0x190/0x1a0\nRSP: 0018:ffffad0a8021fe08 EFLAGS: 00010206\nRAX: 0000000000000011 RBX: ffff9aab4475b900 RCX: ffff9aab481a0800\nRDX: 0000000000000303 RSI: 0000000000000011 RDI: ffff9aab4475b900\nRBP: ffff9aab4475b990 R08: 0000000000000000 R09: ffff9aab40050ec0\nR10: 0000000000000000 R11: ffff9aae6fdb1d01 R12: ffff9aab49c60400\nR13: ffff9aab49c60598 R14: ffff9aab49c60598 R15: dead000000000100\nFS: 0000000000000000(0000) GS:ffff9aae6fd80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffec7e47bd8 CR3: 00000001a1a1c004 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x89/0x130\n? inet_sock_destruct+0x190/0x1a0\n? report_bug+0xfc/0x1e0\n? handle_bug+0x5c/0xa0\n? exc_invalid_op+0x17/0x70\n? asm_exc_invalid_op+0x1a/0x20\n? inet_sock_destruct+0x190/0x1a0\n__sk_destruct+0x25/0x220\nsk_psock_destroy+0x2b2/0x310\nprocess_scheduled_works+0xa3/0x3e0\nworker_thread+0x117/0x240\n? __pfx_worker_thread+0x10/0x10\nkthread+0xcf/0x100\n? __pfx_kthread+0x10/0x10\nret_from_fork+0x31/0x40\n? __pfx_kthread+0x10/0x10\nret_from_fork_asm+0x1a/0x30\n\u003c/TASK\u003e\n---[ end trace 0000000000000000 ]---\n\nIn __SK_REDIRECT, a more concise way is delaying the uncharging after sent\nbytes are finalized, and uncharge this value. When (ret \u003c 0), we shall\ninvoke sk_msg_free.\n\nSame thing happens in case __SK_DROP, when tosend is set to apply_bytes,\nwe may miss uncharging (msg-\u003esg.size - apply_bytes) bytes. The same\nwarning will be reported in selftest.\n\n[...]\n468 case __SK_DROP:\n469 default:\n470 sk_msg_free_partial(sk, msg, tosend);\n471 sk_msg_apply_bytes(psock, tosend);\n472 *copied -= (tosend + delta);\n473 return -EACCES;\n[...]\n\nSo instead of sk_msg_free_partial we can do sk_msg_free here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56633",
"url": "https://www.suse.com/security/cve/CVE-2024-56633"
},
{
"category": "external",
"summary": "SUSE Bug 1235485 for CVE-2024-56633",
"url": "https://bugzilla.suse.com/1235485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56633"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Fix icmp host relookup triggering ip_rt_bug\n\narp link failure may trigger ip_rt_bug while xfrm enabled, call trace is:\n\nWARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 ip_rt_bug+0x14/0x20\nModules linked in:\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.12.0-rc6-00077-g2e1b3cc9d7f7\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:ip_rt_bug+0x14/0x20\nCall Trace:\n \u003cIRQ\u003e\n ip_send_skb+0x14/0x40\n __icmp_send+0x42d/0x6a0\n ipv4_link_failure+0xe2/0x1d0\n arp_error_report+0x3c/0x50\n neigh_invalidate+0x8d/0x100\n neigh_timer_handler+0x2e1/0x330\n call_timer_fn+0x21/0x120\n __run_timer_base.part.0+0x1c9/0x270\n run_timer_softirq+0x4c/0x80\n handle_softirqs+0xac/0x280\n irq_exit_rcu+0x62/0x80\n sysvec_apic_timer_interrupt+0x77/0x90\n\nThe script below reproduces this scenario:\nip xfrm policy add src 0.0.0.0/0 dst 0.0.0.0/0 \\\n\tdir out priority 0 ptype main flag localok icmp\nip l a veth1 type veth\nip a a 192.168.141.111/24 dev veth0\nip l s veth0 up\nping 192.168.141.155 -c 1\n\nicmp_route_lookup() create input routes for locally generated packets\nwhile xfrm relookup ICMP traffic.Then it will set input route\n(dst-\u003eout = ip_rt_bug) to skb for DESTUNREACH.\n\nFor ICMP err triggered by locally generated packets, dst-\u003edev of output\nroute is loopback. Generally, xfrm relookup verification is not required\non loopback interfaces (net.ipv4.conf.lo.disable_xfrm = 1).\n\nSkip icmp relookup for locally generated packets to fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56647",
"url": "https://www.suse.com/security/cve/CVE-2024-56647"
},
{
"category": "external",
"summary": "SUSE Bug 1235435 for CVE-2024-56647",
"url": "https://bugzilla.suse.com/1235435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56647"
},
{
"cve": "CVE-2024-56658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: defer final \u0027struct net\u0027 free in netns dismantle\n\nIlya reported a slab-use-after-free in dst_destroy [1]\n\nIssue is in xfrm6_net_init() and xfrm4_net_init() :\n\nThey copy xfrm[46]_dst_ops_template into net-\u003exfrm.xfrm[46]_dst_ops.\n\nBut net structure might be freed before all the dst callbacks are\ncalled. So when dst_destroy() calls later :\n\nif (dst-\u003eops-\u003edestroy)\n dst-\u003eops-\u003edestroy(dst);\n\ndst-\u003eops points to the old net-\u003exfrm.xfrm[46]_dst_ops, which has been freed.\n\nSee a relevant issue fixed in :\n\nac888d58869b (\"net: do not delay dst_entries_add() in dst_release()\")\n\nA fix is to queue the \u0027struct net\u0027 to be freed after one\nanother cleanup_net() round (and existing rcu_barrier())\n\n[1]\n\nBUG: KASAN: slab-use-after-free in dst_destroy (net/core/dst.c:112)\nRead of size 8 at addr ffff8882137ccab0 by task swapper/37/0\nDec 03 05:46:18 kernel:\nCPU: 37 UID: 0 PID: 0 Comm: swapper/37 Kdump: loaded Not tainted 6.12.0 #67\nHardware name: Red Hat KVM/RHEL, BIOS 1.16.1-1.el9 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\ndump_stack_lvl (lib/dump_stack.c:124)\nprint_address_description.constprop.0 (mm/kasan/report.c:378)\n? dst_destroy (net/core/dst.c:112)\nprint_report (mm/kasan/report.c:489)\n? dst_destroy (net/core/dst.c:112)\n? kasan_addr_to_slab (mm/kasan/common.c:37)\nkasan_report (mm/kasan/report.c:603)\n? dst_destroy (net/core/dst.c:112)\n? rcu_do_batch (kernel/rcu/tree.c:2567)\ndst_destroy (net/core/dst.c:112)\nrcu_do_batch (kernel/rcu/tree.c:2567)\n? __pfx_rcu_do_batch (kernel/rcu/tree.c:2491)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4339 kernel/locking/lockdep.c:4406)\nrcu_core (kernel/rcu/tree.c:2825)\nhandle_softirqs (kernel/softirq.c:554)\n__irq_exit_rcu (kernel/softirq.c:589 kernel/softirq.c:428 kernel/softirq.c:637)\nirq_exit_rcu (kernel/softirq.c:651)\nsysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1049 arch/x86/kernel/apic/apic.c:1049)\n \u003c/IRQ\u003e\n \u003cTASK\u003e\nasm_sysvec_apic_timer_interrupt (./arch/x86/include/asm/idtentry.h:702)\nRIP: 0010:default_idle (./arch/x86/include/asm/irqflags.h:37 ./arch/x86/include/asm/irqflags.h:92 arch/x86/kernel/process.c:743)\nCode: 00 4d 29 c8 4c 01 c7 4c 29 c2 e9 6e ff ff ff 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 90 0f 00 2d c7 c9 27 00 fb f4 \u003cfa\u003e c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90\nRSP: 0018:ffff888100d2fe00 EFLAGS: 00000246\nRAX: 00000000001870ed RBX: 1ffff110201a5fc2 RCX: ffffffffb61a3e46\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffb3d4d123\nRBP: 0000000000000000 R08: 0000000000000001 R09: ffffed11c7e1835d\nR10: ffff888e3f0c1aeb R11: 0000000000000000 R12: 0000000000000000\nR13: ffff888100d20000 R14: dffffc0000000000 R15: 0000000000000000\n? ct_kernel_exit.constprop.0 (kernel/context_tracking.c:148)\n? cpuidle_idle_call (kernel/sched/idle.c:186)\ndefault_idle_call (./include/linux/cpuidle.h:143 kernel/sched/idle.c:118)\ncpuidle_idle_call (kernel/sched/idle.c:186)\n? __pfx_cpuidle_idle_call (kernel/sched/idle.c:168)\n? lock_release (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5848)\n? lockdep_hardirqs_on_prepare (kernel/locking/lockdep.c:4347 kernel/locking/lockdep.c:4406)\n? tsc_verify_tsc_adjust (arch/x86/kernel/tsc_sync.c:59)\ndo_idle (kernel/sched/idle.c:326)\ncpu_startup_entry (kernel/sched/idle.c:423 (discriminator 1))\nstart_secondary (arch/x86/kernel/smpboot.c:202 arch/x86/kernel/smpboot.c:282)\n? __pfx_start_secondary (arch/x86/kernel/smpboot.c:232)\n? soft_restart_cpu (arch/x86/kernel/head_64.S:452)\ncommon_startup_64 (arch/x86/kernel/head_64.S:414)\n \u003c/TASK\u003e\nDec 03 05:46:18 kernel:\nAllocated by task 12184:\nkasan_save_stack (mm/kasan/common.c:48)\nkasan_save_track (./arch/x86/include/asm/current.h:49 mm/kasan/common.c:60 mm/kasan/common.c:69)\n__kasan_slab_alloc (mm/kasan/common.c:319 mm/kasan/common.c:345)\nkmem_cache_alloc_noprof (mm/slub.c:4085 mm/slub.c:4134 mm/slub.c:4141)\ncopy_net_ns (net/core/net_namespace.c:421 net/core/net_namespace.c:480)\ncreate_new_namespaces\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56658",
"url": "https://www.suse.com/security/cve/CVE-2024-56658"
},
{
"category": "external",
"summary": "SUSE Bug 1235441 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235441"
},
{
"category": "external",
"summary": "SUSE Bug 1235442 for CVE-2024-56658",
"url": "https://bugzilla.suse.com/1235442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-56658"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core-indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56720"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Several fixes to bpf_msg_pop_data\n\nSeveral fixes to bpf_msg_pop_data,\n1. In sk_msg_shift_left, we should put_page\n2. if (len == 0), return early is better\n3. pop the entire sk_msg (last == msg-\u003esg.size) should be supported\n4. Fix for the value of variable \"a\"\n5. In sk_msg_shift_left, after shifting, i has already pointed to the next\nelement. Addtional sk_msg_iter_var_next may result in BUG.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56720",
"url": "https://www.suse.com/security/cve/CVE-2024-56720"
},
{
"category": "external",
"summary": "SUSE Bug 1235592 for CVE-2024-56720",
"url": "https://bugzilla.suse.com/1235592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56720"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a \u0027possible circular locking dependency detected\u0027 warning\n CPU0 CPU1\n ---- ----\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n\nFix this by temporarily releasing the reset_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57807",
"url": "https://www.suse.com/security/cve/CVE-2024-57807"
},
{
"category": "external",
"summary": "SUSE Bug 1235761 for CVE-2024-57807",
"url": "https://bugzilla.suse.com/1235761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread\n\nsyzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1]\n\nIf dvb-\u003emux is not initialized successfully by vidtv_mux_init() in the\nvidtv_start_streaming(), it will trigger null pointer dereference about mux\nin vidtv_mux_stop_thread().\n\nAdjust the timing of streaming initialization and check it before\nstopping it.\n\n[1]\nKASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]\nCPU: 0 UID: 0 PID: 5842 Comm: syz-executor248 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:vidtv_mux_stop_thread+0x26/0x80 drivers/media/test-drivers/vidtv/vidtv_mux.c:471\nCode: 90 90 90 90 66 0f 1f 00 55 53 48 89 fb e8 82 2e c8 f9 48 8d bb 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 02 7e 3b 0f b6 ab 28 01 00 00 31 ff 89 ee e8\nRSP: 0018:ffffc90003f2faa8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87cfb125\nRDX: 0000000000000025 RSI: ffffffff87d120ce RDI: 0000000000000128\nRBP: ffff888029b8d220 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000003 R12: ffff888029b8d188\nR13: ffffffff8f590aa0 R14: ffffc9000581c5c8 R15: ffff888029a17710\nFS: 00007f7eef5156c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7eef5e635c CR3: 0000000076ca6000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vidtv_stop_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:209 [inline]\n vidtv_stop_feed+0x151/0x250 drivers/media/test-drivers/vidtv/vidtv_bridge.c:252\n dmx_section_feed_stop_filtering+0x90/0x160 drivers/media/dvb-core/dvb_demux.c:1000\n dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270 drivers/media/dvb-core/dmxdev.c:486\n dvb_dmxdev_filter_stop+0x22a/0x3a0 drivers/media/dvb-core/dmxdev.c:559\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3f8/0xb60 fs/file_table.c:450\n task_work_run+0x14e/0x250 kernel/task_work.c:239\n get_signal+0x1d3/0x2610 kernel/signal.c:2790\n arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218\n do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57834",
"url": "https://www.suse.com/security/cve/CVE-2024-57834"
},
{
"category": "external",
"summary": "SUSE Bug 1238993 for CVE-2024-57834",
"url": "https://bugzilla.suse.com/1238993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix TCP options overflow.\n\nSyzbot reported the following splat:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\nCPU: 1 UID: 0 PID: 5836 Comm: sshd Not tainted 6.13.0-rc3-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\nRIP: 0010:_compound_head include/linux/page-flags.h:242 [inline]\nRIP: 0010:put_page+0x23/0x260 include/linux/mm.h:1552\nCode: 90 90 90 90 90 90 90 55 41 57 41 56 53 49 89 fe 48 bd 00 00 00 00 00 fc ff df e8 f8 5e 12 f8 49 8d 5e 08 48 89 d8 48 c1 e8 03 \u003c80\u003e 3c 28 00 74 08 48 89 df e8 8f c7 78 f8 48 8b 1b 48 89 de 48 83\nRSP: 0000:ffffc90003916c90 EFLAGS: 00010202\nRAX: 0000000000000001 RBX: 0000000000000008 RCX: ffff888030458000\nRDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000\nRBP: dffffc0000000000 R08: ffffffff898ca81d R09: 1ffff110054414ac\nR10: dffffc0000000000 R11: ffffed10054414ad R12: 0000000000000007\nR13: ffff88802a20a542 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f34f496e800(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9d6ec9ec28 CR3: 000000004d260000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n skb_page_unref include/linux/skbuff_ref.h:43 [inline]\n __skb_frag_unref include/linux/skbuff_ref.h:56 [inline]\n skb_release_data+0x483/0x8a0 net/core/skbuff.c:1119\n skb_release_all net/core/skbuff.c:1190 [inline]\n __kfree_skb+0x55/0x70 net/core/skbuff.c:1204\n tcp_clean_rtx_queue net/ipv4/tcp_input.c:3436 [inline]\n tcp_ack+0x2442/0x6bc0 net/ipv4/tcp_input.c:4032\n tcp_rcv_state_process+0x8eb/0x44e0 net/ipv4/tcp_input.c:6805\n tcp_v4_do_rcv+0x77d/0xc70 net/ipv4/tcp_ipv4.c:1939\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5672 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5785\n process_backlog+0x662/0x15b0 net/core/dev.c:6117\n __napi_poll+0xcb/0x490 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:7074\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x57/0xc0 arch/x86/kernel/apic/apic.c:1049\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\nRIP: 0033:0x7f34f4519ad5\nCode: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83\nRSP: 002b:00007ffec5b32ce0 EFLAGS: 00000246\nRAX: 0000000000000001 RBX: 00000000000668a0 RCX: 00007f34f4519ad5\nRDX: 00007ffec5b32d00 RSI: 0000000000000004 RDI: 0000564f4bc6cae0\nRBP: 0000564f4bc6b5a0 R08: 0000000000000008 R09: 0000000000000000\nR10: 00007ffec5b32de8 R11: 0000000000000246 R12: 0000564f48ea8aa4\nR13: 0000000000000001 R14: 0000564f48ea93e8 R15: 00007ffec5b32d68\n \u003c/TASK\u003e\n\nEric noted a probable shinfo-\u003enr_frags corruption, which indeed\noccurs.\n\nThe root cause is a buggy MPTCP option len computation in some\ncircumstances: the ADD_ADDR option should be mutually exclusive\nwith DSS since the blamed commit.\n\nStill, mptcp_established_options_add_addr() tries to set the\nrelevant info in mptcp_out_options, if \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57882",
"url": "https://www.suse.com/security/cve/CVE-2024-57882"
},
{
"category": "external",
"summary": "SUSE Bug 1235914 for CVE-2024-57882",
"url": "https://bugzilla.suse.com/1235914"
},
{
"category": "external",
"summary": "SUSE Bug 1235916 for CVE-2024-57882",
"url": "https://bugzilla.suse.com/1235916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-57882"
},
{
"cve": "CVE-2024-57889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking\n\nIf a device uses MCP23xxx IO expander to receive IRQs, the following\nbug can happen:\n\n BUG: sleeping function called from invalid context\n at kernel/locking/mutex.c:283\n in_atomic(): 1, irqs_disabled(): 1, non_block: 0, ...\n preempt_count: 1, expected: 0\n ...\n Call Trace:\n ...\n __might_resched+0x104/0x10e\n __might_sleep+0x3e/0x62\n mutex_lock+0x20/0x4c\n regmap_lock_mutex+0x10/0x18\n regmap_update_bits_base+0x2c/0x66\n mcp23s08_irq_set_type+0x1ae/0x1d6\n __irq_set_trigger+0x56/0x172\n __setup_irq+0x1e6/0x646\n request_threaded_irq+0xb6/0x160\n ...\n\nWe observed the problem while experimenting with a touchscreen driver which\nused MCP23017 IO expander (I2C).\n\nThe regmap in the pinctrl-mcp23s08 driver uses a mutex for protection from\nconcurrent accesses, which is the default for regmaps without .fast_io,\n.disable_locking, etc.\n\nmcp23s08_irq_set_type() calls regmap_update_bits_base(), and the latter\nlocks the mutex.\n\nHowever, __setup_irq() locks desc-\u003elock spinlock before calling these\nfunctions. As a result, the system tries to lock the mutex whole holding\nthe spinlock.\n\nIt seems, the internal regmap locks are not needed in this driver at all.\nmcp-\u003elock seems to protect the regmap from concurrent accesses already,\nexcept, probably, in mcp_pinconf_get/set.\n\nmcp23s08_irq_set_type() and mcp23s08_irq_mask/unmask() are called under\nchip_bus_lock(), which calls mcp23s08_irq_bus_lock(). The latter takes\nmcp-\u003elock and enables regmap caching, so that the potentially slow I2C\naccesses are deferred until chip_bus_unlock().\n\nThe accesses to the regmap from mcp23s08_probe_one() do not need additional\nlocking.\n\nIn all remaining places where the regmap is accessed, except\nmcp_pinconf_get/set(), the driver already takes mcp-\u003elock.\n\nThis patch adds locking in mcp_pinconf_get/set() and disables internal\nlocking in the regmap config. Among other things, it fixes the sleeping\nin atomic context described above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57889",
"url": "https://www.suse.com/security/cve/CVE-2024-57889"
},
{
"category": "external",
"summary": "SUSE Bug 1236573 for CVE-2024-57889",
"url": "https://bugzilla.suse.com/1236573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57889"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: check local interfaces before deleting sdata list\n\nsyzkaller reported a corrupted list in ieee802154_if_remove. [1]\n\nRemove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4\nhardware device from the system.\n\nCPU0\t\t\t\t\tCPU1\n====\t\t\t\t\t====\ngenl_family_rcv_msg_doit\t\tieee802154_unregister_hw\nieee802154_del_iface\t\t\tieee802154_remove_interfaces\nrdev_del_virtual_intf_deprecated\tlist_del(\u0026sdata-\u003elist)\nieee802154_if_remove\nlist_del_rcu\n\nThe net device has been unregistered, since the rcu grace period,\nunregistration must be run before ieee802154_if_remove.\n\nTo avoid this issue, add a check for local-\u003einterfaces before deleting\nsdata list.\n\n[1]\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 0 UID: 0 PID: 6277 Comm: syz-executor157 Not tainted 6.12.0-rc6-syzkaller-00005-g557329bcecc2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:__list_del_entry_valid_or_report+0xf4/0x140 lib/list_debug.c:56\nCode: e8 a1 7e 00 07 90 0f 0b 48 c7 c7 e0 37 60 8c 4c 89 fe e8 8f 7e 00 07 90 0f 0b 48 c7 c7 40 38 60 8c 4c 89 fe e8 7d 7e 00 07 90 \u003c0f\u003e 0b 48 c7 c7 a0 38 60 8c 4c 89 fe e8 6b 7e 00 07 90 0f 0b 48 c7\nRSP: 0018:ffffc9000490f3d0 EFLAGS: 00010246\nRAX: 000000000000004e RBX: dead000000000122 RCX: d211eee56bb28d00\nRDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\nRBP: ffff88805b278dd8 R08: ffffffff8174a12c R09: 1ffffffff2852f0d\nR10: dffffc0000000000 R11: fffffbfff2852f0e R12: dffffc0000000000\nR13: dffffc0000000000 R14: dead000000000100 R15: ffff88805b278cc0\nFS: 0000555572f94380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 000056262e4a3000 CR3: 0000000078496000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n __list_del_entry_valid include/linux/list.h:124 [inline]\n __list_del_entry include/linux/list.h:215 [inline]\n list_del_rcu include/linux/rculist.h:157 [inline]\n ieee802154_if_remove+0x86/0x1e0 net/mac802154/iface.c:687\n rdev_del_virtual_intf_deprecated net/ieee802154/rdev-ops.h:24 [inline]\n ieee802154_del_iface+0x2c0/0x5c0 net/ieee802154/nl-phy.c:323\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2551\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1331 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1357\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1901\n sock_sendmsg_nosec net/socket.c:729 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:744\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2607\n ___sys_sendmsg net/socket.c:2661 [inline]\n __sys_sendmsg+0x292/0x380 net/socket.c:2690\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57948",
"url": "https://www.suse.com/security/cve/CVE-2024-57948"
},
{
"category": "external",
"summary": "SUSE Bug 1236677 for CVE-2024-57948",
"url": "https://bugzilla.suse.com/1236677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57948"
},
{
"cve": "CVE-2024-57973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user. It comes from\nprocess_responses(). On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug. Use size_add() to prevent this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57973",
"url": "https://www.suse.com/security/cve/CVE-2024-57973"
},
{
"category": "external",
"summary": "SUSE Bug 1238531 for CVE-2024-57973",
"url": "https://bugzilla.suse.com/1238531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Fix potential error pointer dereference in detach_pm()\n\nThe proble is on the first line:\n\n\tif (jpeg-\u003epd_dev[i] \u0026\u0026 !pm_runtime_suspended(jpeg-\u003epd_dev[i]))\n\nIf jpeg-\u003epd_dev[i] is an error pointer, then passing it to\npm_runtime_suspended() will lead to an Oops. The other conditions\ncheck for both error pointers and NULL, but it would be more clear to\nuse the IS_ERR_OR_NULL() check for that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57978",
"url": "https://www.suse.com/security/cve/CVE-2024-57978"
},
{
"category": "external",
"summary": "SUSE Bug 1238523 for CVE-2024-57978",
"url": "https://bugzilla.suse.com/1238523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: Fix a use-after-free\n\nOn a board running ntpd and gpsd, I\u0027m seeing a consistent use-after-free\nin sys_exit() from gpsd when rebooting:\n\n pps pps1: removed\n ------------[ cut here ]------------\n kobject: \u0027(null)\u0027 (00000000db4bec24): is not initialized, yet kobject_put() is being called.\n WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150\n CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1\n Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : kobject_put+0x120/0x150\n lr : kobject_put+0x120/0x150\n sp : ffffffc0803d3ae0\n x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001\n x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440\n x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600\n x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20\n x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n kobject_put+0x120/0x150\n cdev_put+0x20/0x3c\n __fput+0x2c4/0x2d8\n ____fput+0x1c/0x38\n task_work_run+0x70/0xfc\n do_exit+0x2a0/0x924\n do_group_exit+0x34/0x90\n get_signal+0x7fc/0x8c0\n do_signal+0x128/0x13b4\n do_notify_resume+0xdc/0x160\n el0_svc+0xd4/0xf8\n el0t_64_sync_handler+0x140/0x14c\n el0t_64_sync+0x190/0x194\n ---[ end trace 0000000000000000 ]---\n\n...followed by more symptoms of corruption, with similar stacks:\n\n refcount_t: underflow; use-after-free.\n kernel BUG at lib/list_debug.c:62!\n Kernel panic - not syncing: Oops - BUG: Fatal exception\n\nThis happens because pps_device_destruct() frees the pps_device with the\nembedded cdev immediately after calling cdev_del(), but, as the comment\nabove cdev_del() notes, fops for previously opened cdevs are still\ncallable even after cdev_del() returns. I think this bug has always\nbeen there: I can\u0027t explain why it suddenly started happening every time\nI reboot this particular board.\n\nIn commit d953e0e837e6 (\"pps: Fix a use-after free bug when\nunregistering a source.\"), George Spelvin suggested removing the\nembedded cdev. That seems like the simplest way to fix this, so I\u0027ve\nimplemented his suggestion, using __register_chrdev() with pps_idr\nbecoming the source of truth for which minor corresponds to which\ndevice.\n\nBut now that pps_idr defines userspace visibility instead of cdev_add(),\nwe need to be sure the pps-\u003edev refcount can\u0027t reach zero while\nuserspace can still find it again. So, the idr_remove() call moves to\npps_unregister_cdev(), and pps_idr now holds a reference to pps-\u003edev.\n\n pps_core: source serial1 got cdev (251:1)\n \u003c...\u003e\n pps pps1: removed\n pps_core: unregistering pps1\n pps_core: deallocating pps1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57979",
"url": "https://www.suse.com/security/cve/CVE-2024-57979"
},
{
"category": "external",
"summary": "SUSE Bug 1238521 for CVE-2024-57979",
"url": "https://bugzilla.suse.com/1238521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57980",
"url": "https://www.suse.com/security/cve/CVE-2024-57980"
},
{
"category": "external",
"summary": "SUSE Bug 1237911 for CVE-2024-57980",
"url": "https://bugzilla.suse.com/1237911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57981",
"url": "https://www.suse.com/security/cve/CVE-2024-57981"
},
{
"category": "external",
"summary": "SUSE Bug 1237912 for CVE-2024-57981",
"url": "https://bugzilla.suse.com/1237912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Fix assumption that Resolution Multipliers must be in Logical Collections\n\nA report in 2019 by the syzbot fuzzer was found to be connected to two\nerrors in the HID core associated with Resolution Multipliers. One of\nthe errors was fixed by commit ea427a222d8b (\"HID: core: Fix deadloop\nin hid_apply_multiplier.\"), but the other has not been fixed.\n\nThis error arises because hid_apply_multipler() assumes that every\nResolution Multiplier control is contained in a Logical Collection,\ni.e., there\u0027s no way the routine can ever set multiplier_collection to\nNULL. This is in spite of the fact that the function starts with a\nbig comment saying:\n\n\t * \"The Resolution Multiplier control must be contained in the same\n\t * Logical Collection as the control(s) to which it is to be applied.\n\t ...\n\t * If no Logical Collection is\n\t * defined, the Resolution Multiplier is associated with all\n\t * controls in the report.\"\n\t * HID Usage Table, v1.12, Section 4.3.1, p30\n\t *\n\t * Thus, search from the current collection upwards until we find a\n\t * logical collection...\n\nThe comment and the code overlook the possibility that none of the\ncollections found may be a Logical Collection.\n\nThe fix is to set the multiplier_collection pointer to NULL if the\ncollection found isn\u0027t a Logical Collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57986",
"url": "https://www.suse.com/security/cve/CVE-2024-57986"
},
{
"category": "external",
"summary": "SUSE Bug 1237907 for CVE-2024-57986",
"url": "https://bugzilla.suse.com/1237907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: fix off by one in mt7925_load_clc()\n\nThis comparison should be \u003e= instead of \u003e to prevent an out of bounds\nread and write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57990",
"url": "https://www.suse.com/security/cve/CVE-2024-57990"
},
{
"category": "external",
"summary": "SUSE Bug 1237900 for CVE-2024-57990",
"url": "https://bugzilla.suse.com/1237900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check\n\nsyzbot has found a type mismatch between a USB pipe and the transfer\nendpoint, which is triggered by the hid-thrustmaster driver[1].\nThere is a number of similar, already fixed issues [2].\nIn this case as in others, implementing check for endpoint type fixes the issue.\n\n[1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470\n[2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57993",
"url": "https://www.suse.com/security/cve/CVE-2024-57993"
},
{
"category": "external",
"summary": "SUSE Bug 1237894 for CVE-2024-57993",
"url": "https://bugzilla.suse.com/1237894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptr_ring: do not block hard interrupts in ptr_ring_resize_multiple()\n\nJakub added a lockdep_assert_no_hardirq() check in __page_pool_put_page()\nto increase test coverage.\n\nsyzbot found a splat caused by hard irq blocking in\nptr_ring_resize_multiple() [1]\n\nAs current users of ptr_ring_resize_multiple() do not require\nhard irqs being masked, replace it to only block BH.\n\nRename helpers to better reflect they are safe against BH only.\n\n- ptr_ring_resize_multiple() to ptr_ring_resize_multiple_bh()\n- skb_array_resize_multiple() to skb_array_resize_multiple_bh()\n\n[1]\n\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 __page_pool_put_page net/core/page_pool.c:709 [inline]\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nModules linked in:\nCPU: 1 UID: 0 PID: 9150 Comm: syz.1.1052 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:__page_pool_put_page net/core/page_pool.c:709 [inline]\nRIP: 0010:page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nCode: 74 0e e8 7c aa fb f7 eb 43 e8 75 aa fb f7 eb 3c 65 8b 1d 38 a8 6a 76 31 ff 89 de e8 a3 ae fb f7 85 db 74 0b e8 5a aa fb f7 90 \u003c0f\u003e 0b 90 eb 1d 65 8b 1d 15 a8 6a 76 31 ff 89 de e8 84 ae fb f7 85\nRSP: 0018:ffffc9000bda6b58 EFLAGS: 00010083\nRAX: ffffffff8997e523 RBX: 0000000000000000 RCX: 0000000000040000\nRDX: ffffc9000fbd0000 RSI: 0000000000001842 RDI: 0000000000001843\nRBP: 0000000000000000 R08: ffffffff8997df2c R09: 1ffffd40003a000d\nR10: dffffc0000000000 R11: fffff940003a000e R12: ffffea0001d00040\nR13: ffff88802e8a4000 R14: dffffc0000000000 R15: 00000000ffffffff\nFS: 00007fb7aaf716c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa15a0d4b72 CR3: 00000000561b0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tun_ptr_free drivers/net/tun.c:617 [inline]\n __ptr_ring_swap_queue include/linux/ptr_ring.h:571 [inline]\n ptr_ring_resize_multiple_noprof include/linux/ptr_ring.h:643 [inline]\n tun_queue_resize drivers/net/tun.c:3694 [inline]\n tun_device_event+0xaaf/0x1080 drivers/net/tun.c:3714\n notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93\n call_netdevice_notifiers_extack net/core/dev.c:2032 [inline]\n call_netdevice_notifiers net/core/dev.c:2046 [inline]\n dev_change_tx_queue_len+0x158/0x2a0 net/core/dev.c:9024\n do_setlink+0xff6/0x41f0 net/core/rtnetlink.c:2923\n rtnl_setlink+0x40d/0x5a0 net/core/rtnetlink.c:3201\n rtnetlink_rcv_msg+0x73f/0xcf0 net/core/rtnetlink.c:6647\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57994",
"url": "https://www.suse.com/security/cve/CVE-2024-57994"
},
{
"category": "external",
"summary": "SUSE Bug 1237901 for CVE-2024-57994",
"url": "https://bugzilla.suse.com/1237901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57994"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wcn36xx: fix channel survey memory allocation size\n\nKASAN reported a memory allocation issue in wcn-\u003echan_survey\ndue to incorrect size calculation.\nThis commit uses kcalloc to allocate memory for wcn-\u003echan_survey,\nensuring proper initialization and preventing the use of uninitialized\nvalues when there are no frames on the channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57997",
"url": "https://www.suse.com/security/cve/CVE-2024-57997"
},
{
"category": "external",
"summary": "SUSE Bug 1238529 for CVE-2024-57997",
"url": "https://bugzilla.suse.com/1238529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58002",
"url": "https://www.suse.com/security/cve/CVE-2024-58002"
},
{
"category": "external",
"summary": "SUSE Bug 1238503 for CVE-2024-58002",
"url": "https://bugzilla.suse.com/1238503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58005",
"url": "https://www.suse.com/security/cve/CVE-2024-58005"
},
{
"category": "external",
"summary": "SUSE Bug 1237873 for CVE-2024-58005",
"url": "https://bugzilla.suse.com/1237873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()\n\nIn commit 4284c88fff0e (\"PCI: designware-ep: Allow pci_epc_set_bar() update\ninbound map address\") set_bar() was modified to support dynamically\nchanging the backing physical address of a BAR that was already configured.\n\nThis means that set_bar() can be called twice, without ever calling\nclear_bar() (as calling clear_bar() would clear the BAR\u0027s PCI address\nassigned by the host).\n\nThis can only be done if the new BAR size/flags does not differ from the\nexisting BAR configuration. Add these missing checks.\n\nIf we allow set_bar() to set e.g. a new BAR size that differs from the\nexisting BAR size, the new address translation range will be smaller than\nthe BAR size already determined by the host, which would mean that a read\npast the new BAR size would pass the iATU untranslated, which could allow\nthe host to read memory not belonging to the new struct pci_epf_bar.\n\nWhile at it, add comments which clarifies the support for dynamically\nchanging the physical address of a BAR. (Which was also missing.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58006",
"url": "https://www.suse.com/security/cve/CVE-2024-58006"
},
{
"category": "external",
"summary": "SUSE Bug 1238772 for CVE-2024-58006",
"url": "https://bugzilla.suse.com/1238772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It\u0027s always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it\u0027s\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58007",
"url": "https://www.suse.com/security/cve/CVE-2024-58007"
},
{
"category": "external",
"summary": "SUSE Bug 1238511 for CVE-2024-58007",
"url": "https://bugzilla.suse.com/1238511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58009",
"url": "https://www.suse.com/security/cve/CVE-2024-58009"
},
{
"category": "external",
"summary": "SUSE Bug 1238760 for CVE-2024-58009",
"url": "https://bugzilla.suse.com/1238760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58011",
"url": "https://www.suse.com/security/cve/CVE-2024-58011"
},
{
"category": "external",
"summary": "SUSE Bug 1239080 for CVE-2024-58011",
"url": "https://bugzilla.suse.com/1239080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params\n\nEach cpu DAI should associate with a widget. However, the topology might\nnot create the right number of DAI widgets for aggregated amps. And it\nwill cause NULL pointer deference.\nCheck that the DAI widget associated with the CPU DAI is valid to prevent\nNULL pointer deference due to missing DAI widgets in topologies with\naggregated amps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58012",
"url": "https://www.suse.com/security/cve/CVE-2024-58012"
},
{
"category": "external",
"summary": "SUSE Bug 1239104 for CVE-2024-58012",
"url": "https://bugzilla.suse.com/1239104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58013",
"url": "https://www.suse.com/security/cve/CVE-2024-58013"
},
{
"category": "external",
"summary": "SUSE Bug 1239095 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "external",
"summary": "SUSE Bug 1239096 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58014",
"url": "https://www.suse.com/security/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "SUSE Bug 1239109 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "external",
"summary": "SUSE Bug 1239110 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58017",
"url": "https://www.suse.com/security/cve/CVE-2024-58017"
},
{
"category": "external",
"summary": "SUSE Bug 1239112 for CVE-2024-58017",
"url": "https://bugzilla.suse.com/1239112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm: correctly calculate the available space of the GSP cmdq buffer\n\nr535_gsp_cmdq_push() waits for the available page in the GSP cmdq\nbuffer when handling a large RPC request. When it sees at least one\navailable page in the cmdq, it quits the waiting with the amount of\nfree buffer pages in the queue.\n\nUnfortunately, it always takes the [write pointer, buf_size) as\navailable buffer pages before rolling back and wrongly calculates the\nsize of the data should be copied. Thus, it can overwrite the RPC\nrequest that GSP is currently reading, which causes GSP hang due\nto corrupted RPC request:\n\n[ 549.209389] ------------[ cut here ]------------\n[ 549.214010] WARNING: CPU: 8 PID: 6314 at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c:116 r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.225678] Modules linked in: nvkm(E+) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) mlx5_ib(E) amd64_edac(E) edac_mce_amd(E) kvm_amd(E) ib_uverbs(E) kvm(E) ib_core(E) acpi_ipmi(E) ipmi_si(E) mxm_wmi(E) ipmi_devintf(E) rapl(E) i2c_piix4(E) wmi_bmof(E) joydev(E) ptdma(E) acpi_cpufreq(E) k10temp(E) pcspkr(E) ipmi_msghandler(E) xfs(E) libcrc32c(E) ast(E) i2c_algo_bit(E) crct10dif_pclmul(E) drm_shmem_helper(E) nvme_tcp(E) crc32_pclmul(E) ahci(E) drm_kms_helper(E) libahci(E) nvme_fabrics(E) crc32c_intel(E) nvme(E) cdc_ether(E) mlx5_core(E) nvme_core(E) usbnet(E) drm(E) libata(E) ccp(E) ghash_clmulni_intel(E) mii(E) t10_pi(E) mlxfw(E) sp5100_tco(E) psample(E) pci_hyperv_intf(E) wmi(E) dm_multipath(E) sunrpc(E) dm_mirror(E) dm_region_hash(E) dm_log(E) dm_mod(E) be2iscsi(E) bnx2i(E) cnic(E) uio(E) cxgb4i(E) cxgb4(E) tls(E) libcxgbi(E) libcxgb(E) qla4xxx(E)\n[ 549.225752] iscsi_boot_sysfs(E) iscsi_tcp(E) libiscsi_tcp(E) libiscsi(E) scsi_transport_iscsi(E) fuse(E) [last unloaded: gsp_log(E)]\n[ 549.326293] CPU: 8 PID: 6314 Comm: insmod Tainted: G E 6.9.0-rc6+ #1\n[ 549.334039] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 549.341781] RIP: 0010:r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.347343] Code: 08 00 00 89 da c1 e2 0c 48 8d ac 11 00 10 00 00 48 8b 0c 24 48 85 c9 74 1f c1 e0 0c 4c 8d 6d 30 83 e8 30 89 01 e9 68 ff ff ff \u003c0f\u003e 0b 49 c7 c5 92 ff ff ff e9 5a ff ff ff ba ff ff ff ff be c0 0c\n[ 549.366090] RSP: 0018:ffffacbccaaeb7d0 EFLAGS: 00010246\n[ 549.371315] RAX: 0000000000000000 RBX: 0000000000000012 RCX: 0000000000923e28\n[ 549.378451] RDX: 0000000000000000 RSI: 0000000055555554 RDI: ffffacbccaaeb730\n[ 549.385590] RBP: 0000000000000001 R08: ffff8bd14d235f70 R09: ffff8bd14d235f70\n[ 549.392721] R10: 0000000000000002 R11: ffff8bd14d233864 R12: 0000000000000020\n[ 549.399854] R13: ffffacbccaaeb818 R14: 0000000000000020 R15: ffff8bb298c67000\n[ 549.406988] FS: 00007f5179244740(0000) GS:ffff8bd14d200000(0000) knlGS:0000000000000000\n[ 549.415076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 549.420829] CR2: 00007fa844000010 CR3: 00000001567dc005 CR4: 0000000000770ef0\n[ 549.427963] PKRU: 55555554\n[ 549.430672] Call Trace:\n[ 549.433126] \u003cTASK\u003e\n[ 549.435233] ? __warn+0x7f/0x130\n[ 549.438473] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.443426] ? report_bug+0x18a/0x1a0\n[ 549.447098] ? handle_bug+0x3c/0x70\n[ 549.450589] ? exc_invalid_op+0x14/0x70\n[ 549.454430] ? asm_exc_invalid_op+0x16/0x20\n[ 549.458619] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.463565] r535_gsp_msg_recv+0x46/0x230 [nvkm]\n[ 549.468257] r535_gsp_rpc_push+0x106/0x160 [nvkm]\n[ 549.473033] r535_gsp_rpc_rm_ctrl_push+0x40/0x130 [nvkm]\n[ 549.478422] nvidia_grid_init_vgpu_types+0xbc/0xe0 [nvkm]\n[ 549.483899] nvidia_grid_init+0xb1/0xd0 [nvkm]\n[ 549.488420] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 549.493213] nvkm_device_pci_probe+0x305/0x420 [nvkm]\n[ 549.498338] local_pci_probe+0x46/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58018",
"url": "https://www.suse.com/security/cve/CVE-2024-58018"
},
{
"category": "external",
"summary": "SUSE Bug 1238990 for CVE-2024-58018",
"url": "https://bugzilla.suse.com/1238990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58018"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()\n\nAs of_find_node_by_name() release the reference of the argument device\nnode, tegra_emc_find_node_by_ram_code() releases some device nodes while\nstill in use, resulting in possible UAFs. According to the bindings and\nthe in-tree DTS files, the \"emc-tables\" node is always device\u0027s child\nnode with the property \"nvidia,use-ram-code\", and the \"lpddr2\" node is a\nchild of the \"emc-tables\" node. Thus utilize the\nfor_each_child_of_node() macro and of_get_child_by_name() instead of\nof_find_node_by_name() to simplify the code.\n\nThis bug was found by an experimental verification tool that I am\ndeveloping.\n\n[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58034",
"url": "https://www.suse.com/security/cve/CVE-2024-58034"
},
{
"category": "external",
"summary": "SUSE Bug 1238773 for CVE-2024-58034",
"url": "https://bugzilla.suse.com/1238773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: ipmb: Add check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this\nreturned value is not checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58051",
"url": "https://www.suse.com/security/cve/CVE-2024-58051"
},
{
"category": "external",
"summary": "SUSE Bug 1238963 for CVE-2024-58051",
"url": "https://bugzilla.suse.com/1238963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58052",
"url": "https://www.suse.com/security/cve/CVE-2024-58052"
},
{
"category": "external",
"summary": "SUSE Bug 1238986 for CVE-2024-58052",
"url": "https://bugzilla.suse.com/1238986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: max96712: fix kernel oops when removing module\n\nThe following kernel oops is thrown when trying to remove the max96712\nmodule:\n\nUnable to handle kernel paging request at virtual address 00007375746174db\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000\n[00007375746174db] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan\n snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2\n imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev\n snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils\n max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse\n [last unloaded: imx8_isi]\nCPU: 0 UID: 0 PID: 754 Comm: rmmod\n\t Tainted: G C 6.12.0-rc6-06364-g327fec852c31 #17\nTainted: [C]=CRAP\nHardware name: NXP i.MX95 19X19 board (DT)\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : led_put+0x1c/0x40\nlr : v4l2_subdev_put_privacy_led+0x48/0x58\nsp : ffff80008699bbb0\nx29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000\nx26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8\nx20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000\nx11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010\nx8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\nx5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1\nx2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473\nCall trace:\n led_put+0x1c/0x40\n v4l2_subdev_put_privacy_led+0x48/0x58\n v4l2_async_unregister_subdev+0x2c/0x1a4\n max96712_remove+0x1c/0x38 [max96712]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x4c/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n max96712_i2c_driver_exit+0x18/0x1d0 [max96712]\n __arm64_sys_delete_module+0x1a4/0x290\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xd8\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\nCode: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400)\n---[ end trace 0000000000000000 ]---\n\nThis happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata()\nis called again and the data is overwritten to point to sd, instead of\npriv. So, in remove(), the wrong pointer is passed to\nv4l2_async_unregister_subdev(), leading to a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58054",
"url": "https://www.suse.com/security/cve/CVE-2024-58054"
},
{
"category": "external",
"summary": "SUSE Bug 1238975 for CVE-2024-58054",
"url": "https://bugzilla.suse.com/1238975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don\u0027t free command immediately\n\nDon\u0027t prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58055",
"url": "https://www.suse.com/security/cve/CVE-2024-58055"
},
{
"category": "external",
"summary": "SUSE Bug 1238959 for CVE-2024-58055",
"url": "https://bugzilla.suse.com/1238959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been initialized to 0.\nida_free() is called reporting a warning:\n[ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[ 4.188854] ida_free called for id=0 which is not allocated.\n[ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[ 4.231481] Hardware name: STM32 (Device Tree Support)\n[ 4.236627] Workqueue: events_unbound deferred_probe_work_func\n[ 4.242504] Call trace:\n[ 4.242522] unwind_backtrace from show_stack+0x10/0x14\n[ 4.250218] show_stack from dump_stack_lvl+0x50/0x64\n[ 4.255274] dump_stack_lvl from __warn+0x80/0x12c\n[ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188\n[ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164\n[ 4.270565] ida_free from rproc_type_release+0x38/0x60\n[ 4.275832] rproc_type_release from device_release+0x30/0xa0\n[ 4.281601] device_release from kobject_put+0xc4/0x294\n[ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c\n[ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58056",
"url": "https://www.suse.com/security/cve/CVE-2024-58056"
},
{
"category": "external",
"summary": "SUSE Bug 1238981 for CVE-2024-58056",
"url": "https://bugzilla.suse.com/1238981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert workqueues to unbound\n\nWhen a workqueue is created with `WQ_UNBOUND`, its work items are\nserved by special worker-pools, whose host workers are not bound to\nany specific CPU. In the default configuration (i.e. when\n`queue_delayed_work` and friends do not specify which CPU to run the\nwork item on), `WQ_UNBOUND` allows the work item to be executed on any\nCPU in the same node of the CPU it was enqueued on. While this\nsolution potentially sacrifices locality, it avoids contention with\nother processes that might dominate the CPU time of the processor the\nwork item was scheduled on.\n\nThis is not just a theoretical problem: in a particular scenario\nmisconfigured process was hogging most of the time from CPU0, leaving\nless than 0.5% of its CPU time to the kworker. The IDPF workqueues\nthat were using the kworker on CPU0 suffered large completion delays\nas a result, causing performance degradation, timeouts and eventual\nsystem crash.\n\n\n* I have also run a manual test to gauge the performance\n improvement. The test consists of an antagonist process\n (`./stress --cpu 2`) consuming as much of CPU 0 as possible. This\n process is run under `taskset 01` to bind it to CPU0, and its\n priority is changed with `chrt -pQ 9900 10000 ${pid}` and\n `renice -n -20 ${pid}` after start.\n\n Then, the IDPF driver is forced to prefer CPU0 by editing all calls\n to `queue_delayed_work`, `mod_delayed_work`, etc... to use CPU 0.\n\n Finally, `ktraces` for the workqueue events are collected.\n\n Without the current patch, the antagonist process can force\n arbitrary delays between `workqueue_queue_work` and\n `workqueue_execute_start`, that in my tests were as high as\n `30ms`. With the current patch applied, the workqueue can be\n migrated to another unloaded CPU in the same node, and, keeping\n everything else equal, the maximum delay I could see was `6us`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58057",
"url": "https://www.suse.com/security/cve/CVE-2024-58057"
},
{
"category": "external",
"summary": "SUSE Bug 1238969 for CVE-2024-58057",
"url": "https://bugzilla.suse.com/1238969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58058",
"url": "https://www.suse.com/security/cve/CVE-2024-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1238979 for CVE-2024-58058",
"url": "https://bugzilla.suse.com/1238979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58061",
"url": "https://www.suse.com/security/cve/CVE-2024-58061"
},
{
"category": "external",
"summary": "SUSE Bug 1238973 for CVE-2024-58061",
"url": "https://bugzilla.suse.com/1238973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58063",
"url": "https://www.suse.com/security/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "SUSE Bug 1238984 for CVE-2024-58063",
"url": "https://bugzilla.suse.com/1238984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read\n\nThe nvmem interface supports variable buffer sizes, while the regmap\ninterface operates with fixed-size storage. If an nvmem client uses a\nbuffer size less than 4 bytes, regmap_read will write out of bounds\nas it expects the buffer to point at an unsigned int.\n\nFix this by using an intermediary unsigned int to hold the value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58069",
"url": "https://www.suse.com/security/cve/CVE-2024-58069"
},
{
"category": "external",
"summary": "SUSE Bug 1238978 for CVE-2024-58069",
"url": "https://bugzilla.suse.com/1238978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: prevent adding a device which is already a team device lower\n\nPrevent adding a device which is already a team device lower,\ne.g. adding veth0 if vlan1 was already added and veth0 is a lower of\nvlan1.\n\nThis is not useful in practice and can lead to recursive locking:\n\n$ ip link add veth0 type veth peer name veth1\n$ ip link set veth0 up\n$ ip link set veth1 up\n$ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1\n$ ip link add team0 type team\n$ ip link set veth0.1 down\n$ ip link set veth0.1 master team0\nteam0: Port device veth0.1 added\n$ ip link set veth0 down\n$ ip link set veth0 master team0\n\n============================================\nWARNING: possible recursive locking detected\n6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted\n--------------------------------------------\nip/7684 is trying to acquire lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n\nbut task is already holding lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977)\n\nother info that might help us debug this:\nPossible unsafe locking scenario:\n\nCPU0\n----\nlock(team-\u003eteam_lock_key);\nlock(team-\u003eteam_lock_key);\n\n*** DEADLOCK ***\n\nMay be due to missing lock nesting notation\n\n2 locks held by ip/7684:\n\nstack backtrace:\nCPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:122)\nprint_deadlock_bug.cold (kernel/locking/lockdep.c:3040)\n__lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226)\n? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548)\nlock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2))\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? lock_acquire (kernel/locking/lockdep.c:5822)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n__mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? fib_sync_up (net/ipv4/fib_semantics.c:2167)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nteam_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\n__dev_notify_flags (net/core/dev.c:8993)\n? __dev_change_flags (net/core/dev.c:8975)\ndev_change_flags (net/core/dev.c:9027)\nvlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470)\n? br_device_event (net/bridge/br.c:143)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\ndev_open (net/core/dev.c:1519 net/core/dev.c:1505)\nteam_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977)\n? __pfx_team_add_slave (drivers/net/team/team_core.c:1972)\ndo_set_master (net/core/rtnetlink.c:2917)\ndo_setlink.isra.0 (net/core/rtnetlink.c:3117)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58071",
"url": "https://www.suse.com/security/cve/CVE-2024-58071"
},
{
"category": "external",
"summary": "SUSE Bug 1238970 for CVE-2024-58071",
"url": "https://bugzilla.suse.com/1238970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58071"
},
{
"cve": "CVE-2024-58072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58072",
"url": "https://www.suse.com/security/cve/CVE-2024-58072"
},
{
"category": "external",
"summary": "SUSE Bug 1238964 for CVE-2024-58072",
"url": "https://bugzilla.suse.com/1238964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58076",
"url": "https://www.suse.com/security/cve/CVE-2024-58076"
},
{
"category": "external",
"summary": "SUSE Bug 1239037 for CVE-2024-58076",
"url": "https://bugzilla.suse.com/1239037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n\u003e \u003e WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n\u003e \u003e ida_free called for id=127 which is not allocated.\n\u003e \u003e \u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\n...\n\u003e \u003e [\u003c60941eb4\u003e] ida_free+0x3e0/0x41f\n\u003e \u003e [\u003c605ac993\u003e] misc_minor_free+0x3e/0xbc\n\u003e \u003e [\u003c605acb82\u003e] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58078",
"url": "https://www.suse.com/security/cve/CVE-2024-58078"
},
{
"category": "external",
"summary": "SUSE Bug 1239034 for CVE-2024-58078",
"url": "https://bugzilla.suse.com/1239034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58079",
"url": "https://www.suse.com/security/cve/CVE-2024-58079"
},
{
"category": "external",
"summary": "SUSE Bug 1239029 for CVE-2024-58079",
"url": "https://bugzilla.suse.com/1239029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58080",
"url": "https://www.suse.com/security/cve/CVE-2024-58080"
},
{
"category": "external",
"summary": "SUSE Bug 1239027 for CVE-2024-58080",
"url": "https://bugzilla.suse.com/1239027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don\u0027t emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58085",
"url": "https://www.suse.com/security/cve/CVE-2024-58085"
},
{
"category": "external",
"summary": "SUSE Bug 1239085 for CVE-2024-58085",
"url": "https://bugzilla.suse.com/1239085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58086",
"url": "https://www.suse.com/security/cve/CVE-2024-58086"
},
{
"category": "external",
"summary": "SUSE Bug 1239038 for CVE-2024-58086",
"url": "https://bugzilla.suse.com/1239038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2025-21631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix waker_bfqq UAF after bfq_split_bfqq()\n\nOur syzkaller report a following UAF for v6.6:\n\nBUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\nRead of size 8 at addr ffff8881b57147d8 by task fsstress/232726\n\nCPU: 2 PID: 232726 Comm: fsstress Not tainted 6.6.0-g3629d1885222 #39\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\n print_report+0x3e/0x70 mm/kasan/report.c:475\n kasan_report+0xb8/0xf0 mm/kasan/report.c:588\n hlist_add_head include/linux/list.h:1023 [inline]\n bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh+0x15e/0x2e0 fs/ext4/super.c:230\n __read_extent_tree_block+0x304/0x6f0 fs/ext4/extents.c:567\n ext4_find_extent+0x479/0xd20 fs/ext4/extents.c:947\n ext4_ext_map_blocks+0x1a3/0x2680 fs/ext4/extents.c:4182\n ext4_map_blocks+0x929/0x15a0 fs/ext4/inode.c:660\n ext4_iomap_begin_report+0x298/0x480 fs/ext4/inode.c:3569\n iomap_iter+0x3dd/0x1010 fs/iomap/iter.c:91\n iomap_fiemap+0x1f4/0x360 fs/iomap/fiemap.c:80\n ext4_fiemap+0x181/0x210 fs/ext4/extents.c:5051\n ioctl_fiemap.isra.0+0x1b4/0x290 fs/ioctl.c:220\n do_vfs_ioctl+0x31c/0x11a0 fs/ioctl.c:811\n __do_sys_ioctl fs/ioctl.c:869 [inline]\n __se_sys_ioctl+0xae/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nAllocated by task 232719:\n kasan_save_stack+0x22/0x50 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:768 [inline]\n slab_alloc_node mm/slub.c:3492 [inline]\n kmem_cache_alloc_node+0x1b8/0x6f0 mm/slub.c:3537\n bfq_get_queue+0x215/0x1f00 block/bfq-iosched.c:5869\n bfq_get_bfqq_handle_split+0x167/0x5f0 block/bfq-iosched.c:6776\n bfq_init_rq+0x13a4/0x17a0 block/bfq-iosched.c:6938\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh_nowait+0x15a/0x240 fs/ext4/super.c:217\n ext4_read_bh_lock+0xac/0xd0 fs/ext4/super.c:242\n ext4_bread_batch+0x268/0x500 fs/ext4/inode.c:958\n __ext4_find_entry+0x448/0x10f0 fs/ext4/namei.c:1671\n ext4_lookup_entry fs/ext4/namei.c:1774 [inline]\n ext4_lookup.part.0+0x359/0x6f0 fs/ext4/namei.c:1842\n ext4_lookup+0x72/0x90 fs/ext4/namei.c:1839\n __lookup_slow+0x257/0x480 fs/namei.c:1696\n lookup_slow fs/namei.c:1713 [inline]\n walk_component+0x454/0x5c0 fs/namei.c:2004\n link_path_walk.part.0+0x773/0xda0 fs/namei.c:2331\n link_path_walk fs/namei.c:3826 [inline]\n path_openat+0x1b9/0x520 fs/namei.c:3826\n do_filp_open+0x1b7/0x400 fs/namei.c:3857\n do_sys_openat2+0x5dc/0x6e0 fs/open.c:1428\n do_sys_open fs/open.c:1443 [inline]\n __do_sys_openat fs/open.c:1459 [inline]\n __se_sys_openat fs/open.c:1454 [inline]\n __x64_sys_openat+0x148/0x200 fs/open.c:1454\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_6\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21631",
"url": "https://www.suse.com/security/cve/CVE-2025-21631"
},
{
"category": "external",
"summary": "SUSE Bug 1236099 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "external",
"summary": "SUSE Bug 1236100 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: plpmtud_probe_interval: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.probe_interval\u0027 is\nused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21636",
"url": "https://www.suse.com/security/cve/CVE-2025-21636"
},
{
"category": "external",
"summary": "SUSE Bug 1236113 for CVE-2025-21636",
"url": "https://bugzilla.suse.com/1236113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21636"
},
{
"cve": "CVE-2025-21637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: udp_port: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21637",
"url": "https://www.suse.com/security/cve/CVE-2025-21637"
},
{
"category": "external",
"summary": "SUSE Bug 1236114 for CVE-2025-21637",
"url": "https://bugzilla.suse.com/1236114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21637"
},
{
"cve": "CVE-2025-21638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21638",
"url": "https://www.suse.com/security/cve/CVE-2025-21638"
},
{
"category": "external",
"summary": "SUSE Bug 1236115 for CVE-2025-21638",
"url": "https://bugzilla.suse.com/1236115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: rto_min/max: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.rto_min/max\u0027 is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21639",
"url": "https://www.suse.com/security/cve/CVE-2025-21639"
},
{
"category": "external",
"summary": "SUSE Bug 1236122 for CVE-2025-21639",
"url": "https://bugzilla.suse.com/1236122"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.sctp_hmac_alg\u0027 is\nused.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21640",
"url": "https://www.suse.com/security/cve/CVE-2025-21640"
},
{
"category": "external",
"summary": "SUSE Bug 1236123 for CVE-2025-21640",
"url": "https://bugzilla.suse.com/1236123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: sch_cake: add bounds checks to host bulk flow fairness counts\n\nEven though we fixed a logic error in the commit cited below, syzbot\nstill managed to trigger an underflow of the per-host bulk flow\ncounters, leading to an out of bounds memory access.\n\nTo avoid any such logic errors causing out of bounds memory accesses,\nthis commit factors out all accesses to the per-host bulk flow counters\nto a series of helpers that perform bounds-checking before any\nincrements and decrements. This also has the benefit of improving\nreadability by moving the conditional checks for the flow mode into\nthese helpers, instead of having them spread out throughout the\ncode (which was the cause of the original logic error).\n\nAs part of this change, the flow quantum calculation is consolidated\ninto a helper function, which means that the dithering applied to the\nost load scaling is now applied both in the DRR rotation and when a\nsparse flow\u0027s quantum is first initiated. The only user-visible effect\nof this is that the maximum packet size that can be sent while a flow\nstays sparse will now vary with +/- one byte in some cases. This should\nnot make a noticeable difference in practice, and thus it\u0027s not worth\ncomplicating the code to preserve the old behaviour.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21647",
"url": "https://www.suse.com/security/cve/CVE-2025-21647"
},
{
"category": "external",
"summary": "SUSE Bug 1236133 for CVE-2025-21647",
"url": "https://bugzilla.suse.com/1236133"
},
{
"category": "external",
"summary": "SUSE Bug 1236134 for CVE-2025-21647",
"url": "https://bugzilla.suse.com/1236134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21647"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfilemap: avoid truncating 64-bit offset to 32 bits\n\nOn 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a\n64-bit value to 32 bits, leading to a possible infinite loop when writing\nto an xfs filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21665",
"url": "https://www.suse.com/security/cve/CVE-2025-21665"
},
{
"category": "external",
"summary": "SUSE Bug 1236684 for CVE-2025-21665",
"url": "https://bugzilla.suse.com/1236684"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21665"
},
{
"cve": "CVE-2025-21666",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21666"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: prevent null-ptr-deref in vsock_*[has_data|has_space]\n\nRecent reports have shown how we sometimes call vsock_*_has_data()\nwhen a vsock socket has been de-assigned from a transport (see attached\nlinks), but we shouldn\u0027t.\n\nPrevious commits should have solved the real problems, but we may have\nmore in the future, so to avoid null-ptr-deref, we can return 0\n(no space, no data available) but with a warning.\n\nThis way the code should continue to run in a nearly consistent state\nand have a warning that allows us to debug future problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21666",
"url": "https://www.suse.com/security/cve/CVE-2025-21666"
},
{
"category": "external",
"summary": "SUSE Bug 1236680 for CVE-2025-21666",
"url": "https://bugzilla.suse.com/1236680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21666"
},
{
"cve": "CVE-2025-21667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niomap: avoid avoid truncating 64-bit offset to 32 bits\n\non 32-bit kernels, iomap_write_delalloc_scan() was inadvertently using a\n32-bit position due to folio_next_index() returning an unsigned long.\nThis could lead to an infinite loop when writing to an xfs filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21667",
"url": "https://www.suse.com/security/cve/CVE-2025-21667"
},
{
"category": "external",
"summary": "SUSE Bug 1236681 for CVE-2025-21667",
"url": "https://bugzilla.suse.com/1236681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21667"
},
{
"cve": "CVE-2025-21668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: add missing loop break condition\n\nCurrently imx8mp_blk_ctrl_remove() will continue the for loop\nuntil an out-of-bounds exception occurs.\n\npstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : dev_pm_domain_detach+0x8/0x48\nlr : imx8mp_blk_ctrl_shutdown+0x58/0x90\nsp : ffffffc084f8bbf0\nx29: ffffffc084f8bbf0 x28: ffffff80daf32ac0 x27: 0000000000000000\nx26: ffffffc081658d78 x25: 0000000000000001 x24: ffffffc08201b028\nx23: ffffff80d0db9490 x22: ffffffc082340a78 x21: 00000000000005b0\nx20: ffffff80d19bc180 x19: 000000000000000a x18: ffffffffffffffff\nx17: ffffffc080a39e08 x16: ffffffc080a39c98 x15: 4f435f464f006c72\nx14: 0000000000000004 x13: ffffff80d0172110 x12: 0000000000000000\nx11: ffffff80d0537740 x10: ffffff80d05376c0 x9 : ffffffc0808ed2d8\nx8 : ffffffc084f8bab0 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : ffffff80d19b9420 x4 : fffffffe03466e60 x3 : 0000000080800077\nx2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000\nCall trace:\n dev_pm_domain_detach+0x8/0x48\n platform_shutdown+0x2c/0x48\n device_shutdown+0x158/0x268\n kernel_restart_prepare+0x40/0x58\n kernel_kexec+0x58/0xe8\n __do_sys_reboot+0x198/0x258\n __arm64_sys_reboot+0x2c/0x40\n invoke_syscall+0x5c/0x138\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x38/0xc8\n el0t_64_sync_handler+0x120/0x130\n el0t_64_sync+0x190/0x198\nCode: 8128c2d0 ffffffc0 aa1e03e9 d503201f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21668",
"url": "https://www.suse.com/security/cve/CVE-2025-21668"
},
{
"category": "external",
"summary": "SUSE Bug 1236682 for CVE-2025-21668",
"url": "https://bugzilla.suse.com/1236682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21668"
},
{
"cve": "CVE-2025-21669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: discard packets if the transport changes\n\nIf the socket has been de-assigned or assigned to another transport,\nwe must discard any packets received because they are not expected\nand would cause issues when we access vsk-\u003etransport.\n\nA possible scenario is described by Hyunwoo Kim in the attached link,\nwhere after a first connect() interrupted by a signal, and a second\nconnect() failed, we can find `vsk-\u003etransport` at NULL, leading to a\nNULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21669",
"url": "https://www.suse.com/security/cve/CVE-2025-21669"
},
{
"category": "external",
"summary": "SUSE Bug 1236683 for CVE-2025-21669",
"url": "https://bugzilla.suse.com/1236683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21669"
},
{
"cve": "CVE-2025-21670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/bpf: return early if transport is not assigned\n\nSome of the core functions can only be called if the transport\nhas been assigned.\n\nAs Michal reported, a socket might have the transport at NULL,\nfor example after a failed connect(), causing the following trace:\n\n BUG: kernel NULL pointer dereference, address: 00000000000000a0\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 12faf8067 P4D 12faf8067 PUD 113670067 PMD 0\n Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 15 UID: 0 PID: 1198 Comm: a.out Not tainted 6.13.0-rc2+\n RIP: 0010:vsock_connectible_has_data+0x1f/0x40\n Call Trace:\n vsock_bpf_recvmsg+0xca/0x5e0\n sock_recvmsg+0xb9/0xc0\n __sys_recvfrom+0xb3/0x130\n __x64_sys_recvfrom+0x20/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nSo we need to check the `vsk-\u003etransport` in vsock_bpf_recvmsg(),\nespecially for connected sockets (stream/seqpacket) as we already\ndo in __vsock_connectible_recvmsg().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21670",
"url": "https://www.suse.com/security/cve/CVE-2025-21670"
},
{
"category": "external",
"summary": "SUSE Bug 1236685 for CVE-2025-21670",
"url": "https://bugzilla.suse.com/1236685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21670"
},
{
"cve": "CVE-2025-21671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram-\u003etable without\nsetting it NULL. Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21671",
"url": "https://www.suse.com/security/cve/CVE-2025-21671"
},
{
"category": "external",
"summary": "SUSE Bug 1236692 for CVE-2025-21671",
"url": "https://bugzilla.suse.com/1236692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double free of TCP_Server_Info::hostname\n\nWhen shutting down the server in cifs_put_tcp_session(), cifsd thread\nmight be reconnecting to multiple DFS targets before it realizes it\nshould exit the loop, so @server-\u003ehostname can\u0027t be freed as long as\ncifsd thread isn\u0027t done. Otherwise the following can happen:\n\n RIP: 0010:__slab_free+0x223/0x3c0\n Code: 5e 41 5f c3 cc cc cc cc 4c 89 de 4c 89 cf 44 89 44 24 08 4c 89\n 1c 24 e8 fb cf 8e 00 44 8b 44 24 08 4c 8b 1c 24 e9 5f fe ff ff \u003c0f\u003e\n 0b 41 f7 45 08 00 0d 21 00 0f 85 2d ff ff ff e9 1f ff ff ff 80\n RSP: 0018:ffffb26180dbfd08 EFLAGS: 00010246\n RAX: ffff8ea34728e510 RBX: ffff8ea34728e500 RCX: 0000000000800068\n RDX: 0000000000800068 RSI: 0000000000000000 RDI: ffff8ea340042400\n RBP: ffffe112041ca380 R08: 0000000000000001 R09: 0000000000000000\n R10: 6170732e31303000 R11: 70726f632e786563 R12: ffff8ea34728e500\n R13: ffff8ea340042400 R14: ffff8ea34728e500 R15: 0000000000800068\n FS: 0000000000000000(0000) GS:ffff8ea66fd80000(0000)\n 000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc25376080 CR3: 000000012a2ba001 CR4:\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? show_trace_log_lvl+0x1c4/0x2df\n ? show_trace_log_lvl+0x1c4/0x2df\n ? __reconnect_target_unlocked+0x3e/0x160 [cifs]\n ? __die_body.cold+0x8/0xd\n ? die+0x2b/0x50\n ? do_trap+0xce/0x120\n ? __slab_free+0x223/0x3c0\n ? do_error_trap+0x65/0x80\n ? __slab_free+0x223/0x3c0\n ? exc_invalid_op+0x4e/0x70\n ? __slab_free+0x223/0x3c0\n ? asm_exc_invalid_op+0x16/0x20\n ? __slab_free+0x223/0x3c0\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? extract_hostname+0x5c/0xa0 [cifs]\n ? __kmalloc+0x4b/0x140\n __reconnect_target_unlocked+0x3e/0x160 [cifs]\n reconnect_dfs_server+0x145/0x430 [cifs]\n cifs_handle_standard+0x1ad/0x1d0 [cifs]\n cifs_demultiplex_thread+0x592/0x730 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0xdd/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x50\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21673",
"url": "https://www.suse.com/security/cve/CVE-2025-21673"
},
{
"category": "external",
"summary": "SUSE Bug 1236689 for CVE-2025-21673",
"url": "https://bugzilla.suse.com/1236689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21673"
},
{
"cve": "CVE-2025-21675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Clear port select structure when fail to create\n\nClear the port select structure on error so no stale values left after\ndefiners are destroyed. That\u0027s because the mlx5_lag_destroy_definers()\nalways try to destroy all lag definers in the tt_map, so in the flow\nbelow lag definers get double-destroyed and cause kernel crash:\n\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() \u003c- Failed on tt 1\n mlx5_lag_destroy_definers() \u003c- definers[tt=0] gets destroyed\n mlx5_lag_port_sel_create()\n mlx5_lag_create_definers()\n mlx5_lag_create_definer() \u003c- Failed on tt 0\n mlx5_lag_destroy_definers() \u003c- definers[tt=0] gets double-destroyed\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008\n Mem abort info:\n ESR = 0x0000000096000005\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x05: level 1 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n user pgtable: 64k pages, 48-bit VAs, pgdp=0000000112ce2e00\n [0000000000000008] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n Modules linked in: iptable_raw bonding ip_gre ip6_gre gre ip6_tunnel tunnel6 geneve ip6_udp_tunnel udp_tunnel ipip tunnel4 ip_tunnel rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) ib_uverbs(OE) mlx5_fwctl(OE) fwctl(OE) mlx5_core(OE) mlxdevm(OE) ib_core(OE) mlxfw(OE) memtrack(OE) mlx_compat(OE) openvswitch nsh nf_conncount psample xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 br_netfilter bridge stp llc netconsole overlay efi_pstore sch_fq_codel zram ip_tables crct10dif_ce qemu_fw_cfg fuse ipv6 crc_ccitt [last unloaded: mlx_compat(OE)]\n CPU: 3 UID: 0 PID: 217 Comm: kworker/u53:2 Tainted: G OE 6.11.0+ #2\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU KVM Virtual Machine, BIOS 0.0.0 02/06/2015\n Workqueue: mlx5_lag mlx5_do_bond_work [mlx5_core]\n pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n lr : mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n sp : ffff800085fafb00\n x29: ffff800085fafb00 x28: ffff0000da0c8000 x27: 0000000000000000\n x26: ffff0000da0c8000 x25: ffff0000da0c8000 x24: ffff0000da0c8000\n x23: ffff0000c31f81a0 x22: 0400000000000000 x21: ffff0000da0c8000\n x20: 0000000000000000 x19: 0000000000000001 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffff8b0c9350\n x14: 0000000000000000 x13: ffff800081390d18 x12: ffff800081dc3cc0\n x11: 0000000000000001 x10: 0000000000000b10 x9 : ffff80007ab7304c\n x8 : ffff0000d00711f0 x7 : 0000000000000004 x6 : 0000000000000190\n x5 : ffff00027edb3010 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : ffff0000d39b8000 x1 : ffff0000d39b8000 x0 : 0400000000000000\n Call trace:\n mlx5_del_flow_rules+0x24/0x2c0 [mlx5_core]\n mlx5_lag_destroy_definer+0x54/0x100 [mlx5_core]\n mlx5_lag_destroy_definers+0xa0/0x108 [mlx5_core]\n mlx5_lag_port_sel_create+0x2d4/0x6f8 [mlx5_core]\n mlx5_activate_lag+0x60c/0x6f8 [mlx5_core]\n mlx5_do_bond_work+0x284/0x5c8 [mlx5_core]\n process_one_work+0x170/0x3e0\n worker_thread+0x2d8/0x3e0\n kthread+0x11c/0x128\n ret_from_fork+0x10/0x20\n Code: a9025bf5 aa0003f6 a90363f7 f90023f9 (f9400400)\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21675",
"url": "https://www.suse.com/security/cve/CVE-2025-21675"
},
{
"category": "external",
"summary": "SUSE Bug 1236694 for CVE-2025-21675",
"url": "https://bugzilla.suse.com/1236694"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21675"
},
{
"cve": "CVE-2025-21678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Destroy device along with udp socket\u0027s netns dismantle.\n\ngtp_newlink() links the device to a list in dev_net(dev) instead of\nsrc_net, where a udp tunnel socket is created.\n\nEven when src_net is removed, the device stays alive on dev_net(dev).\nThen, removing src_net triggers the splat below. [0]\n\nIn this example, gtp0 is created in ns2, and the udp socket is created\nin ns1.\n\n ip netns add ns1\n ip netns add ns2\n ip -n ns1 link add netns ns2 name gtp0 type gtp role sgsn\n ip netns del ns1\n\nLet\u0027s link the device to the socket\u0027s netns instead.\n\nNow, gtp_net_exit_batch_rtnl() needs another netdev iteration to remove\nall gtp devices in the netns.\n\n[0]:\nref_tracker: net notrefcnt@000000003d6e7d05 has 1/2 users at\n sk_alloc (./include/net/net_namespace.h:345 net/core/sock.c:2236)\n inet_create (net/ipv4/af_inet.c:326 net/ipv4/af_inet.c:252)\n __sock_create (net/socket.c:1558)\n udp_sock_create4 (net/ipv4/udp_tunnel_core.c:18)\n gtp_create_sock (./include/net/udp_tunnel.h:59 drivers/net/gtp.c:1423)\n gtp_create_sockets (drivers/net/gtp.c:1447)\n gtp_newlink (drivers/net/gtp.c:1507)\n rtnl_newlink (net/core/rtnetlink.c:3786 net/core/rtnetlink.c:3897 net/core/rtnetlink.c:4012)\n rtnetlink_rcv_msg (net/core/rtnetlink.c:6922)\n netlink_rcv_skb (net/netlink/af_netlink.c:2542)\n netlink_unicast (net/netlink/af_netlink.c:1321 net/netlink/af_netlink.c:1347)\n netlink_sendmsg (net/netlink/af_netlink.c:1891)\n ____sys_sendmsg (net/socket.c:711 net/socket.c:726 net/socket.c:2583)\n ___sys_sendmsg (net/socket.c:2639)\n __sys_sendmsg (net/socket.c:2669)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n\nWARNING: CPU: 1 PID: 60 at lib/ref_tracker.c:179 ref_tracker_dir_exit (lib/ref_tracker.c:179)\nModules linked in:\nCPU: 1 UID: 0 PID: 60 Comm: kworker/u16:2 Not tainted 6.13.0-rc5-00147-g4c1224501e9d #5\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:ref_tracker_dir_exit (lib/ref_tracker.c:179)\nCode: 00 00 00 fc ff df 4d 8b 26 49 bd 00 01 00 00 00 00 ad de 4c 39 f5 0f 85 df 00 00 00 48 8b 74 24 08 48 89 df e8 a5 cc 12 02 90 \u003c0f\u003e 0b 90 48 8d 6b 44 be 04 00 00 00 48 89 ef e8 80 de 67 ff 48 89\nRSP: 0018:ff11000009a07b60 EFLAGS: 00010286\nRAX: 0000000000002bd3 RBX: ff1100000f4e1aa0 RCX: 1ffffffff0e40ac6\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8423ee3c\nRBP: ff1100000f4e1af0 R08: 0000000000000001 R09: fffffbfff0e395ae\nR10: 0000000000000001 R11: 0000000000036001 R12: ff1100000f4e1af0\nR13: dead000000000100 R14: ff1100000f4e1af0 R15: dffffc0000000000\nFS: 0000000000000000(0000) GS:ff1100006ce80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f9b2464bd98 CR3: 0000000005286005 CR4: 0000000000771ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn (kernel/panic.c:748)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? report_bug (lib/bug.c:201 lib/bug.c:219)\n ? handle_bug (arch/x86/kernel/traps.c:285)\n ? exc_invalid_op (arch/x86/kernel/traps.c:309 (discriminator 1))\n ? asm_exc_invalid_op (./arch/x86/include/asm/idtentry.h:621)\n ? _raw_spin_unlock_irqrestore (./arch/x86/include/asm/irqflags.h:42 ./arch/x86/include/asm/irqflags.h:97 ./arch/x86/include/asm/irqflags.h:155 ./include/linux/spinlock_api_smp.h:151 kernel/locking/spinlock.c:194)\n ? ref_tracker_dir_exit (lib/ref_tracker.c:179)\n ? __pfx_ref_tracker_dir_exit (lib/ref_tracker.c:158)\n ? kfree (mm/slub.c:4613 mm/slub.c:4761)\n net_free (net/core/net_namespace.c:476 net/core/net_namespace.c:467)\n cleanup_net (net/core/net_namespace.c:664 (discriminator 3))\n process_one_work (kernel/workqueue.c:3229)\n worker_thread (kernel/workqueue.c:3304 kernel/workqueue.c:3391\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21678",
"url": "https://www.suse.com/security/cve/CVE-2025-21678"
},
{
"category": "external",
"summary": "SUSE Bug 1236698 for CVE-2025-21678",
"url": "https://bugzilla.suse.com/1236698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21678"
},
{
"cve": "CVE-2025-21680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npktgen: Avoid out-of-bounds access in get_imix_entries\n\nPassing a sufficient amount of imix entries leads to invalid access to the\npkt_dev-\u003eimix_entries array because of the incorrect boundary check.\n\nUBSAN: array-index-out-of-bounds in net/core/pktgen.c:874:24\nindex 20 is out of range for type \u0027imix_pkt [20]\u0027\nCPU: 2 PID: 1210 Comm: bash Not tainted 6.10.0-rc1 #121\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl lib/dump_stack.c:117\n__ubsan_handle_out_of_bounds lib/ubsan.c:429\nget_imix_entries net/core/pktgen.c:874\npktgen_if_write net/core/pktgen.c:1063\npde_write fs/proc/inode.c:334\nproc_reg_write fs/proc/inode.c:346\nvfs_write fs/read_write.c:593\nksys_write fs/read_write.c:644\ndo_syscall_64 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe arch/x86/entry/entry_64.S:130\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[ fp: allow to fill the array completely; minor changelog cleanup ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21680",
"url": "https://www.suse.com/security/cve/CVE-2025-21680"
},
{
"category": "external",
"summary": "SUSE Bug 1236700 for CVE-2025-21680",
"url": "https://bugzilla.suse.com/1236700"
},
{
"category": "external",
"summary": "SUSE Bug 1236701 for CVE-2025-21680",
"url": "https://bugzilla.suse.com/1236701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21680"
},
{
"cve": "CVE-2025-21681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: fix lockup on tx to unregistering netdev with carrier\n\nCommit in a fixes tag attempted to fix the issue in the following\nsequence of calls:\n\n do_output\n -\u003e ovs_vport_send\n -\u003e dev_queue_xmit\n -\u003e __dev_queue_xmit\n -\u003e netdev_core_pick_tx\n -\u003e skb_tx_hash\n\nWhen device is unregistering, the \u0027dev-\u003ereal_num_tx_queues\u0027 goes to\nzero and the \u0027while (unlikely(hash \u003e= qcount))\u0027 loop inside the\n\u0027skb_tx_hash\u0027 becomes infinite, locking up the core forever.\n\nBut unfortunately, checking just the carrier status is not enough to\nfix the issue, because some devices may still be in unregistering\nstate while reporting carrier status OK.\n\nOne example of such device is a net/dummy. It sets carrier ON\non start, but it doesn\u0027t implement .ndo_stop to set the carrier off.\nAnd it makes sense, because dummy doesn\u0027t really have a carrier.\nTherefore, while this device is unregistering, it\u0027s still easy to hit\nthe infinite loop in the skb_tx_hash() from the OVS datapath. There\nmight be other drivers that do the same, but dummy by itself is\nimportant for the OVS ecosystem, because it is frequently used as a\npacket sink for tcpdump while debugging OVS deployments. And when the\nissue is hit, the only way to recover is to reboot.\n\nFix that by also checking if the device is running. The running\nstate is handled by the net core during unregistering, so it covers\nunregistering case better, and we don\u0027t really need to send packets\nto devices that are not running anyway.\n\nWhile only checking the running state might be enough, the carrier\ncheck is preserved. The running and the carrier states seem disjoined\nthroughout the code and different drivers. And other core functions\nlike __dev_direct_xmit() check both before attempting to transmit\na packet. So, it seems safer to check both flags in OVS as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21681",
"url": "https://www.suse.com/security/cve/CVE-2025-21681"
},
{
"category": "external",
"summary": "SUSE Bug 1236702 for CVE-2025-21681",
"url": "https://bugzilla.suse.com/1236702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21681"
},
{
"cve": "CVE-2025-21684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: xilinx: Convert gpio_lock to raw spinlock\n\nirq_chip functions may be called in raw spinlock context. Therefore, we\nmust also use a raw spinlock for our own internal locking.\n\nThis fixes the following lockdep splat:\n\n[ 5.349336] =============================\n[ 5.353349] [ BUG: Invalid wait context ]\n[ 5.357361] 6.13.0-rc5+ #69 Tainted: G W\n[ 5.363031] -----------------------------\n[ 5.367045] kworker/u17:1/44 is trying to lock:\n[ 5.371587] ffffff88018b02c0 (\u0026chip-\u003egpio_lock){....}-{3:3}, at: xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.380079] other info that might help us debug this:\n[ 5.385138] context-{5:5}\n[ 5.387762] 5 locks held by kworker/u17:1/44:\n[ 5.392123] #0: ffffff8800014958 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3204)\n[ 5.402260] #1: ffffffc082fcbdd8 (deferred_probe_work){+.+.}-{0:0}, at: process_one_work (kernel/workqueue.c:3205)\n[ 5.411528] #2: ffffff880172c900 (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach (drivers/base/dd.c:1006)\n[ 5.419929] #3: ffffff88039c8268 (request_class#2){+.+.}-{4:4}, at: __setup_irq (kernel/irq/internals.h:156 kernel/irq/manage.c:1596)\n[ 5.428331] #4: ffffff88039c80c8 (lock_class#2){....}-{2:2}, at: __setup_irq (kernel/irq/manage.c:1614)\n[ 5.436472] stack backtrace:\n[ 5.439359] CPU: 2 UID: 0 PID: 44 Comm: kworker/u17:1 Tainted: G W 6.13.0-rc5+ #69\n[ 5.448690] Tainted: [W]=WARN\n[ 5.451656] Hardware name: xlnx,zynqmp (DT)\n[ 5.455845] Workqueue: events_unbound deferred_probe_work_func\n[ 5.461699] Call trace:\n[ 5.464147] show_stack+0x18/0x24 C\n[ 5.467821] dump_stack_lvl (lib/dump_stack.c:123)\n[ 5.471501] dump_stack (lib/dump_stack.c:130)\n[ 5.474824] __lock_acquire (kernel/locking/lockdep.c:4828 kernel/locking/lockdep.c:4898 kernel/locking/lockdep.c:5176)\n[ 5.478758] lock_acquire (arch/arm64/include/asm/percpu.h:40 kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851 kernel/locking/lockdep.c:5814)\n[ 5.482429] _raw_spin_lock_irqsave (include/linux/spinlock_api_smp.h:111 kernel/locking/spinlock.c:162)\n[ 5.486797] xgpio_irq_unmask (drivers/gpio/gpio-xilinx.c:433 (discriminator 8))\n[ 5.490737] irq_enable (kernel/irq/internals.h:236 kernel/irq/chip.c:170 kernel/irq/chip.c:439 kernel/irq/chip.c:432 kernel/irq/chip.c:345)\n[ 5.494060] __irq_startup (kernel/irq/internals.h:241 kernel/irq/chip.c:180 kernel/irq/chip.c:250)\n[ 5.497645] irq_startup (kernel/irq/chip.c:270)\n[ 5.501143] __setup_irq (kernel/irq/manage.c:1807)\n[ 5.504728] request_threaded_irq (kernel/irq/manage.c:2208)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21684",
"url": "https://www.suse.com/security/cve/CVE-2025-21684"
},
{
"category": "external",
"summary": "SUSE Bug 1236952 for CVE-2025-21684",
"url": "https://bugzilla.suse.com/1236952"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21684"
},
{
"cve": "CVE-2025-21687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/platform: check the bounds of read/write syscalls\n\ncount and offset are passed from user space and not checked, only\noffset is capped to 40 bits, which can be used to read/write out of\nbounds of the device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21687",
"url": "https://www.suse.com/security/cve/CVE-2025-21687"
},
{
"category": "external",
"summary": "SUSE Bug 1237045 for CVE-2025-21687",
"url": "https://bugzilla.suse.com/1237045"
},
{
"category": "external",
"summary": "SUSE Bug 1237046 for CVE-2025-21687",
"url": "https://bugzilla.suse.com/1237046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21687"
},
{
"cve": "CVE-2025-21688",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21688"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Assign job pointer to NULL before signaling the fence\n\nIn commit e4b5ccd392b9 (\"drm/v3d: Ensure job pointer is set to NULL\nafter job completion\"), we introduced a change to assign the job pointer\nto NULL after completing a job, indicating job completion.\n\nHowever, this approach created a race condition between the DRM\nscheduler workqueue and the IRQ execution thread. As soon as the fence is\nsignaled in the IRQ execution thread, a new job starts to be executed.\nThis results in a race condition where the IRQ execution thread sets the\njob pointer to NULL simultaneously as the `run_job()` function assigns\na new job to the pointer.\n\nThis race condition can lead to a NULL pointer dereference if the IRQ\nexecution thread sets the job pointer to NULL after `run_job()` assigns\nit to the new job. When the new job completes and the GPU emits an\ninterrupt, `v3d_irq()` is triggered, potentially causing a crash.\n\n[ 466.310099] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000c0\n[ 466.318928] Mem abort info:\n[ 466.321723] ESR = 0x0000000096000005\n[ 466.325479] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 466.330807] SET = 0, FnV = 0\n[ 466.333864] EA = 0, S1PTW = 0\n[ 466.337010] FSC = 0x05: level 1 translation fault\n[ 466.341900] Data abort info:\n[ 466.344783] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\n[ 466.350285] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 466.355350] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 466.360677] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000089772000\n[ 466.367140] [00000000000000c0] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000\n[ 466.375875] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP\n[ 466.382163] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device algif_hash algif_skcipher af_alg bnep binfmt_misc vc4 snd_soc_hdmi_codec drm_display_helper cec brcmfmac_wcc spidev rpivid_hevc(C) drm_client_lib brcmfmac hci_uart drm_dma_helper pisp_be btbcm brcmutil snd_soc_core aes_ce_blk v4l2_mem2mem bluetooth aes_ce_cipher snd_compress videobuf2_dma_contig ghash_ce cfg80211 gf128mul snd_pcm_dmaengine videobuf2_memops ecdh_generic sha2_ce ecc videobuf2_v4l2 snd_pcm v3d sha256_arm64 rfkill videodev snd_timer sha1_ce libaes gpu_sched snd videobuf2_common sha1_generic drm_shmem_helper mc rp1_pio drm_kms_helper raspberrypi_hwmon spi_bcm2835 gpio_keys i2c_brcmstb rp1 raspberrypi_gpiomem rp1_mailbox rp1_adc nvmem_rmem uio_pdrv_genirq uio i2c_dev drm ledtrig_pattern drm_panel_orientation_quirks backlight fuse dm_mod ip_tables x_tables ipv6\n[ 466.458429] CPU: 0 UID: 1000 PID: 2008 Comm: chromium Tainted: G C 6.13.0-v8+ #18\n[ 466.467336] Tainted: [C]=CRAP\n[ 466.470306] Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT)\n[ 466.476157] pstate: 404000c9 (nZcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 466.483143] pc : v3d_irq+0x118/0x2e0 [v3d]\n[ 466.487258] lr : __handle_irq_event_percpu+0x60/0x228\n[ 466.492327] sp : ffffffc080003ea0\n[ 466.495646] x29: ffffffc080003ea0 x28: ffffff80c0c94200 x27: 0000000000000000\n[ 466.502807] x26: ffffffd08dd81d7b x25: ffffff80c0c94200 x24: ffffff8003bdc200\n[ 466.509969] x23: 0000000000000001 x22: 00000000000000a7 x21: 0000000000000000\n[ 466.517130] x20: ffffff8041bb0000 x19: 0000000000000001 x18: 0000000000000000\n[ 466.524291] x17: ffffffafadfb0000 x16: ffffffc080000000 x15: 0000000000000000\n[ 466.531452] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n[ 466.538613] x11: 0000000000000000 x10: 0000000000000000 x9 : ffffffd08c527eb0\n[ 466.545777] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n[ 466.552941] x5 : ffffffd08c4100d0 x4 : ffffffafadfb0000 x3 : ffffffc080003f70\n[ 466.560102] x2 : ffffffc0829e8058 x1 : 0000000000000001 x0 : 0000000000000000\n[ 466.567263] Call trace:\n[ 466.569711] v3d_irq+0x118/0x2e0 [v3d] (P)\n[ 466.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21688",
"url": "https://www.suse.com/security/cve/CVE-2025-21688"
},
{
"category": "external",
"summary": "SUSE Bug 1237007 for CVE-2025-21688",
"url": "https://bugzilla.suse.com/1237007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21688"
},
{
"cve": "CVE-2025-21689",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21689"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()\n\nThis patch addresses a null-ptr-deref in qt2_process_read_urb() due to\nan incorrect bounds check in the following:\n\n if (newport \u003e serial-\u003enum_ports) {\n dev_err(\u0026port-\u003edev,\n \"%s - port change to invalid port: %i\\n\",\n __func__, newport);\n break;\n }\n\nThe condition doesn\u0027t account for the valid range of the serial-\u003eport\nbuffer, which is from 0 to serial-\u003enum_ports - 1. When newport is equal\nto serial-\u003enum_ports, the assignment of \"port\" in the\nfollowing code is out-of-bounds and NULL:\n\n serial_priv-\u003ecurrent_port = newport;\n port = serial-\u003eport[serial_priv-\u003ecurrent_port];\n\nThe fix checks if newport is greater than or equal to serial-\u003enum_ports\nindicating it is out-of-bounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21689",
"url": "https://www.suse.com/security/cve/CVE-2025-21689"
},
{
"category": "external",
"summary": "SUSE Bug 1237017 for CVE-2025-21689",
"url": "https://bugzilla.suse.com/1237017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21689"
},
{
"cve": "CVE-2025-21690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: storvsc: Ratelimit warning logs to prevent VM denial of service\n\nIf there\u0027s a persistent error in the hypervisor, the SCSI warning for\nfailed I/O can flood the kernel log and max out CPU utilization,\npreventing troubleshooting from the VM side. Ratelimit the warning so\nit doesn\u0027t DoS the VM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21690",
"url": "https://www.suse.com/security/cve/CVE-2025-21690"
},
{
"category": "external",
"summary": "SUSE Bug 1237025 for CVE-2025-21690",
"url": "https://bugzilla.suse.com/1237025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21690"
},
{
"cve": "CVE-2025-21692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: fix ets qdisc OOB Indexing\n\nHaowei Yan \u003cg1042620637@gmail.com\u003e found that ets_class_from_arg() can\nindex an Out-Of-Bound class in ets_class_from_arg() when passed clid of\n0. The overflow may cause local privilege escalation.\n\n [ 18.852298] ------------[ cut here ]------------\n [ 18.853271] UBSAN: array-index-out-of-bounds in net/sched/sch_ets.c:93:20\n [ 18.853743] index 18446744073709551615 is out of range for type \u0027ets_class [16]\u0027\n [ 18.854254] CPU: 0 UID: 0 PID: 1275 Comm: poc Not tainted 6.12.6-dirty #17\n [ 18.854821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n [ 18.856532] Call Trace:\n [ 18.857441] \u003cTASK\u003e\n [ 18.858227] dump_stack_lvl+0xc2/0xf0\n [ 18.859607] dump_stack+0x10/0x20\n [ 18.860908] __ubsan_handle_out_of_bounds+0xa7/0xf0\n [ 18.864022] ets_class_change+0x3d6/0x3f0\n [ 18.864322] tc_ctl_tclass+0x251/0x910\n [ 18.864587] ? lock_acquire+0x5e/0x140\n [ 18.865113] ? __mutex_lock+0x9c/0xe70\n [ 18.866009] ? __mutex_lock+0xa34/0xe70\n [ 18.866401] rtnetlink_rcv_msg+0x170/0x6f0\n [ 18.866806] ? __lock_acquire+0x578/0xc10\n [ 18.867184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n [ 18.867503] netlink_rcv_skb+0x59/0x110\n [ 18.867776] rtnetlink_rcv+0x15/0x30\n [ 18.868159] netlink_unicast+0x1c3/0x2b0\n [ 18.868440] netlink_sendmsg+0x239/0x4b0\n [ 18.868721] ____sys_sendmsg+0x3e2/0x410\n [ 18.869012] ___sys_sendmsg+0x88/0xe0\n [ 18.869276] ? rseq_ip_fixup+0x198/0x260\n [ 18.869563] ? rseq_update_cpu_node_id+0x10a/0x190\n [ 18.869900] ? trace_hardirqs_off+0x5a/0xd0\n [ 18.870196] ? syscall_exit_to_user_mode+0xcc/0x220\n [ 18.870547] ? do_syscall_64+0x93/0x150\n [ 18.870821] ? __memcg_slab_free_hook+0x69/0x290\n [ 18.871157] __sys_sendmsg+0x69/0xd0\n [ 18.871416] __x64_sys_sendmsg+0x1d/0x30\n [ 18.871699] x64_sys_call+0x9e2/0x2670\n [ 18.871979] do_syscall_64+0x87/0x150\n [ 18.873280] ? do_syscall_64+0x93/0x150\n [ 18.874742] ? lock_release+0x7b/0x160\n [ 18.876157] ? do_user_addr_fault+0x5ce/0x8f0\n [ 18.877833] ? irqentry_exit_to_user_mode+0xc2/0x210\n [ 18.879608] ? irqentry_exit+0x77/0xb0\n [ 18.879808] ? clear_bhb_loop+0x15/0x70\n [ 18.880023] ? clear_bhb_loop+0x15/0x70\n [ 18.880223] ? clear_bhb_loop+0x15/0x70\n [ 18.880426] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [ 18.880683] RIP: 0033:0x44a957\n [ 18.880851] Code: ff ff e8 fc 00 00 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 8974 24 10\n [ 18.881766] RSP: 002b:00007ffcdd00fad8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n [ 18.882149] RAX: ffffffffffffffda RBX: 00007ffcdd010db8 RCX: 000000000044a957\n [ 18.882507] RDX: 0000000000000000 RSI: 00007ffcdd00fb70 RDI: 0000000000000003\n [ 18.885037] RBP: 00007ffcdd010bc0 R08: 000000000703c770 R09: 000000000703c7c0\n [ 18.887203] R10: 0000000000000080 R11: 0000000000000246 R12: 0000000000000001\n [ 18.888026] R13: 00007ffcdd010da8 R14: 00000000004ca7d0 R15: 0000000000000001\n [ 18.888395] \u003c/TASK\u003e\n [ 18.888610] ---[ end trace ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21692",
"url": "https://www.suse.com/security/cve/CVE-2025-21692"
},
{
"category": "external",
"summary": "SUSE Bug 1237028 for CVE-2025-21692",
"url": "https://bugzilla.suse.com/1237028"
},
{
"category": "external",
"summary": "SUSE Bug 1237048 for CVE-2025-21692",
"url": "https://bugzilla.suse.com/1237048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21692"
},
{
"cve": "CVE-2025-21693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that\u0027s discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21693",
"url": "https://www.suse.com/security/cve/CVE-2025-21693"
},
{
"category": "external",
"summary": "SUSE Bug 1237029 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "external",
"summary": "SUSE Bug 1237047 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Ensure job pointer is set to NULL after job completion\n\nAfter a job completes, the corresponding pointer in the device must\nbe set to NULL. Failing to do so triggers a warning when unloading\nthe driver, as it appears the job is still active. To prevent this,\nassign the job pointer to NULL after completing the job, indicating\nthe job has finished.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21697",
"url": "https://www.suse.com/security/cve/CVE-2025-21697"
},
{
"category": "external",
"summary": "SUSE Bug 1237132 for CVE-2025-21697",
"url": "https://bugzilla.suse.com/1237132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "low"
}
],
"title": "CVE-2025-21697"
},
{
"cve": "CVE-2025-21699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Truncate address space when flipping GFS2_DIF_JDATA flag\n\nTruncate an inode\u0027s address space when flipping the GFS2_DIF_JDATA flag:\ndepending on that flag, the pages in the address space will either use\nbuffer heads or iomap_folio_state structs, and we cannot mix the two.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21699",
"url": "https://www.suse.com/security/cve/CVE-2025-21699"
},
{
"category": "external",
"summary": "SUSE Bug 1237139 for CVE-2025-21699",
"url": "https://bugzilla.suse.com/1237139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21699"
},
{
"cve": "CVE-2025-21700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: Disallow replacing of child qdisc from one parent to another\n\nLion Ackermann was able to create a UAF which can be abused for privilege\nescalation with the following script\n\nStep 1. create root qdisc\ntc qdisc add dev lo root handle 1:0 drr\n\nstep2. a class for packet aggregation do demonstrate uaf\ntc class add dev lo classid 1:1 drr\n\nstep3. a class for nesting\ntc class add dev lo classid 1:2 drr\n\nstep4. a class to graft qdisc to\ntc class add dev lo classid 1:3 drr\n\nstep5.\ntc qdisc add dev lo parent 1:1 handle 2:0 plug limit 1024\n\nstep6.\ntc qdisc add dev lo parent 1:2 handle 3:0 drr\n\nstep7.\ntc class add dev lo classid 3:1 drr\n\nstep 8.\ntc qdisc add dev lo parent 3:1 handle 4:0 pfifo\n\nstep 9. Display the class/qdisc layout\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nstep10. trigger the bug \u003c=== prevented by this patch\ntc qdisc replace dev lo parent 1:3 handle 4:0\n\nstep 11. Redisplay again the qdiscs/classes\n\ntc class ls dev lo\n class drr 1:1 root leaf 2: quantum 64Kb\n class drr 1:2 root leaf 3: quantum 64Kb\n class drr 1:3 root leaf 4: quantum 64Kb\n class drr 3:1 root leaf 4: quantum 64Kb\n\ntc qdisc ls\n qdisc drr 1: dev lo root refcnt 2\n qdisc plug 2: dev lo parent 1:1\n qdisc pfifo 4: dev lo parent 3:1 refcnt 2 limit 1000p\n qdisc drr 3: dev lo parent 1:2\n\nObserve that a) parent for 4:0 does not change despite the replace request.\nThere can only be one parent. b) refcount has gone up by two for 4:0 and\nc) both class 1:3 and 3:1 are pointing to it.\n\nStep 12. send one packet to plug\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10001))\nstep13. send one packet to the grafted fifo\necho \"\" | socat -u STDIN UDP4-DATAGRAM:127.0.0.1:8888,priority=$((0x10003))\n\nstep14. lets trigger the uaf\ntc class delete dev lo classid 1:3\ntc class delete dev lo classid 1:1\n\nThe semantics of \"replace\" is for a del/add _on the same node_ and not\na delete from one node(3:1) and add to another node (1:3) as in step10.\nWhile we could \"fix\" with a more complex approach there could be\nconsequences to expectations so the patch takes the preventive approach of\n\"disallow such config\".\n\nJoint work with Lion Ackermann \u003cnnamrec@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21700",
"url": "https://www.suse.com/security/cve/CVE-2025-21700"
},
{
"category": "external",
"summary": "SUSE Bug 1237159 for CVE-2025-21700",
"url": "https://bugzilla.suse.com/1237159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdc-acm: Check control transfer buffer size before access\n\nIf the first fragment is shorter than struct usb_cdc_notification, we can\u0027t\ncalculate an expected_size. Log an error and discard the notification\ninstead of reading lengths from memory outside the received data, which can\nlead to memory corruption when the expected_size decreases between\nfragments, causing `expected_size - acm-\u003enb_index` to wrap.\n\nThis issue has been present since the beginning of git history; however,\nit only leads to memory corruption since commit ea2583529cd1\n(\"cdc-acm: reassemble fragmented notifications\").\n\nA mitigating factor is that acm_ctrl_irq() can only execute after userspace\nhas opened /dev/ttyACM*; but if ModemManager is running, ModemManager will\ndo that automatically depending on the USB device\u0027s vendor/product IDs and\nits other interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21704",
"url": "https://www.suse.com/security/cve/CVE-2025-21704"
},
{
"category": "external",
"summary": "SUSE Bug 1237571 for CVE-2025-21704",
"url": "https://bugzilla.suse.com/1237571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle fastopen disconnect correctly\n\nSyzbot was able to trigger a data stream corruption:\n\n WARNING: CPU: 0 PID: 9846 at net/mptcp/protocol.c:1024 __mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Modules linked in:\n CPU: 0 UID: 0 PID: 9846 Comm: syz-executor351 Not tainted 6.13.0-rc2-syzkaller-00059-g00a5acdbf398 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\n RIP: 0010:__mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Code: fa ff ff 48 8b 4c 24 18 80 e1 07 fe c1 38 c1 0f 8c 8e fa ff ff 48 8b 7c 24 18 e8 e0 db 54 f6 e9 7f fa ff ff e8 e6 80 ee f5 90 \u003c0f\u003e 0b 90 4c 8b 6c 24 40 4d 89 f4 e9 04 f5 ff ff 44 89 f1 80 e1 07\n RSP: 0018:ffffc9000c0cf400 EFLAGS: 00010293\n RAX: ffffffff8bb0dd5a RBX: ffff888033f5d230 RCX: ffff888059ce8000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000c0cf518 R08: ffffffff8bb0d1dd R09: 1ffff110170c8928\n R10: dffffc0000000000 R11: ffffed10170c8929 R12: 0000000000000000\n R13: ffff888033f5d220 R14: dffffc0000000000 R15: ffff8880592b8000\n FS: 00007f6e866496c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f6e86f491a0 CR3: 00000000310e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup+0x7f/0x2d0 net/mptcp/protocol.c:1074\n mptcp_release_cb+0x7cb/0xb30 net/mptcp/protocol.c:3493\n release_sock+0x1aa/0x1f0 net/core/sock.c:3640\n inet_wait_for_connect net/ipv4/af_inet.c:609 [inline]\n __inet_stream_connect+0x8bd/0xf30 net/ipv4/af_inet.c:703\n mptcp_sendmsg_fastopen+0x2a2/0x530 net/mptcp/protocol.c:1755\n mptcp_sendmsg+0x1884/0x1b10 net/mptcp/protocol.c:1830\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f6e86ebfe69\n Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f6e86649168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f6e86f491b8 RCX: 00007f6e86ebfe69\n RDX: 0000000030004001 RSI: 0000000020000080 RDI: 0000000000000003\n RBP: 00007f6e86f491b0 R08: 00007f6e866496c0 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6e86f491bc\n R13: 000000000000006e R14: 00007ffe445d9420 R15: 00007ffe445d9508\n \u003c/TASK\u003e\n\nThe root cause is the bad handling of disconnect() generated internally\nby the MPTCP protocol in case of connect FASTOPEN errors.\n\nAddress the issue increasing the socket disconnect counter even on such\na case, to allow other threads waiting on the same socket lock to\nproperly error out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21705",
"url": "https://www.suse.com/security/cve/CVE-2025-21705"
},
{
"category": "external",
"summary": "SUSE Bug 1238525 for CVE-2025-21705",
"url": "https://bugzilla.suse.com/1238525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21705"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: enable basic endpoint checking\n\nSyzkaller reports [1] encountering a common issue of utilizing a wrong\nusb endpoint type during URB submitting stage. This, in turn, triggers\na warning shown below.\n\nFor now, enable simple endpoint checking (specifically, bulk and\ninterrupt eps, testing control one is not essential) to mitigate\nthe issue with a view to do other related cosmetic changes later,\nif they are necessary.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 1 PID: 2586 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 driv\u003e\nModules linked in:\nCPU: 1 UID: 0 PID: 2586 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00069-gfc88bb11617\u003e\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nCode: 84 3c 02 00 00 e8 05 e4 fc fc 4c 89 ef e8 fd 25 d7 fe 45 89 e0 89 e9 4c 89 f2 48 8\u003e\nRSP: 0018:ffffc9000441f740 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888112487a00 RCX: ffffffff811a99a9\nRDX: ffff88810df6ba80 RSI: ffffffff811a99b6 RDI: 0000000000000001\nRBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff8881023bf0a8 R14: ffff888112452a20 R15: ffff888112487a7c\nFS: 00007fc04eea5740(0000) GS:ffff8881f6300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0a1de9f870 CR3: 000000010dbd0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rtl8150_open+0x300/0xe30 drivers/net/usb/rtl8150.c:733\n __dev_open+0x2d4/0x4e0 net/core/dev.c:1474\n __dev_change_flags+0x561/0x720 net/core/dev.c:8838\n dev_change_flags+0x8f/0x160 net/core/dev.c:8910\n devinet_ioctl+0x127a/0x1f10 net/ipv4/devinet.c:1177\n inet_ioctl+0x3aa/0x3f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x116/0x280 net/socket.c:1222\n sock_ioctl+0x22e/0x6c0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fc04ef73d49\n...\n\nThis change has not been tested on real hardware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21708",
"url": "https://www.suse.com/security/cve/CVE-2025-21708"
},
{
"category": "external",
"summary": "SUSE Bug 1239087 for CVE-2025-21708",
"url": "https://bugzilla.suse.com/1239087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rose: prevent integer overflows in rose_setsockopt()\n\nIn case of possible unpredictably large arguments passed to\nrose_setsockopt() and multiplied by extra values on top of that,\ninteger overflows may occur.\n\nDo the safest minimum and fix these issues by checking the\ncontents of \u0027opt\u0027 and returning -EINVAL if they are too large. Also,\nswitch to unsigned int and remove useless check for negative \u0027opt\u0027\nin ROSE_IDLE case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21711",
"url": "https://www.suse.com/security/cve/CVE-2025-21711"
},
{
"category": "external",
"summary": "SUSE Bug 1239114 for CVE-2025-21711",
"url": "https://bugzilla.suse.com/1239114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP use after free\n\nPrevent double queueing of implicit ODP mr destroy work by using\n__xa_cmpxchg() to make sure this is the only time we are destroying this\nspecific mr.\n\nWithout this change, we could try to invalidate this mr twice, which in\nturn could result in queuing a MR work destroy twice, and eventually the\nsecond work could execute after the MR was freed due to the first work,\ncausing a user after free and trace below.\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 2 PID: 12178 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x130\n Modules linked in: bonding ib_ipoib vfio_pci ip_gre geneve nf_tables ip6_gre gre ip6_tunnel tunnel6 ipip tunnel4 ib_umad rdma_ucm mlx5_vfio_pci vfio_pci_core vfio_iommu_type1 mlx5_ib vfio ib_uverbs mlx5_core iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\n CPU: 2 PID: 12178 Comm: kworker/u20:5 Not tainted 6.5.0-rc1_net_next_mlx5_58c644e #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events_unbound free_implicit_child_mr_work [mlx5_ib]\n RIP: 0010:refcount_warn_saturate+0x12b/0x130\n Code: 48 c7 c7 38 95 2a 82 c6 05 bc c6 fe 00 01 e8 0c 66 aa ff 0f 0b 5b c3 48 c7 c7 e0 94 2a 82 c6 05 a7 c6 fe 00 01 e8 f5 65 aa ff \u003c0f\u003e 0b 5b c3 90 8b 07 3d 00 00 00 c0 74 12 83 f8 01 74 13 8d 50 ff\n RSP: 0018:ffff8881008e3e40 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000027\n RDX: ffff88852c91b5c8 RSI: 0000000000000001 RDI: ffff88852c91b5c0\n RBP: ffff8881dacd4e00 R08: 00000000ffffffff R09: 0000000000000019\n R10: 000000000000072e R11: 0000000063666572 R12: ffff88812bfd9e00\n R13: ffff8881c792d200 R14: ffff88810011c005 R15: ffff8881002099c0\n FS: 0000000000000000(0000) GS:ffff88852c900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5694b5e000 CR3: 00000001153f6003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0x12b/0x130\n free_implicit_child_mr_work+0x180/0x1b0 [mlx5_ib]\n process_one_work+0x1cc/0x3c0\n worker_thread+0x218/0x3c0\n kthread+0xc6/0xf0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21714",
"url": "https://www.suse.com/security/cve/CVE-2025-21714"
},
{
"category": "external",
"summary": "SUSE Bug 1237890 for CVE-2025-21714",
"url": "https://bugzilla.suse.com/1237890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: davicom: fix UAF in dm9000_drv_remove\n\ndm is netdev private data and it cannot be\nused after free_netdev() call. Using dm after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.\n\nThis is similar to the issue fixed in commit\nad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\").\n\nThis bug is detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21715",
"url": "https://www.suse.com/security/cve/CVE-2025-21715"
},
{
"category": "external",
"summary": "SUSE Bug 1237889 for CVE-2025-21715",
"url": "https://bugzilla.suse.com/1237889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21715"
},
{
"cve": "CVE-2025-21716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21716"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: Fix uninit-value in vxlan_vnifilter_dump()\n\nKMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1].\n\nIf the length of the netlink message payload is less than\nsizeof(struct tunnel_msg), vxlan_vnifilter_dump() accesses bytes\nbeyond the message. This can lead to uninit-value access. Fix this by\nreturning an error in such situations.\n\n[1]\nBUG: KMSAN: uninit-value in vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6786\n netlink_dump+0x93e/0x15f0 net/netlink/af_netlink.c:2317\n __netlink_dump_start+0x716/0xd60 net/netlink/af_netlink.c:2432\n netlink_dump_start include/linux/netlink.h:340 [inline]\n rtnetlink_dump_start net/core/rtnetlink.c:6815 [inline]\n rtnetlink_rcv_msg+0x1256/0x14a0 net/core/rtnetlink.c:6882\n netlink_rcv_skb+0x467/0x660 net/netlink/af_netlink.c:2542\n rtnetlink_rcv+0x35/0x40 net/core/rtnetlink.c:6944\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0xed6/0x1290 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x1092/0x1230 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4110 [inline]\n slab_alloc_node mm/slub.c:4153 [inline]\n kmem_cache_alloc_node_noprof+0x800/0xe80 mm/slub.c:4205\n kmalloc_reserve+0x13b/0x4b0 net/core/skbuff.c:587\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1323 [inline]\n netlink_alloc_large_skb+0xa5/0x280 net/netlink/af_netlink.c:1196\n netlink_sendmsg+0xac9/0x1230 net/netlink/af_netlink.c:1866\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 30991 Comm: syz.4.10630 Not tainted 6.12.0-10694-gc44daa7e3c73 #29\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21716",
"url": "https://www.suse.com/security/cve/CVE-2025-21716"
},
{
"category": "external",
"summary": "SUSE Bug 1237891 for CVE-2025-21716",
"url": "https://bugzilla.suse.com/1237891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21716"
},
{
"cve": "CVE-2025-21718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21718",
"url": "https://www.suse.com/security/cve/CVE-2025-21718"
},
{
"category": "external",
"summary": "SUSE Bug 1239073 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "external",
"summary": "SUSE Bug 1239074 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239074"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmr: do not call mr_mfc_uses_dev() for unres entries\n\nsyzbot found that calling mr_mfc_uses_dev() for unres entries\nwould crash [1], because c-\u003emfc_un.res.minvif / c-\u003emfc_un.res.maxvif\nalias to \"struct sk_buff_head unresolved\", which contain two pointers.\n\nThis code never worked, lets remove it.\n\n[1]\nUnable to handle kernel paging request at virtual address ffff5fff2d536613\nKASAN: maybe wild-memory-access in range [0xfffefff96a9b3098-0xfffefff96a9b309f]\nModules linked in:\nCPU: 1 UID: 0 PID: 7321 Comm: syz.0.16 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline]\n pc : mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334\n lr : mr_mfc_uses_dev net/ipv4/ipmr_base.c:289 [inline]\n lr : mr_table_dump+0x694/0x8b0 net/ipv4/ipmr_base.c:334\nCall trace:\n mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] (P)\n mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 (P)\n mr_rtm_dumproute+0x254/0x454 net/ipv4/ipmr_base.c:382\n ipmr_rtm_dumproute+0x248/0x4b4 net/ipv4/ipmr.c:2648\n rtnl_dump_all+0x2e4/0x4e8 net/core/rtnetlink.c:4327\n rtnl_dumpit+0x98/0x1d0 net/core/rtnetlink.c:6791\n netlink_dump+0x4f0/0xbc0 net/netlink/af_netlink.c:2317\n netlink_recvmsg+0x56c/0xe64 net/netlink/af_netlink.c:1973\n sock_recvmsg_nosec net/socket.c:1033 [inline]\n sock_recvmsg net/socket.c:1055 [inline]\n sock_read_iter+0x2d8/0x40c net/socket.c:1125\n new_sync_read fs/read_write.c:484 [inline]\n vfs_read+0x740/0x970 fs/read_write.c:565\n ksys_read+0x15c/0x26c fs/read_write.c:708",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21719",
"url": "https://www.suse.com/security/cve/CVE-2025-21719"
},
{
"category": "external",
"summary": "SUSE Bug 1238860 for CVE-2025-21719",
"url": "https://bugzilla.suse.com/1238860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix possible crash when setting up bsg fails\n\nIf bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.\nConsequently, in mpi3mr_bsg_exit(), the condition \"if(!mrioc-\u003ebsg_queue)\"\nwill not be satisfied, preventing execution from entering\nbsg_remove_queue(), which could lead to the following crash:\n\nBUG: kernel NULL pointer dereference, address: 000000000000041c\nCall Trace:\n \u003cTASK\u003e\n mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr]\n mpi3mr_remove+0x6f/0x340 [mpi3mr]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x19d/0x220\n unbind_store+0xa4/0xb0\n kernfs_fop_write_iter+0x11f/0x200\n vfs_write+0x1fc/0x3e0\n ksys_write+0x67/0xe0\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0xe2",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21723",
"url": "https://www.suse.com/security/cve/CVE-2025-21723"
},
{
"category": "external",
"summary": "SUSE Bug 1238864 for CVE-2025-21723",
"url": "https://bugzilla.suse.com/1238864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()\n\nResolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index()\nwhere shifting the constant \"1\" (of type int) by bitmap-\u003emapped.pgshift\n(an unsigned long value) could result in undefined behavior.\n\nThe constant \"1\" defaults to a 32-bit \"int\", and when \"pgshift\" exceeds\n31 (e.g., pgshift = 63) the shift operation overflows, as the result\ncannot be represented in a 32-bit type.\n\nTo resolve this, the constant is updated to \"1UL\", promoting it to an\nunsigned long type to match the operand\u0027s type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21724",
"url": "https://www.suse.com/security/cve/CVE-2025-21724"
},
{
"category": "external",
"summary": "SUSE Bug 1238863 for CVE-2025-21724",
"url": "https://bugzilla.suse.com/1238863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix oops due to unset link speed\n\nIt isn\u0027t guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will always\nbe set by the server, so the client must handle any values and then\nprevent oopses like below from happening:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 1323 Comm: cat Not tainted 6.13.0-rc7 #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nRIP: 0010:cifs_debug_data_proc_show+0xa45/0x1460 [cifs] Code: 00 00 48\n89 df e8 3b cd 1b c1 41 f6 44 24 2c 04 0f 84 50 01 00 00 48 89 ef e8\ne7 d0 1b c1 49 8b 44 24 18 31 d2 49 8d 7c 24 28 \u003c48\u003e f7 74 24 18 48 89\nc3 e8 6e cf 1b c1 41 8b 6c 24 28 49 8d 7c 24\nRSP: 0018:ffffc90001817be0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88811230022c RCX: ffffffffc041bd99\nRDX: 0000000000000000 RSI: 0000000000000567 RDI: ffff888112300228\nRBP: ffff888112300218 R08: fffff52000302f5f R09: ffffed1022fa58ac\nR10: ffff888117d2c566 R11: 00000000fffffffe R12: ffff888112300200\nR13: 000000012a15343f R14: 0000000000000001 R15: ffff888113f2db58\nFS: 00007fe27119e740(0000) GS:ffff888148600000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe2633c5000 CR3: 0000000124da0000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x27\n ? die+0x2e/0x50\n ? do_trap+0x159/0x1b0\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? do_error_trap+0x90/0x130\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? exc_divide_error+0x39/0x50\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? asm_exc_divide_error+0x1a/0x20\n ? cifs_debug_data_proc_show+0xa39/0x1460 [cifs]\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? seq_read_iter+0x42e/0x790\n seq_read_iter+0x19a/0x790\n proc_reg_read_iter+0xbe/0x110\n ? __pfx_proc_reg_read_iter+0x10/0x10\n vfs_read+0x469/0x570\n ? do_user_addr_fault+0x398/0x760\n ? __pfx_vfs_read+0x10/0x10\n ? find_held_lock+0x8a/0xa0\n ? __pfx_lock_release+0x10/0x10\n ksys_read+0xd3/0x170\n ? __pfx_ksys_read+0x10/0x10\n ? __rcu_read_unlock+0x50/0x270\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe271288911\nCode: 00 48 8b 15 01 25 10 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd e8\n20 ad 01 00 f3 0f 1e fa 80 3d b5 a7 10 00 00 74 13 31 c0 0f 05 \u003c48\u003e 3d\n00 f0 ff ff 77 4f c3 66 0f 1f 44 00 00 55 48 89 e5 48 83 ec\nRSP: 002b:00007ffe87c079d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\nRAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007fe271288911\nRDX: 0000000000040000 RSI: 00007fe2633c6000 RDI: 0000000000000003\nRBP: 00007ffe87c07a00 R08: 0000000000000000 R09: 00007fe2713e6380\nR10: 0000000000000022 R11: 0000000000000246 R12: 0000000000040000\nR13: 00007fe2633c6000 R14: 0000000000000003 R15: 0000000000000000\n \u003c/TASK\u003e\n\nFix this by setting cifs_server_iface::speed to a sane value (1Gbps)\nby default when link speed is unset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21725",
"url": "https://www.suse.com/security/cve/CVE-2025-21725"
},
{
"category": "external",
"summary": "SUSE Bug 1238877 for CVE-2025-21725",
"url": "https://bugzilla.suse.com/1238877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21725"
},
{
"cve": "CVE-2025-21726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: avoid UAF for reorder_work\n\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\n\ncrypto_request\t\t\tcrypto_request\t\tcrypto_del_alg\npadata_do_serial\n ...\n padata_reorder\n // processes all remaining\n // requests then breaks\n while (1) {\n if (!padata)\n break;\n ...\n }\n\n\t\t\t\tpadata_do_serial\n\t\t\t\t // new request added\n\t\t\t\t list_add\n // sees the new request\n queue_work(reorder_work)\n\t\t\t\t padata_reorder\n\t\t\t\t queue_work_on(squeue-\u003ework)\n...\n\n\t\t\t\t\u003ckworker context\u003e\n\t\t\t\tpadata_serial_worker\n\t\t\t\t// completes new request,\n\t\t\t\t// no more outstanding\n\t\t\t\t// requests\n\n\t\t\t\t\t\t\tcrypto_del_alg\n\t\t\t\t\t\t\t // free pd\n\n\u003ckworker context\u003e\ninvoke_padata_reorder\n // UAF of pd\n\nTo avoid UAF for \u0027reorder_work\u0027, get \u0027pd\u0027 ref before put \u0027reorder_work\u0027\ninto the \u0027serial_wq\u0027 and put \u0027pd\u0027 ref until the \u0027serial_wq\u0027 finish.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21726",
"url": "https://www.suse.com/security/cve/CVE-2025-21726"
},
{
"category": "external",
"summary": "SUSE Bug 1238865 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "external",
"summary": "SUSE Bug 1240837 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1240837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf \u0027mdelay(10)\u0027 is added before calling \u0027padata_find_next\u0027 in the\n\u0027padata_reorder\u0027 function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(\u0026pd-\u003erefcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps-\u003epd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in \u0027while\u0027, if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n\u0027padata_find_next\u0027, which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in \u0027padata_free_shell\u0027 wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21727",
"url": "https://www.suse.com/security/cve/CVE-2025-21727"
},
{
"category": "external",
"summary": "SUSE Bug 1237876 for CVE-2025-21727",
"url": "https://bugzilla.suse.com/1237876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Send signals asynchronously if !preemptible\n\nBPF programs can execute in all kinds of contexts and when a program\nrunning in a non-preemptible context uses the bpf_send_signal() kfunc,\nit will cause issues because this kfunc can sleep.\nChange `irqs_disabled()` to `!preemptible()`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21728",
"url": "https://www.suse.com/security/cve/CVE-2025-21728"
},
{
"category": "external",
"summary": "SUSE Bug 1237879 for CVE-2025-21728",
"url": "https://bugzilla.suse.com/1237879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix race between cancel_hw_scan and hw_scan completion\n\nThe rtwdev-\u003escanning flag isn\u0027t protected by mutex originally, so\ncancel_hw_scan can pass the condition, but suddenly hw_scan completion\nunset the flag and calls ieee80211_scan_completed() that will free\nlocal-\u003ehw_scan_req. Then, cancel_hw_scan raises null-ptr-deref and\nuse-after-free. Fix it by moving the check condition to where\nprotected by mutex.\n\n KASAN: null-ptr-deref in range [0x0000000000000088-0x000000000000008f]\n CPU: 2 PID: 6922 Comm: kworker/2:2 Tainted: G OE\n Hardware name: LENOVO 2356AD1/2356AD1, BIOS G7ETB6WW (2.76 ) 09/10/2019\n Workqueue: events cfg80211_conn_work [cfg80211]\n RIP: 0010:rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n Code: 00 45 89 6c 24 1c 0f 85 23 01 00 00 48 8b 85 20 ff ff ff 48 8d\n RSP: 0018:ffff88811fd9f068 EFLAGS: 00010206\n RAX: dffffc0000000000 RBX: ffff88811fd9f258 RCX: 0000000000000001\n RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000089\n RBP: ffff88811fd9f170 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff88811fd9f108 R11: 0000000000000000 R12: ffff88810e47f960\n R13: 0000000000000000 R14: 000000000000ffff R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8881d6f00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007531dfca55b0 CR3: 00000001be296004 CR4: 00000000001706e0\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x61/0x73\n ? __die_body+0x20/0x73\n ? die_addr+0x4f/0x7b\n ? exc_general_protection+0x191/0x1db\n ? asm_exc_general_protection+0x27/0x30\n ? rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n ? rtw89_fw_h2c_scan_offload_be+0x458/0x13c3 [rtw89_core]\n ? __pfx_rtw89_fw_h2c_scan_offload_be+0x10/0x10 [rtw89_core]\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx_do_raw_spin_lock+0x10/0x10\n rtw89_hw_scan_offload+0xb5e/0xbf7 [rtw89_core]\n ? _raw_spin_unlock+0xe/0x24\n ? __mutex_lock.constprop.0+0x40c/0x471\n ? __pfx_rtw89_hw_scan_offload+0x10/0x10 [rtw89_core]\n ? __mutex_lock_slowpath+0x13/0x1f\n ? mutex_lock+0xa2/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n rtw89_hw_scan_abort+0x58/0xb7 [rtw89_core]\n rtw89_ops_cancel_hw_scan+0x120/0x13b [rtw89_core]\n ieee80211_scan_cancel+0x468/0x4d0 [mac80211]\n ieee80211_prep_connection+0x858/0x899 [mac80211]\n ieee80211_mgd_auth+0xbea/0xdde [mac80211]\n ? __pfx_ieee80211_mgd_auth+0x10/0x10 [mac80211]\n ? cfg80211_find_elem+0x15/0x29 [cfg80211]\n ? is_bss+0x1b7/0x1d7 [cfg80211]\n ieee80211_auth+0x18/0x27 [mac80211]\n cfg80211_mlme_auth+0x3bb/0x3e7 [cfg80211]\n cfg80211_conn_do_work+0x410/0xb81 [cfg80211]\n ? __pfx_cfg80211_conn_do_work+0x10/0x10 [cfg80211]\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? __kasan_check_write+0x14/0x22\n ? mutex_lock+0x8e/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n ? __pfx___radix_tree_lookup+0x10/0x10\n cfg80211_conn_work+0x245/0x34d [cfg80211]\n ? __pfx_cfg80211_conn_work+0x10/0x10 [cfg80211]\n ? update_cfs_rq_load_avg+0x3bc/0x3d7\n ? sched_clock_noinstr+0x9/0x1a\n ? sched_clock+0x10/0x24\n ? sched_clock_cpu+0x7e/0x42e\n ? newidle_balance+0x796/0x937\n ? __pfx_sched_clock_cpu+0x10/0x10\n ? __pfx_newidle_balance+0x10/0x10\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? _raw_spin_unlock+0xe/0x24\n ? raw_spin_rq_unlock+0x47/0x54\n ? raw_spin_rq_unlock_irq+0x9/0x1f\n ? finish_task_switch.isra.0+0x347/0x586\n ? __schedule+0x27bf/0x2892\n ? mutex_unlock+0x80/0xd0\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx___schedule+0x10/0x10\n process_scheduled_works+0x58c/0x821\n worker_thread+0x4c7/0x586\n ? __kasan_check_read+0x11/0x1f\n kthread+0x285/0x294\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x6f\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21729",
"url": "https://www.suse.com/security/cve/CVE-2025-21729"
},
{
"category": "external",
"summary": "SUSE Bug 1237874 for CVE-2025-21729",
"url": "https://bugzilla.suse.com/1237874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21729"
},
{
"cve": "CVE-2025-21731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd-\u003erecv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -\u003e succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -\u003e succeed\n nbd_reconnect_socket\n queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -\u003e nbd_config is freed\n atomic_dec(\u0026config-\u003erecv_threads)\n -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21731",
"url": "https://www.suse.com/security/cve/CVE-2025-21731"
},
{
"category": "external",
"summary": "SUSE Bug 1237881 for CVE-2025-21731",
"url": "https://bugzilla.suse.com/1237881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error\n\nThis patch addresses a race condition for an ODP MR that can result in a\nCQE with an error on the UMR QP.\n\nDuring the __mlx5_ib_dereg_mr() flow, the following sequence of calls\noccurs:\n\nmlx5_revoke_mr()\n mlx5r_umr_revoke_mr()\n mlx5r_umr_post_send_wait()\n\nAt this point, the lkey is freed from the hardware\u0027s perspective.\n\nHowever, concurrently, mlx5_ib_invalidate_range() might be triggered by\nanother task attempting to invalidate a range for the same freed lkey.\n\nThis task will:\n - Acquire the umem_odp-\u003eumem_mutex lock.\n - Call mlx5r_umr_update_xlt() on the UMR QP.\n - Since the lkey has already been freed, this can lead to a CQE error,\n causing the UMR QP to enter an error state [1].\n\nTo resolve this race condition, the umem_odp-\u003eumem_mutex lock is now also\nacquired as part of the mlx5_revoke_mr() scope. Upon successful revoke,\nwe set umem_odp-\u003eprivate which points to that MR to NULL, preventing any\nfurther invalidation attempts on its lkey.\n\n[1] From dmesg:\n\n infiniband rocep8s0f0: dump_cqe:277:(pid 0): WC error: 6, Message: memory bind operation error\n cqe_dump: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000030: 00 00 00 00 08 00 78 06 25 00 11 b9 00 0e dd d2\n\n WARNING: CPU: 15 PID: 1506 at drivers/infiniband/hw/mlx5/umr.c:394 mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n Modules linked in: ip6table_mangle ip6table_natip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\n CPU: 15 UID: 0 PID: 1506 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1626\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n [..]\n Call Trace:\n \u003cTASK\u003e\n mlx5r_umr_update_xlt+0x23c/0x3e0 [mlx5_ib]\n mlx5_ib_invalidate_range+0x2e1/0x330 [mlx5_ib]\n __mmu_notifier_invalidate_range_start+0x1e1/0x240\n zap_page_range_single+0xf1/0x1a0\n madvise_vma_behavior+0x677/0x6e0\n do_madvise+0x1a2/0x4b0\n __x64_sys_madvise+0x25/0x30\n do_syscall_64+0x6b/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21732",
"url": "https://www.suse.com/security/cve/CVE-2025-21732"
},
{
"category": "external",
"summary": "SUSE Bug 1237877 for CVE-2025-21732",
"url": "https://bugzilla.suse.com/1237877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Fix resetting of tracepoints\n\nIf a timerlat tracer is started with the osnoise option OSNOISE_WORKLOAD\ndisabled, but then that option is enabled and timerlat is removed, the\ntracepoints that were enabled on timerlat registration do not get\ndisabled. If the option is disabled again and timelat is started, then it\ntriggers a warning in the tracepoint code due to registering the\ntracepoint again without ever disabling it.\n\nDo not use the same user space defined options to know to disable the\ntracepoints when timerlat is removed. Instead, set a global flag when it\nis enabled and use that flag to know to disable the events.\n\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n ~# echo OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo nop \u003e /sys/kernel/tracing/current_tracer\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n\nTriggers:\n\n ------------[ cut here ]------------\n WARNING: CPU: 6 PID: 1337 at kernel/tracepoint.c:294 tracepoint_add_func+0x3b6/0x3f0\n Modules linked in:\n CPU: 6 UID: 0 PID: 1337 Comm: rtla Not tainted 6.13.0-rc4-test-00018-ga867c441128e-dirty #73\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:tracepoint_add_func+0x3b6/0x3f0\n Code: 48 8b 53 28 48 8b 73 20 4c 89 04 24 e8 23 59 11 00 4c 8b 04 24 e9 36 fe ff ff 0f 0b b8 ea ff ff ff 45 84 e4 0f 84 68 fe ff ff \u003c0f\u003e 0b e9 61 fe ff ff 48 8b 7b 18 48 85 ff 0f 84 4f ff ff ff 49 8b\n RSP: 0018:ffffb9b003a87ca0 EFLAGS: 00010202\n RAX: 00000000ffffffef RBX: ffffffff92f30860 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9bf59e91ccd0 RDI: ffffffff913b6410\n RBP: 000000000000000a R08: 00000000000005c7 R09: 0000000000000002\n R10: ffffb9b003a87ce0 R11: 0000000000000002 R12: 0000000000000001\n R13: ffffb9b003a87ce0 R14: ffffffffffffffef R15: 0000000000000008\n FS: 00007fce81209240(0000) GS:ffff9bf6fdd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055e99b728000 CR3: 00000001277c0002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ? __warn.cold+0xb7/0x14d\n ? tracepoint_add_func+0x3b6/0x3f0\n ? report_bug+0xea/0x170\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? tracepoint_add_func+0x3b6/0x3f0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n tracepoint_probe_register+0x78/0xb0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n osnoise_workload_start+0x2b5/0x370\n timerlat_tracer_init+0x76/0x1b0\n tracing_set_tracer+0x244/0x400\n tracing_set_trace_write+0xa0/0xe0\n vfs_write+0xfc/0x570\n ? do_sys_openat2+0x9c/0xe0\n ksys_write+0x72/0xf0\n do_syscall_64+0x79/0x1c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21733",
"url": "https://www.suse.com/security/cve/CVE-2025-21733"
},
{
"category": "external",
"summary": "SUSE Bug 1238494 for CVE-2025-21733",
"url": "https://bugzilla.suse.com/1238494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21734",
"url": "https://www.suse.com/security/cve/CVE-2025-21734"
},
{
"category": "external",
"summary": "SUSE Bug 1238734 for CVE-2025-21734",
"url": "https://bugzilla.suse.com/1238734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21735",
"url": "https://www.suse.com/security/cve/CVE-2025-21735"
},
{
"category": "external",
"summary": "SUSE Bug 1238497 for CVE-2025-21735",
"url": "https://bugzilla.suse.com/1238497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix possible int overflows in nilfs_fiemap()\n\nSince nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result\nby being prepared to go through potentially maxblocks == INT_MAX blocks,\nthe value in n may experience an overflow caused by left shift of blkbits.\n\nWhile it is extremely unlikely to occur, play it safe and cast right hand\nexpression to wider type to mitigate the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with static analysis\ntool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21736",
"url": "https://www.suse.com/security/cve/CVE-2025-21736"
},
{
"category": "external",
"summary": "SUSE Bug 1238715 for CVE-2025-21736",
"url": "https://bugzilla.suse.com/1238715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21738",
"url": "https://www.suse.com/security/cve/CVE-2025-21738"
},
{
"category": "external",
"summary": "SUSE Bug 1238917 for CVE-2025-21738",
"url": "https://bugzilla.suse.com/1238917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21741",
"url": "https://www.suse.com/security/cve/CVE-2025-21741"
},
{
"category": "external",
"summary": "SUSE Bug 1238767 for CVE-2025-21741",
"url": "https://bugzilla.suse.com/1238767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21742",
"url": "https://www.suse.com/security/cve/CVE-2025-21742"
},
{
"category": "external",
"summary": "SUSE Bug 1238771 for CVE-2025-21742",
"url": "https://bugzilla.suse.com/1238771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix possible overflow in DPE length check\n\nOriginally, it was possible for the DPE length check to overflow if\nwDatagramIndex + wDatagramLength \u003e U16_MAX. This could lead to an OoB\nread.\n\nMove the wDatagramIndex term to the other side of the inequality.\n\nAn existing condition ensures that wDatagramIndex \u003c urb-\u003eactual_length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21743",
"url": "https://www.suse.com/security/cve/CVE-2025-21743"
},
{
"category": "external",
"summary": "SUSE Bug 1238781 for CVE-2025-21743",
"url": "https://bugzilla.suse.com/1238781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr-\u003eif2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp-\u003endev-\u003estats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21744",
"url": "https://www.suse.com/security/cve/CVE-2025-21744"
},
{
"category": "external",
"summary": "SUSE Bug 1238903 for CVE-2025-21744",
"url": "https://bugzilla.suse.com/1238903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21745",
"url": "https://www.suse.com/security/cve/CVE-2025-21745"
},
{
"category": "external",
"summary": "SUSE Bug 1238785 for CVE-2025-21745",
"url": "https://bugzilla.suse.com/1238785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21749",
"url": "https://www.suse.com/security/cve/CVE-2025-21749"
},
{
"category": "external",
"summary": "SUSE Bug 1238904 for CVE-2025-21749",
"url": "https://bugzilla.suse.com/1238904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "low"
}
],
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS: 00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21750",
"url": "https://www.suse.com/security/cve/CVE-2025-21750"
},
{
"category": "external",
"summary": "SUSE Bug 1238905 for CVE-2025-21750",
"url": "https://bugzilla.suse.com/1238905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn\u0027t cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n ASSERT(!(flags \u0026 ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n FAULT_INJECTION: forcing a failure.\n name failslab, interval 1, probability 0, space 0, times 1\n CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n fail_dump lib/fault-inject.c:53 [inline]\n should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n should_failslab+0xac/0x100 mm/failslab.c:46\n slab_pre_alloc_hook mm/slub.c:4072 [inline]\n slab_alloc_node mm/slub.c:4148 [inline]\n __do_kmalloc_node mm/slub.c:4297 [inline]\n __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_pwritev fs/read_write.c:1146 [inline]\n __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f1281f85d29\n RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n \u003c/TASK\u003e\n BTRFS error (device loop0 state A): Transaction aborted (error -12)\n BTRFS: error (device loop0 state A\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21754",
"url": "https://www.suse.com/security/cve/CVE-2025-21754"
},
{
"category": "external",
"summary": "SUSE Bug 1238496 for CVE-2025-21754",
"url": "https://bugzilla.suse.com/1238496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21755"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21755",
"url": "https://www.suse.com/security/cve/CVE-2025-21755"
},
{
"category": "external",
"summary": "SUSE Bug 1237882 for CVE-2025-21755",
"url": "https://bugzilla.suse.com/1237882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21755"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context\n\nThe following bug report happened with a PREEMPT_RT kernel:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n get_random_u32+0x4f/0x110\n clocksource_verify_choose_cpus+0xab/0x1a0\n clocksource_verify_percpu.part.0+0x6b/0x330\n clocksource_watchdog_kthread+0x193/0x1a0\n\nIt is due to the fact that clocksource_verify_choose_cpus() is invoked with\npreemption disabled. This function invokes get_random_u32() to obtain\nrandom numbers for choosing CPUs. The batched_entropy_32 local lock and/or\nthe base_crng.lock spinlock in driver/char/random.c will be acquired during\nthe call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot\nbe acquired in atomic context.\n\nFix this problem by using migrate_disable() to allow smp_processor_id() to\nbe reliably used without introducing atomic context. preempt_disable() is\nthen called after clocksource_verify_choose_cpus() but before the\nclocksource measurement is being run to avoid introducing unexpected\nlatency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21767",
"url": "https://www.suse.com/security/cve/CVE-2025-21767"
},
{
"category": "external",
"summary": "SUSE Bug 1238509 for CVE-2025-21767",
"url": "https://bugzilla.suse.com/1238509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial\n\nThe driver assumed that es58x_dev-\u003eudev-\u003eserial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev-\u003eudev-\u003eserial before accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21773",
"url": "https://www.suse.com/security/cve/CVE-2025-21773"
},
{
"category": "external",
"summary": "SUSE Bug 1238762 for CVE-2025-21773",
"url": "https://bugzilla.suse.com/1238762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21775",
"url": "https://www.suse.com/security/cve/CVE-2025-21775"
},
{
"category": "external",
"summary": "SUSE Bug 1238501 for CVE-2025-21775",
"url": "https://bugzilla.suse.com/1238501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: hub: Ignore non-compliant devices with too many configs or interfaces\n\nRobert Morris created a test program which can cause\nusb_hub_to_struct_hub() to dereference a NULL or inappropriate\npointer:\n\nOops: general protection fault, probably for non-canonical address\n0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI\nCPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14\nHardware name: FreeBSD BHYVE/BHYVE, BIOS 14.0 10/17/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_hub_adjust_deviceremovable+0x78/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x31/0x80\n ? exc_general_protection+0x1b4/0x3c0\n ? asm_exc_general_protection+0x26/0x30\n ? usb_hub_adjust_deviceremovable+0x78/0x110\n hub_probe+0x7c7/0xab0\n usb_probe_interface+0x14b/0x350\n really_probe+0xd0/0x2d0\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x6e/0x110\n driver_probe_device+0x1a/0x90\n __device_attach_driver+0x7e/0xc0\n bus_for_each_drv+0x7f/0xd0\n __device_attach+0xaa/0x1a0\n bus_probe_device+0x8b/0xa0\n device_add+0x62e/0x810\n usb_set_configuration+0x65d/0x990\n usb_generic_driver_probe+0x4b/0x70\n usb_probe_device+0x36/0xd0\n\nThe cause of this error is that the device has two interfaces, and the\nhub driver binds to interface 1 instead of interface 0, which is where\nusb_hub_to_struct_hub() looks.\n\nWe can prevent the problem from occurring by refusing to accept hub\ndevices that violate the USB spec by having more than one\nconfiguration or interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21776",
"url": "https://www.suse.com/security/cve/CVE-2025-21776"
},
{
"category": "external",
"summary": "SUSE Bug 1238909 for CVE-2025-21776",
"url": "https://bugzilla.suse.com/1238909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21779",
"url": "https://www.suse.com/security/cve/CVE-2025-21779"
},
{
"category": "external",
"summary": "SUSE Bug 1238768 for CVE-2025-21779",
"url": "https://bugzilla.suse.com/1238768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21780",
"url": "https://www.suse.com/security/cve/CVE-2025-21780"
},
{
"category": "external",
"summary": "SUSE Bug 1239115 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "external",
"summary": "SUSE Bug 1239116 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn\u0027t a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh-\u003ebat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21781",
"url": "https://www.suse.com/security/cve/CVE-2025-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1238735 for CVE-2025-21781",
"url": "https://bugzilla.suse.com/1238735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21784",
"url": "https://www.suse.com/security/cve/CVE-2025-21784"
},
{
"category": "external",
"summary": "SUSE Bug 1238510 for CVE-2025-21784",
"url": "https://bugzilla.suse.com/1238510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21785",
"url": "https://www.suse.com/security/cve/CVE-2025-21785"
},
{
"category": "external",
"summary": "SUSE Bug 1238747 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "external",
"summary": "SUSE Bug 1240745 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1240745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: check vxlan_vnigroup_init() return value\n\nvxlan_init() must check vxlan_vnigroup_init() success\notherwise a crash happens later, spotted by syzbot.\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000002c: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000160-0x0000000000000167]\nCPU: 0 UID: 0 PID: 7313 Comm: syz-executor147 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:vxlan_vnigroup_uninit+0x89/0x500 drivers/net/vxlan/vxlan_vnifilter.c:912\nCode: 00 48 8b 44 24 08 4c 8b b0 98 41 00 00 49 8d 86 60 01 00 00 48 89 c2 48 89 44 24 10 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4d 04 00 00 49 8b 86 60 01 00 00 48 ba 00 00 00\nRSP: 0018:ffffc9000cc1eea8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff8672effb\nRDX: 000000000000002c RSI: ffffffff8672ecb9 RDI: ffff8880461b4f18\nRBP: ffff8880461b4ef4 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000020000\nR13: ffff8880461b0d80 R14: 0000000000000000 R15: dffffc0000000000\nFS: 00007fecfa95d6c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fecfa95cfb8 CR3: 000000004472c000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vxlan_uninit+0x1ab/0x200 drivers/net/vxlan/vxlan_core.c:2942\n unregister_netdevice_many_notify+0x12d6/0x1f30 net/core/dev.c:11824\n unregister_netdevice_many net/core/dev.c:11866 [inline]\n unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11736\n register_netdevice+0x1829/0x1eb0 net/core/dev.c:10901\n __vxlan_dev_create+0x7c6/0xa30 drivers/net/vxlan/vxlan_core.c:3981\n vxlan_newlink+0xd1/0x130 drivers/net/vxlan/vxlan_core.c:4407\n rtnl_newlink_create net/core/rtnetlink.c:3795 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21790",
"url": "https://www.suse.com/security/cve/CVE-2025-21790"
},
{
"category": "external",
"summary": "SUSE Bug 1238753 for CVE-2025-21790",
"url": "https://bugzilla.suse.com/1238753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21790"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21793",
"url": "https://www.suse.com/security/cve/CVE-2025-21793"
},
{
"category": "external",
"summary": "SUSE Bug 1238500 for CVE-2025-21793",
"url": "https://bugzilla.suse.com/1238500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()\n\nSyzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from\nhid-thrustmaster driver. This array is passed to usb_check_int_endpoints\nfunction from usb.c core driver, which executes a for loop that iterates\nover the elements of the passed array. Not finding a null element at the end of\nthe array, it tries to read the next, non-existent element, crashing the kernel.\n\nTo fix this, a 0 element was added at the end of the array to break the for\nloop.\n\n[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21794",
"url": "https://www.suse.com/security/cve/CVE-2025-21794"
},
{
"category": "external",
"summary": "SUSE Bug 1238502 for CVE-2025-21794",
"url": "https://bugzilla.suse.com/1238502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix hang in nfsd4_shutdown_callback\n\nIf nfs4_client is in courtesy state then there is no point to send\nthe callback. This causes nfsd4_shutdown_callback to hang since\ncl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP\nnotifies NFSD that the connection was dropped.\n\nThis patch modifies nfsd4_run_cb_work to skip the RPC call if\nnfs4_client is in courtesy state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21795",
"url": "https://www.suse.com/security/cve/CVE-2025-21795"
},
{
"category": "external",
"summary": "SUSE Bug 1238759 for CVE-2025-21795",
"url": "https://bugzilla.suse.com/1238759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()\n\nWhen getting the IRQ we use k3_udma_glue_tx_get_irq() which returns\nnegative error value on error. So not NULL check is not sufficient\nto deteremine if IRQ is valid. Check that IRQ is greater then zero\nto ensure it is valid.\n\nThere is no issue at probe time but at runtime user can invoke\n.set_channels which results in the following call chain.\nam65_cpsw_set_channels()\n am65_cpsw_nuss_update_tx_rx_chns()\n am65_cpsw_nuss_remove_tx_chns()\n am65_cpsw_nuss_init_tx_chns()\n\nAt this point if am65_cpsw_nuss_init_tx_chns() fails due to\nk3_udma_glue_tx_get_irq() then tx_chn-\u003eirq will be set to a\nnegative value.\n\nThen, at subsequent .set_channels with higher channel count we\nwill attempt to free an invalid IRQ in am65_cpsw_nuss_remove_tx_chns()\nleading to a kernel warning.\n\nThe issue is present in the original commit that introduced this driver,\nalthough there, am65_cpsw_nuss_update_tx_rx_chns() existed as\nam65_cpsw_nuss_update_tx_chns().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21799",
"url": "https://www.suse.com/security/cve/CVE-2025-21799"
},
{
"category": "external",
"summary": "SUSE Bug 1238739 for CVE-2025-21799",
"url": "https://bugzilla.suse.com/1238739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21799"
},
{
"cve": "CVE-2025-21802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix oops when unload drivers paralleling\n\nWhen unload hclge driver, it tries to disable sriov first for each\nae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at\nthe time, because it removes all the ae_dev nodes, and it may cause\noops.\n\nBut we can\u0027t simply use hnae3_common_lock for this. Because in the\nprocess flow of pci_disable_sriov(), it will trigger the remove flow\nof VF, which will also take hnae3_common_lock.\n\nTo fixes it, introduce a new mutex to protect the unload process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21802",
"url": "https://www.suse.com/security/cve/CVE-2025-21802"
},
{
"category": "external",
"summary": "SUSE Bug 1238751 for CVE-2025-21802",
"url": "https://bugzilla.suse.com/1238751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21802"
},
{
"cve": "CVE-2025-21804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n $ cat /proc/iomem\n 30000000-37ffffff :\n 38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n $ cat /proc/iomem\n 30000000-37ffffff : memory2\n 38000000-3fffffff : memory3\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21804",
"url": "https://www.suse.com/security/cve/CVE-2025-21804"
},
{
"category": "external",
"summary": "SUSE Bug 1238736 for CVE-2025-21804",
"url": "https://bugzilla.suse.com/1238736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: let net.core.dev_weight always be non-zero\n\nThe following problem was encountered during stability test:\n\n(NULL net_device): NAPI poll function process_backlog+0x0/0x530 \\\n\treturned 1, exceeding its budget of 0.\n------------[ cut here ]------------\nlist_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \\\n\tnext=ffff88905f746e40.\nWARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \\\n\t__list_add_valid_or_report+0xf3/0x130\nCPU: 18 UID: 0 PID: 5462 Comm: ping Kdump: loaded Not tainted 6.13.0-rc7+\nRIP: 0010:__list_add_valid_or_report+0xf3/0x130\nCall Trace:\n? __warn+0xcd/0x250\n? __list_add_valid_or_report+0xf3/0x130\nenqueue_to_backlog+0x923/0x1070\nnetif_rx_internal+0x92/0x2b0\n__netif_rx+0x15/0x170\nloopback_xmit+0x2ef/0x450\ndev_hard_start_xmit+0x103/0x490\n__dev_queue_xmit+0xeac/0x1950\nip_finish_output2+0x6cc/0x1620\nip_output+0x161/0x270\nip_push_pending_frames+0x155/0x1a0\nraw_sendmsg+0xe13/0x1550\n__sys_sendto+0x3bf/0x4e0\n__x64_sys_sendto+0xdc/0x1b0\ndo_syscall_64+0x5b/0x170\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe reproduction command is as follows:\n sysctl -w net.core.dev_weight=0\n ping 127.0.0.1\n\nThis is because when the napi\u0027s weight is set to 0, process_backlog() may\nreturn 0 and clear the NAPI_STATE_SCHED bit of napi-\u003estate, causing this\nnapi to be re-polled in net_rx_action() until __do_softirq() times out.\nSince the NAPI_STATE_SCHED bit has been cleared, napi_schedule_rps() can\nbe retriggered in enqueue_to_backlog(), causing this issue.\n\nMaking the napi\u0027s weight always non-zero solves this problem.\n\nTriggering this issue requires system-wide admin (setting is\nnot namespaced).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21806",
"url": "https://www.suse.com/security/cve/CVE-2025-21806"
},
{
"category": "external",
"summary": "SUSE Bug 1238746 for CVE-2025-21806",
"url": "https://bugzilla.suse.com/1238746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21806"
},
{
"cve": "CVE-2025-21810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: class: Fix wild pointer dereferences in API class_dev_iter_next()\n\nThere are a potential wild pointer dereferences issue regarding APIs\nclass_dev_iter_(init|next|exit)(), as explained by below typical usage:\n\n// All members of @iter are wild pointers.\nstruct class_dev_iter iter;\n\n// class_dev_iter_init(@iter, @class, ...) checks parameter @class for\n// potential class_to_subsys() error, and it returns void type and does\n// not initialize its output parameter @iter, so caller can not detect\n// the error and continues to invoke class_dev_iter_next(@iter) even if\n// @iter still contains wild pointers.\nclass_dev_iter_init(\u0026iter, ...);\n\n// Dereference these wild pointers in @iter here once suffer the error.\nwhile (dev = class_dev_iter_next(\u0026iter)) { ... };\n\n// Also dereference these wild pointers here.\nclass_dev_iter_exit(\u0026iter);\n\nActually, all callers of these APIs have such usage pattern in kernel tree.\nFix by:\n- Initialize output parameter @iter by memset() in class_dev_iter_init()\n and give callers prompt by pr_crit() for the error.\n- Check if @iter is valid in class_dev_iter_next().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21810",
"url": "https://www.suse.com/security/cve/CVE-2025-21810"
},
{
"category": "external",
"summary": "SUSE Bug 1238757 for CVE-2025-21810",
"url": "https://bugzilla.suse.com/1238757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/compaction: fix UBSAN shift-out-of-bounds warning\n\nsyzkaller reported a UBSAN shift-out-of-bounds warning of (1UL \u003c\u003c order)\nin isolate_freepages_block(). The bogus compound_order can be any value\nbecause it is union with flags. Add back the MAX_PAGE_ORDER check to fix\nthe warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21815",
"url": "https://www.suse.com/security/cve/CVE-2025-21815"
},
{
"category": "external",
"summary": "SUSE Bug 1238474 for CVE-2025-21815",
"url": "https://bugzilla.suse.com/1238474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/display: Use HW lock mgr for PSR1\"\n\nThis reverts commit\na2b5a9956269 (\"drm/amd/display: Use HW lock mgr for PSR1\")\n\nBecause it may cause system hang while connect with two edp panel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21819",
"url": "https://www.suse.com/security/cve/CVE-2025-21819"
},
{
"category": "external",
"summary": "SUSE Bug 1238994 for CVE-2025-21819",
"url": "https://bugzilla.suse.com/1238994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port-\u003esysrq)\n uart_port_lock(port)\n uart_handle_break()\n port-\u003esysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port-\u003esysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port-\u003esysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21820",
"url": "https://www.suse.com/security/cve/CVE-2025-21820"
},
{
"category": "external",
"summary": "SUSE Bug 1238479 for CVE-2025-21820",
"url": "https://bugzilla.suse.com/1238479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21823",
"url": "https://www.suse.com/security/cve/CVE-2025-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1238475 for CVE-2025-21823",
"url": "https://bugzilla.suse.com/1238475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Cancel the running bpf_timer through kworker for PREEMPT_RT\n\nDuring the update procedure, when overwrite element in a pre-allocated\nhtab, the freeing of old_element is protected by the bucket lock. The\nreason why the bucket lock is necessary is that the old_element has\nalready been stashed in htab-\u003eextra_elems after alloc_htab_elem()\nreturns. If freeing the old_element after the bucket lock is unlocked,\nthe stashed element may be reused by concurrent update procedure and the\nfreeing of old_element will run concurrently with the reuse of the\nold_element. However, the invocation of check_and_free_fields() may\nacquire a spin-lock which violates the lockdep rule because its caller\nhas already held a raw-spin-lock (bucket lock). The following warning\nwill be reported when such race happens:\n\n BUG: scheduling while atomic: test_progs/676/0x00000003\n 3 locks held by test_progs/676:\n #0: ffffffff864b0240 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830\n #1: ffff88810e961188 (\u0026htab-\u003elockdep_key){....}-{2:2}, at: htab_map_update_elem+0x306/0x1500\n #2: ffff8881f4eac1b8 (\u0026base-\u003esoftirq_expiry_lock){....}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0\n Modules linked in: bpf_testmod(O)\n Preemption disabled at:\n [\u003cffffffff817837a3\u003e] htab_map_update_elem+0x293/0x1500\n CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G ... 6.12.0+ #11\n Tainted: [W]=WARN, [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n __schedule_bug+0x120/0x170\n __schedule+0x300c/0x4800\n schedule_rtlock+0x37/0x60\n rtlock_slowlock_locked+0x6d9/0x54c0\n rt_spin_lock+0x168/0x230\n hrtimer_cancel_wait_running+0xe9/0x1b0\n hrtimer_cancel+0x24/0x30\n bpf_timer_delete_work+0x1d/0x40\n bpf_timer_cancel_and_free+0x5e/0x80\n bpf_obj_free_fields+0x262/0x4a0\n check_and_free_fields+0x1d0/0x280\n htab_map_update_elem+0x7fc/0x1500\n bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43\n bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e\n bpf_prog_test_run_syscall+0x322/0x830\n __sys_bpf+0x135d/0x3ca0\n __x64_sys_bpf+0x75/0xb0\n x64_sys_call+0x1b5/0xa10\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n ...\n \u003c/TASK\u003e\n\nIt seems feasible to break the reuse and refill of per-cpu extra_elems\ninto two independent parts: reuse the per-cpu extra_elems with bucket\nlock being held and refill the old_element as per-cpu extra_elems after\nthe bucket lock is unlocked. However, it will make the concurrent\noverwrite procedures on the same CPU return unexpected -E2BIG error when\nthe map is full.\n\nTherefore, the patch fixes the lock problem by breaking the cancelling\nof bpf_timer into two steps for PREEMPT_RT:\n1) use hrtimer_try_to_cancel() and check its return value\n2) if the timer is running, use hrtimer_cancel() through a kworker to\n cancel it again\nConsidering that the current implementation of hrtimer_cancel() will try\nto acquire a being held softirq_expiry_lock when the current timer is\nrunning, these steps above are reasonable. However, it also has\ndownside. When the timer is running, the cancelling of the timer is\ndelayed when releasing the last map uref. The delay is also fixable\n(e.g., break the cancelling of bpf timer into two parts: one part in\nlocked scope, another one in unlocked scope), it can be revised later if\nnecessary.\n\nIt is a bit hard to decide the right fix tag. One reason is that the\nproblem depends on PREEMPT_RT which is enabled in v6.12. Considering the\nsoftirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced\nin v5.15, the bpf_timer commit is used in the fixes tag and an extra\ndepends-on tag is added to state the dependency on PREEMPT_RT.\n\nDepends-on: v6.12+ with PREEMPT_RT enabled",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21825",
"url": "https://www.suse.com/security/cve/CVE-2025-21825"
},
{
"category": "external",
"summary": "SUSE Bug 1238971 for CVE-2025-21825",
"url": "https://bugzilla.suse.com/1238971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t flush non-uploaded STAs\n\nIf STA state is pre-moved to AUTHORIZED (such as in IBSS\nscenarios) and insertion fails, the station is freed.\nIn this case, the driver never knew about the station,\nso trying to flush it is unexpected and may crash.\n\nCheck if the sta was uploaded to the driver before and\nfix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21828",
"url": "https://www.suse.com/security/cve/CVE-2025-21828"
},
{
"category": "external",
"summary": "SUSE Bug 1238958 for CVE-2025-21828",
"url": "https://bugzilla.suse.com/1238958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n \u003cTASK\u003e\n ? show_regs.cold+0x1a/0x1f\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __warn+0x84/0xd0\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? report_bug+0x105/0x180\n ? handle_bug+0x46/0x80\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n ib_destroy_qp_user+0x118/0x190 [ib_core]\n rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n process_one_work+0x21d/0x3f0\n worker_thread+0x4a/0x3c0\n ? process_one_work+0x3f0/0x3f0\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21829",
"url": "https://www.suse.com/security/cve/CVE-2025-21829"
},
{
"category": "external",
"summary": "SUSE Bug 1239030 for CVE-2025-21829",
"url": "https://bugzilla.suse.com/1239030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21830",
"url": "https://www.suse.com/security/cve/CVE-2025-21830"
},
{
"category": "external",
"summary": "SUSE Bug 1239033 for CVE-2025-21830",
"url": "https://bugzilla.suse.com/1239033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won\u0027t be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21831",
"url": "https://www.suse.com/security/cve/CVE-2025-21831"
},
{
"category": "external",
"summary": "SUSE Bug 1239039 for CVE-2025-21831",
"url": "https://bugzilla.suse.com/1239039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21835",
"url": "https://www.suse.com/security/cve/CVE-2025-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1239068 for CVE-2025-21835",
"url": "https://bugzilla.suse.com/1239068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: reallocate buf lists on upgrade\n\nIORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it\nwas created for legacy selected buffer and has been emptied. It violates\nthe requirement that most of the field should stay stable after publish.\nAlways reallocate it instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21836",
"url": "https://www.suse.com/security/cve/CVE-2025-21836"
},
{
"category": "external",
"summary": "SUSE Bug 1239066 for CVE-2025-21836",
"url": "https://bugzilla.suse.com/1239066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21836"
},
{
"cve": "CVE-2025-21838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget-\u003ework\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(\u0026gadget-\u003ework)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21838",
"url": "https://www.suse.com/security/cve/CVE-2025-21838"
},
{
"category": "external",
"summary": "SUSE Bug 1239065 for CVE-2025-21838",
"url": "https://bugzilla.suse.com/1239065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: prevent opcode speculation\n\nsqe-\u003eopcode is used for different tables, make sure we santitise it\nagainst speculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21863",
"url": "https://www.suse.com/security/cve/CVE-2025-21863"
},
{
"category": "external",
"summary": "SUSE Bug 1239475 for CVE-2025-21863",
"url": "https://bugzilla.suse.com/1239475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21863"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: bsg: Fix crash when arpmb command fails\n\nIf the device doesn\u0027t support arpmb we\u0027ll crash due to copying user data in\nbsg_transport_sg_io_fn().\n\nIn the case where ufs_bsg_exec_advanced_rpmb_req() returns an error, do not\nset the job\u0027s reply_len.\n\nMemory crash backtrace:\n3,1290,531166405,-;ufshcd 0000:00:12.5: ARPMB OP failed: error code -22\n\n4,1308,531166555,-;Call Trace:\n\n4,1309,531166559,-; \u003cTASK\u003e\n\n4,1310,531166565,-; ? show_regs+0x6d/0x80\n\n4,1311,531166575,-; ? die+0x37/0xa0\n\n4,1312,531166583,-; ? do_trap+0xd4/0xf0\n\n4,1313,531166593,-; ? do_error_trap+0x71/0xb0\n\n4,1314,531166601,-; ? usercopy_abort+0x6c/0x80\n\n4,1315,531166610,-; ? exc_invalid_op+0x52/0x80\n\n4,1316,531166622,-; ? usercopy_abort+0x6c/0x80\n\n4,1317,531166630,-; ? asm_exc_invalid_op+0x1b/0x20\n\n4,1318,531166643,-; ? usercopy_abort+0x6c/0x80\n\n4,1319,531166652,-; __check_heap_object+0xe3/0x120\n\n4,1320,531166661,-; check_heap_object+0x185/0x1d0\n\n4,1321,531166670,-; __check_object_size.part.0+0x72/0x150\n\n4,1322,531166679,-; __check_object_size+0x23/0x30\n\n4,1323,531166688,-; bsg_transport_sg_io_fn+0x314/0x3b0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21873",
"url": "https://www.suse.com/security/cve/CVE-2025-21873"
},
{
"category": "external",
"summary": "SUSE Bug 1240184 for CVE-2025-21873",
"url": "https://bugzilla.suse.com/1240184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21873"
},
{
"cve": "CVE-2025-21875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: always handle address removal under msk socket lock\n\nSyzkaller reported a lockdep splat in the PM control path:\n\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Modules linked in:\n CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\n RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]\n RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 \u003c0f\u003e 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff\n RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283\n RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408\n RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000\n R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0\n R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00\n FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59\n mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486\n mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]\n mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:733\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2573\n ___sys_sendmsg net/socket.c:2627 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f7e9998cde9\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9\n RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007\n RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088\n\nIndeed the PM can try to send a RM_ADDR over a msk without acquiring\nfirst the msk socket lock.\n\nThe bugged code-path comes from an early optimization: when there\nare no subflows, the PM should (usually) not send RM_ADDR\nnotifications.\n\nThe above statement is incorrect, as without locks another process\ncould concur\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21875",
"url": "https://www.suse.com/security/cve/CVE-2025-21875"
},
{
"category": "external",
"summary": "SUSE Bug 1240168 for CVE-2025-21875",
"url": "https://bugzilla.suse.com/1240168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21875"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: Reject the shared zeropage in uprobe_write_opcode()\n\nWe triggered the following crash in syzkaller tests:\n\n BUG: Bad page state in process syz.7.38 pfn:1eff3\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3\n flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)\n raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x32/0x50\n bad_page+0x69/0xf0\n free_unref_page_prepare+0x401/0x500\n free_unref_page+0x6d/0x1b0\n uprobe_write_opcode+0x460/0x8e0\n install_breakpoint.part.0+0x51/0x80\n register_for_each_vma+0x1d9/0x2b0\n __uprobe_register+0x245/0x300\n bpf_uprobe_multi_link_attach+0x29b/0x4f0\n link_create+0x1e2/0x280\n __sys_bpf+0x75f/0xac0\n __x64_sys_bpf+0x1a/0x30\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\n BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1\n\nThe following syzkaller test case can be used to reproduce:\n\n r2 = creat(\u0026(0x7f0000000000)=\u0027./file0\\x00\u0027, 0x8)\n write$nbd(r2, \u0026(0x7f0000000580)=ANY=[], 0x10)\n r4 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x42, 0x0)\n mmap$IORING_OFF_SQ_RING(\u0026(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)\n r5 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r5, 0xc018aa3f, \u0026(0x7f0000000040)={0xaa, 0x20})\n r6 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r6, 0xc018aa3f, \u0026(0x7f0000000140))\n ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, \u0026(0x7f0000000100)={{\u0026(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})\n ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, \u0026(0x7f0000000000)={{\u0026(0x7f0000ffd000/0x1000)=nil, 0x1000}})\n r7 = bpf$PROG_LOAD(0x5, \u0026(0x7f0000000140)={0x2, 0x3, \u0026(0x7f0000000200)=ANY=[@ANYBLOB=\"1800000000120000000000000000000095\"], \u0026(0x7f0000000000)=\u0027GPL\\x00\u0027, 0x7, 0x0, 0x0, 0x0, 0x0, \u0027\\x00\u0027, 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)\n bpf$BPF_LINK_CREATE_XDP(0x1c, \u0026(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={\u0026(0x7f0000000080)=\u0027./file0\\x00\u0027, \u0026(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40)\n\nThe cause is that zero pfn is set to the PTE without increasing the RSS\ncount in mfill_atomic_pte_zeropage() and the refcount of zero folio does\nnot increase accordingly. Then, the operation on the same pfn is performed\nin uprobe_write_opcode()-\u003e__replace_page() to unconditional decrease the\nRSS count and old_folio\u0027s refcount.\n\nTherefore, two bugs are introduced:\n\n 1. The RSS count is incorrect, when process exit, the check_mm() report\n error \"Bad rss-count\".\n\n 2. The reserved folio (zero folio) is freed when folio-\u003erefcount is zero,\n then free_pages_prepare-\u003efree_page_is_bad() report error\n \"Bad page state\".\n\nThere is more, the following warning could also theoretically be triggered:\n\n __replace_page()\n -\u003e ...\n -\u003e folio_remove_rmap_pte()\n -\u003e VM_WARN_ON_FOLIO(is_zero_folio(folio), folio)\n\nConsidering that uprobe hit on the zero folio is a very rare case, just\nreject zero old folio immediately after get_user_page_vma_remote().\n\n[ mingo: Cleaned up the changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21881",
"url": "https://www.suse.com/security/cve/CVE-2025-21881"
},
{
"category": "external",
"summary": "SUSE Bug 1240185 for CVE-2025-21881",
"url": "https://bugzilla.suse.com/1240185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21881"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: better track kernel sockets lifetime\n\nWhile kernel sockets are dismantled during pernet_operations-\u003eexit(),\ntheir freeing can be delayed by any tx packets still held in qdisc\nor device queues, due to skb_set_owner_w() prior calls.\n\nThis then trigger the following warning from ref_tracker_dir_exit() [1]\n\nTo fix this, make sure that kernel sockets own a reference on net-\u003epassive.\n\nAdd sk_net_refcnt_upgrade() helper, used whenever a kernel socket\nis converted to a refcounted one.\n\n[1]\n\n[ 136.263918][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.263918][ T35] sk_alloc+0x2b3/0x370\n[ 136.263918][ T35] inet6_create+0x6ce/0x10f0\n[ 136.263918][ T35] __sock_create+0x4c0/0xa30\n[ 136.263918][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.263918][ T35] igmp6_net_init+0x39/0x390\n[ 136.263918][ T35] ops_init+0x31e/0x590\n[ 136.263918][ T35] setup_net+0x287/0x9e0\n[ 136.263918][ T35] copy_net_ns+0x33f/0x570\n[ 136.263918][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.263918][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.263918][ T35] ksys_unshare+0x57d/0xa70\n[ 136.263918][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.263918][ T35] do_syscall_64+0xf3/0x230\n[ 136.263918][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 136.263918][ T35]\n[ 136.343488][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.343488][ T35] sk_alloc+0x2b3/0x370\n[ 136.343488][ T35] inet6_create+0x6ce/0x10f0\n[ 136.343488][ T35] __sock_create+0x4c0/0xa30\n[ 136.343488][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.343488][ T35] ndisc_net_init+0xa7/0x2b0\n[ 136.343488][ T35] ops_init+0x31e/0x590\n[ 136.343488][ T35] setup_net+0x287/0x9e0\n[ 136.343488][ T35] copy_net_ns+0x33f/0x570\n[ 136.343488][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.343488][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.343488][ T35] ksys_unshare+0x57d/0xa70\n[ 136.343488][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.343488][ T35] do_syscall_64+0xf3/0x230\n[ 136.343488][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21884",
"url": "https://www.suse.com/security/cve/CVE-2025-21884"
},
{
"category": "external",
"summary": "SUSE Bug 1240171 for CVE-2025-21884",
"url": "https://bugzilla.suse.com/1240171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21884"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up\n\nThe issue was caused by dput(upper) being called before\novl_dentry_update_reval(), while upper-\u003ed_flags was still\naccessed in ovl_dentry_remote().\n\nMove dput(upper) after its last use to prevent use-after-free.\n\nBUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\nBUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\n ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n ovl_link_up fs/overlayfs/copy_up.c:610 [inline]\n ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170\n ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223\n ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136\n vfs_rename+0xf84/0x20a0 fs/namei.c:4893\n...\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21887",
"url": "https://www.suse.com/security/cve/CVE-2025-21887"
},
{
"category": "external",
"summary": "SUSE Bug 1240176 for CVE-2025-21887",
"url": "https://bugzilla.suse.com/1240176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21887"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t lockdep_rcu_suspicious\n\t ? perf_event_addr_filters_apply\n\t perf_iterate_ctx\n\t perf_event_exec\n\t begin_new_exec\n\t ? load_elf_phdrs\n\t load_elf_binary\n\t ? lock_acquire\n\t ? find_held_lock\n\t ? bprm_execve\n\t bprm_execve\n\t do_execveat_common.isra.0\n\t __x64_sys_execve\n\t do_syscall_64\n\t entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21889",
"url": "https://www.suse.com/security/cve/CVE-2025-21889"
},
{
"category": "external",
"summary": "SUSE Bug 1240167 for CVE-2025-21889",
"url": "https://bugzilla.suse.com/1240167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21889"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
},
{
"cve": "CVE-2025-21894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC\n\nActually ENETC VFs do not support HWTSTAMP_TX_ONESTEP_SYNC because only\nENETC PF can access PMa_SINGLE_STEP registers. And there will be a crash\nif VFs are used to test one-step timestamp, the crash log as follows.\n\n[ 129.110909] Unable to handle kernel paging request at virtual address 00000000000080c0\n[ 129.287769] Call trace:\n[ 129.290219] enetc_port_mac_wr+0x30/0xec (P)\n[ 129.294504] enetc_start_xmit+0xda4/0xe74\n[ 129.298525] enetc_xmit+0x70/0xec\n[ 129.301848] dev_hard_start_xmit+0x98/0x118",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21894",
"url": "https://www.suse.com/security/cve/CVE-2025-21894"
},
{
"category": "external",
"summary": "SUSE Bug 1240581 for CVE-2025-21894",
"url": "https://bugzilla.suse.com/1240581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21894"
},
{
"cve": "CVE-2025-21895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Order the PMU list to fix warning about unordered pmu_ctx_list\n\nSyskaller triggers a warning due to prev_epc-\u003epmu != next_epc-\u003epmu in\nperf_event_swap_task_ctx_data(). vmcore shows that two lists have the same\nperf_event_pmu_context, but not in the same order.\n\nThe problem is that the order of pmu_ctx_list for the parent is impacted by\nthe time when an event/PMU is added. While the order for a child is\nimpacted by the event order in the pinned_groups and flexible_groups. So\nthe order of pmu_ctx_list in the parent and child may be different.\n\nTo fix this problem, insert the perf_event_pmu_context to its proper place\nafter iteration of the pmu_ctx_list.\n\nThe follow testcase can trigger above warning:\n\n # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out \u0026\n # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out\n\n test.c\n\n void main() {\n int count = 0;\n pid_t pid;\n\n printf(\"%d running\\n\", getpid());\n sleep(30);\n printf(\"running\\n\");\n\n pid = fork();\n if (pid == -1) {\n printf(\"fork error\\n\");\n return;\n }\n if (pid == 0) {\n while (1) {\n count++;\n }\n } else {\n while (1) {\n count++;\n }\n }\n }\n\nThe testcase first opens an LBR event, so it will allocate task_ctx_data,\nand then open tracepoint and software events, so the parent context will\nhave 3 different perf_event_pmu_contexts. On inheritance, child ctx will\ninsert the perf_event_pmu_context in another order and the warning will\ntrigger.\n\n[ mingo: Tidied up the changelog. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21895",
"url": "https://www.suse.com/security/cve/CVE-2025-21895"
},
{
"category": "external",
"summary": "SUSE Bug 1240585 for CVE-2025-21895",
"url": "https://bugzilla.suse.com/1240585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21895"
},
{
"cve": "CVE-2025-21905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: limit printed string from FW file\n\nThere\u0027s no guarantee here that the file is always with a\nNUL-termination, so reading the string may read beyond the\nend of the TLV. If that\u0027s the last TLV in the file, it can\nperhaps even read beyond the end of the file buffer.\n\nFix that by limiting the print format to the size of the\nbuffer we have.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21905",
"url": "https://www.suse.com/security/cve/CVE-2025-21905"
},
{
"category": "external",
"summary": "SUSE Bug 1240575 for CVE-2025-21905",
"url": "https://bugzilla.suse.com/1240575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21905"
},
{
"cve": "CVE-2025-21906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: clean up ROC on failure\n\nIf the firmware fails to start the session protection, then we\ndo call iwl_mvm_roc_finished() here, but that won\u0027t do anything\nat all because IWL_MVM_STATUS_ROC_P2P_RUNNING was never set.\nSet IWL_MVM_STATUS_ROC_P2P_RUNNING in the failure/stop path.\nIf it started successfully before, it\u0027s already set, so that\ndoesn\u0027t matter, and if it didn\u0027t start it needs to be set to\nclean up.\n\nNot doing so will lead to a WARN_ON() later on a fresh remain-\non-channel, since the link is already active when activated as\nit was never deactivated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21906",
"url": "https://www.suse.com/security/cve/CVE-2025-21906"
},
{
"category": "external",
"summary": "SUSE Bug 1240587 for CVE-2025-21906",
"url": "https://bugzilla.suse.com/1240587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21906"
},
{
"cve": "CVE-2025-21908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21908"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\n\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\n\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\nmount on the same host, NFSD blocks waiting for XFS\u0027s call to\n__filemap_get_folio):\n\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\n\n{---\n[58] \"kcompactd0\"\n[\u003c0\u003e] folio_wait_bit+0xe8/0x200\n[\u003c0\u003e] folio_wait_writeback+0x2b/0x80\n[\u003c0\u003e] nfs_wb_folio+0x80/0x1b0 [nfs]\n[\u003c0\u003e] nfs_release_folio+0x68/0x130 [nfs]\n[\u003c0\u003e] split_huge_page_to_list_to_order+0x362/0x840\n[\u003c0\u003e] migrate_pages_batch+0x43d/0xb90\n[\u003c0\u003e] migrate_pages_sync+0x9a/0x240\n[\u003c0\u003e] migrate_pages+0x93c/0x9f0\n[\u003c0\u003e] compact_zone+0x8e2/0x1030\n[\u003c0\u003e] compact_node+0xdb/0x120\n[\u003c0\u003e] kcompactd+0x121/0x2e0\n[\u003c0\u003e] kthread+0xcf/0x100\n[\u003c0\u003e] ret_from_fork+0x31/0x40\n[\u003c0\u003e] ret_from_fork_asm+0x1a/0x30\n---}\n\n[akpm@linux-foundation.org: fix build]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21908",
"url": "https://www.suse.com/security/cve/CVE-2025-21908"
},
{
"category": "external",
"summary": "SUSE Bug 1240600 for CVE-2025-21908",
"url": "https://bugzilla.suse.com/1240600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21908"
},
{
"cve": "CVE-2025-21909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject cooked mode if it is set along with other flags\n\nIt is possible to set both MONITOR_FLAG_COOK_FRAMES and MONITOR_FLAG_ACTIVE\nflags simultaneously on the same monitor interface from the userspace. This\ncauses a sub-interface to be created with no IEEE80211_SDATA_IN_DRIVER bit\nset because the monitor interface is in the cooked state and it takes\nprecedence over all other states. When the interface is then being deleted\nthe kernel calls WARN_ONCE() from check_sdata_in_driver() because of missing\nthat bit.\n\nFix this by rejecting MONITOR_FLAG_COOK_FRAMES if it is set along with\nother flags.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21909",
"url": "https://www.suse.com/security/cve/CVE-2025-21909"
},
{
"category": "external",
"summary": "SUSE Bug 1240590 for CVE-2025-21909",
"url": "https://bugzilla.suse.com/1240590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21909"
},
{
"cve": "CVE-2025-21910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: regulatory: improve invalid hints checking\n\nSyzbot keeps reporting an issue [1] that occurs when erroneous symbols\nsent from userspace get through into user_alpha2[] via\nregulatory_hint_user() call. Such invalid regulatory hints should be\nrejected.\n\nWhile a sanity check from commit 47caf685a685 (\"cfg80211: regulatory:\nreject invalid hints\") looks to be enough to deter these very cases,\nthere is a way to get around it due to 2 reasons.\n\n1) The way isalpha() works, symbols other than latin lower and\nupper letters may be used to determine a country/domain.\nFor instance, greek letters will also be considered upper/lower\nletters and for such characters isalpha() will return true as well.\nHowever, ISO-3166-1 alpha2 codes should only hold latin\ncharacters.\n\n2) While processing a user regulatory request, between\nreg_process_hint_user() and regulatory_hint_user() there happens to\nbe a call to queue_regulatory_request() which modifies letters in\nrequest-\u003ealpha2[] with toupper(). This works fine for latin symbols,\nless so for weird letter characters from the second part of _ctype[].\n\nSyzbot triggers a warning in is_user_regdom_saved() by first sending\nover an unexpected non-latin letter that gets malformed by toupper()\ninto a character that ends up failing isalpha() check.\n\nPrevent this by enhancing is_an_alpha2() to ensure that incoming\nsymbols are latin letters and nothing else.\n\n[1] Syzbot report:\n------------[ cut here ]------------\nUnexpected user alpha2: A\ufffd\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 is_user_regdom_saved net/wireless/reg.c:440 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_alpha2 net/wireless/reg.c:3424 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\nModules linked in:\nCPU: 1 UID: 0 PID: 964 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_power_efficient crda_timeout_work\nRIP: 0010:is_user_regdom_saved net/wireless/reg.c:440 [inline]\nRIP: 0010:restore_alpha2 net/wireless/reg.c:3424 [inline]\nRIP: 0010:restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\n...\nCall Trace:\n \u003cTASK\u003e\n crda_timeout_work+0x27/0x50 net/wireless/reg.c:542\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21910",
"url": "https://www.suse.com/security/cve/CVE-2025-21910"
},
{
"category": "external",
"summary": "SUSE Bug 1240583 for CVE-2025-21910",
"url": "https://bugzilla.suse.com/1240583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21910"
},
{
"cve": "CVE-2025-21912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: rcar: Use raw_spinlock to protect register access\n\nUse raw_spinlock in order to fix spurious messages about invalid context\nwhen spinlock debugging is enabled. The lock is only used to serialize\nregister access.\n\n [ 4.239592] =============================\n [ 4.239595] [ BUG: Invalid wait context ]\n [ 4.239599] 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35 Not tainted\n [ 4.239603] -----------------------------\n [ 4.239606] kworker/u8:5/76 is trying to lock:\n [ 4.239609] ffff0000091898a0 (\u0026p-\u003elock){....}-{3:3}, at: gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.239641] other info that might help us debug this:\n [ 4.239643] context-{5:5}\n [ 4.239646] 5 locks held by kworker/u8:5/76:\n [ 4.239651] #0: ffff0000080fb148 ((wq_completion)async){+.+.}-{0:0}, at: process_one_work+0x190/0x62c\n [ 4.250180] OF: /soc/sound@ec500000/ports/port@0/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.254094] #1: ffff80008299bd80 ((work_completion)(\u0026entry-\u003ework)){+.+.}-{0:0}, at: process_one_work+0x1b8/0x62c\n [ 4.254109] #2: ffff00000920c8f8\n [ 4.258345] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027bitclock-master\u0027 with a value.\n [ 4.264803] (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach_async_helper+0x3c/0xdc\n [ 4.264820] #3: ffff00000a50ca40 (request_class#2){+.+.}-{4:4}, at: __setup_irq+0xa0/0x690\n [ 4.264840] #4:\n [ 4.268872] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.273275] ffff00000a50c8c8 (lock_class){....}-{2:2}, at: __setup_irq+0xc4/0x690\n [ 4.296130] renesas_sdhi_internal_dmac ee100000.mmc: mmc1 base at 0x00000000ee100000, max clock rate 200 MHz\n [ 4.304082] stack backtrace:\n [ 4.304086] CPU: 1 UID: 0 PID: 76 Comm: kworker/u8:5 Not tainted 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35\n [ 4.304092] Hardware name: Renesas Salvator-X 2nd version board based on r8a77965 (DT)\n [ 4.304097] Workqueue: async async_run_entry_fn\n [ 4.304106] Call trace:\n [ 4.304110] show_stack+0x14/0x20 (C)\n [ 4.304122] dump_stack_lvl+0x6c/0x90\n [ 4.304131] dump_stack+0x14/0x1c\n [ 4.304138] __lock_acquire+0xdfc/0x1584\n [ 4.426274] lock_acquire+0x1c4/0x33c\n [ 4.429942] _raw_spin_lock_irqsave+0x5c/0x80\n [ 4.434307] gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.440061] gpio_rcar_irq_set_type+0xd4/0xd8\n [ 4.444422] __irq_set_trigger+0x5c/0x178\n [ 4.448435] __setup_irq+0x2e4/0x690\n [ 4.452012] request_threaded_irq+0xc4/0x190\n [ 4.456285] devm_request_threaded_irq+0x7c/0xf4\n [ 4.459398] ata1: link resume succeeded after 1 retries\n [ 4.460902] mmc_gpiod_request_cd_irq+0x68/0xe0\n [ 4.470660] mmc_start_host+0x50/0xac\n [ 4.474327] mmc_add_host+0x80/0xe4\n [ 4.477817] tmio_mmc_host_probe+0x2b0/0x440\n [ 4.482094] renesas_sdhi_probe+0x488/0x6f4\n [ 4.486281] renesas_sdhi_internal_dmac_probe+0x60/0x78\n [ 4.491509] platform_probe+0x64/0xd8\n [ 4.495178] really_probe+0xb8/0x2a8\n [ 4.498756] __driver_probe_device+0x74/0x118\n [ 4.503116] driver_probe_device+0x3c/0x154\n [ 4.507303] __device_attach_driver+0xd4/0x160\n [ 4.511750] bus_for_each_drv+0x84/0xe0\n [ 4.515588] __device_attach_async_helper+0xb0/0xdc\n [ 4.520470] async_run_entry_fn+0x30/0xd8\n [ 4.524481] process_one_work+0x210/0x62c\n [ 4.528494] worker_thread+0x1ac/0x340\n [ 4.532245] kthread+0x10c/0x110\n [ 4.535476] ret_from_fork+0x10/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21912",
"url": "https://www.suse.com/security/cve/CVE-2025-21912"
},
{
"category": "external",
"summary": "SUSE Bug 1240584 for CVE-2025-21912",
"url": "https://bugzilla.suse.com/1240584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21912"
},
{
"cve": "CVE-2025-21913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()\n\nXen doesn\u0027t offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results\nin the following warning:\n\n unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0)\n Call Trace:\n xen_read_msr+0x1e/0x30\n amd_get_mmconfig_range+0x2b/0x80\n quirk_amd_mmconfig_area+0x28/0x100\n pnp_fixup_device+0x39/0x50\n __pnp_add_device+0xf/0x150\n pnp_add_device+0x3d/0x100\n pnpacpi_add_device_handler+0x1f9/0x280\n acpi_ns_get_device_callback+0x104/0x1c0\n acpi_ns_walk_namespace+0x1d0/0x260\n acpi_get_devices+0x8a/0xb0\n pnpacpi_init+0x50/0x80\n do_one_initcall+0x46/0x2e0\n kernel_init_freeable+0x1da/0x2f0\n kernel_init+0x16/0x1b0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\n\nbased on quirks for a \"PNP0c01\" device. Treating MMCFG as disabled is the\nright course of action, so no change is needed there.\n\nThis was most likely exposed by fixing the Xen MSR accessors to not be\nsilently-safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21913",
"url": "https://www.suse.com/security/cve/CVE-2025-21913"
},
{
"category": "external",
"summary": "SUSE Bug 1240591 for CVE-2025-21913",
"url": "https://bugzilla.suse.com/1240591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21913"
},
{
"cve": "CVE-2025-21914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: messaging: Free transaction ID in delayed interrupt scenario\n\nIn case of interrupt delay for any reason, slim_do_transfer()\nreturns timeout error but the transaction ID (TID) is not freed.\nThis results into invalid memory access inside\nqcom_slim_ngd_rx_msgq_cb() due to invalid TID.\n\nFix the issue by freeing the TID in slim_do_transfer() before\nreturning timeout error to avoid invalid memory access.\n\nCall trace:\n__memcpy_fromio+0x20/0x190\nqcom_slim_ngd_rx_msgq_cb+0x130/0x290 [slim_qcom_ngd_ctrl]\nvchan_complete+0x2a0/0x4a0\ntasklet_action_common+0x274/0x700\ntasklet_action+0x28/0x3c\n_stext+0x188/0x620\nrun_ksoftirqd+0x34/0x74\nsmpboot_thread_fn+0x1d8/0x464\nkthread+0x178/0x238\nret_from_fork+0x10/0x20\nCode: aa0003e8 91000429 f100044a 3940002b (3800150b)\n---[ end trace 0fe00bec2b975c99 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21914",
"url": "https://www.suse.com/security/cve/CVE-2025-21914"
},
{
"category": "external",
"summary": "SUSE Bug 1240595 for CVE-2025-21914",
"url": "https://bugzilla.suse.com/1240595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21914"
},
{
"cve": "CVE-2025-21915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncdx: Fix possible UAF error in driver_override_show()\n\nFixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c\n\nThis function driver_override_show() is part of DEVICE_ATTR_RW, which\nincludes both driver_override_show() and driver_override_store().\nThese functions can be executed concurrently in sysfs.\n\nThe driver_override_store() function uses driver_set_override() to\nupdate the driver_override value, and driver_set_override() internally\nlocks the device (device_lock(dev)). If driver_override_show() reads\ncdx_dev-\u003edriver_override without locking, it could potentially access\na freed pointer if driver_override_store() frees the string\nconcurrently. This could lead to printing a kernel address, which is a\nsecurity risk since DEVICE_ATTR can be read by all users.\n\nAdditionally, a similar pattern is used in drivers/amba/bus.c, as well\nas many other bus drivers, where device_lock() is taken in the show\nfunction, and it has been working without issues.\n\nThis potential bug was detected by our experimental static analysis\ntool, which analyzes locking APIs and paired functions to identify\ndata races and atomicity violations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21915",
"url": "https://www.suse.com/security/cve/CVE-2025-21915"
},
{
"category": "external",
"summary": "SUSE Bug 1240594 for CVE-2025-21915",
"url": "https://bugzilla.suse.com/1240594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21915"
},
{
"cve": "CVE-2025-21916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: atm: cxacru: fix a flaw in existing endpoint checks\n\nSyzbot once again identified a flaw in usb endpoint checking, see [1].\nThis time the issue stems from a commit authored by me (2eabb655a968\n(\"usb: atm: cxacru: fix endpoint checking in cxacru_bind()\")).\n\nWhile using usb_find_common_endpoints() may usually be enough to\ndiscard devices with wrong endpoints, in this case one needs more\nthan just finding and identifying the sufficient number of endpoints\nof correct types - one needs to check the endpoint\u0027s address as well.\n\nSince cxacru_bind() fills URBs with CXACRU_EP_CMD address in mind,\nswitch the endpoint verification approach to usb_check_XXX_endpoints()\ninstead to fix incomplete ep testing.\n\n[1] Syzbot report:\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 1378 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nRIP: 0010:usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n cxacru_cm+0x3c8/0xe50 drivers/usb/atm/cxacru.c:649\n cxacru_card_status drivers/usb/atm/cxacru.c:760 [inline]\n cxacru_bind+0xcf9/0x1150 drivers/usb/atm/cxacru.c:1223\n usbatm_usb_probe+0x314/0x1d30 drivers/usb/atm/usbatm.c:1058\n cxacru_usb_probe+0x184/0x220 drivers/usb/atm/cxacru.c:1377\n usb_probe_interface+0x641/0xbb0 drivers/usb/core/driver.c:396\n really_probe+0x2b9/0xad0 drivers/base/dd.c:658\n __driver_probe_device+0x1a2/0x390 drivers/base/dd.c:800\n driver_probe_device+0x50/0x430 drivers/base/dd.c:830\n...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21916",
"url": "https://www.suse.com/security/cve/CVE-2025-21916"
},
{
"category": "external",
"summary": "SUSE Bug 1240582 for CVE-2025-21916",
"url": "https://bugzilla.suse.com/1240582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21916"
},
{
"cve": "CVE-2025-21917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Flush the notify_hotplug_work\n\nWhen performing continuous unbind/bind operations on the USB drivers\navailable on the Renesas RZ/G2L SoC, a kernel crash with the message\n\"Unable to handle kernel NULL pointer dereference at virtual address\"\nmay occur. This issue points to the usbhsc_notify_hotplug() function.\n\nFlush the delayed work to avoid its execution when driver resources are\nunavailable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21917",
"url": "https://www.suse.com/security/cve/CVE-2025-21917"
},
{
"category": "external",
"summary": "SUSE Bug 1240596 for CVE-2025-21917",
"url": "https://bugzilla.suse.com/1240596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21917"
},
{
"cve": "CVE-2025-21918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Fix NULL pointer access\n\nResources should be released only after all threads that utilize them\nhave been destroyed.\nThis commit ensures that resources are not released prematurely by waiting\nfor the associated workqueue to complete before deallocating them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21918",
"url": "https://www.suse.com/security/cve/CVE-2025-21918"
},
{
"category": "external",
"summary": "SUSE Bug 1240592 for CVE-2025-21918",
"url": "https://bugzilla.suse.com/1240592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21918"
},
{
"cve": "CVE-2025-21922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: Fix KMSAN uninit-value warning with bpf\n\nSyzbot caught an \"KMSAN: uninit-value\" warning [1], which is caused by the\nppp driver not initializing a 2-byte header when using socket filter.\n\nThe following code can generate a PPP filter BPF program:\n\u0027\u0027\u0027\nstruct bpf_program fp;\npcap_t *handle;\nhandle = pcap_open_dead(DLT_PPP_PPPD, 65535);\npcap_compile(handle, \u0026fp, \"ip and outbound\", 0, 0);\nbpf_dump(\u0026fp, 1);\n\u0027\u0027\u0027\nIts output is:\n\u0027\u0027\u0027\n(000) ldh [2]\n(001) jeq #0x21 jt 2 jf 5\n(002) ldb [0]\n(003) jeq #0x1 jt 4 jf 5\n(004) ret #65535\n(005) ret #0\n\u0027\u0027\u0027\nWen can find similar code at the following link:\nhttps://github.com/ppp-project/ppp/blob/master/pppd/options.c#L1680\nThe maintainer of this code repository is also the original maintainer\nof the ppp driver.\n\nAs you can see the BPF program skips 2 bytes of data and then reads the\n\u0027Protocol\u0027 field to determine if it\u0027s an IP packet. Then it read the first\nbyte of the first 2 bytes to determine the direction.\n\nThe issue is that only the first byte indicating direction is initialized\nin current ppp driver code while the second byte is not initialized.\n\nFor normal BPF programs generated by libpcap, uninitialized data won\u0027t be\nused, so it\u0027s not a problem. However, for carefully crafted BPF programs,\nsuch as those generated by syzkaller [2], which start reading from offset\n0, the uninitialized data will be used and caught by KMSAN.\n\n[1] https://syzkaller.appspot.com/bug?extid=853242d9c9917165d791\n[2] https://syzkaller.appspot.com/text?tag=ReproC\u0026x=11994913980000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21922",
"url": "https://www.suse.com/security/cve/CVE-2025-21922"
},
{
"category": "external",
"summary": "SUSE Bug 1240639 for CVE-2025-21922",
"url": "https://bugzilla.suse.com/1240639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21922"
},
{
"cve": "CVE-2025-21923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-steam: Fix use-after-free when detaching device\n\nWhen a hid-steam device is removed it must clean up the client_hdev used for\nintercepting hidraw access. This can lead to scheduling deferred work to\nreattach the input device. Though the cleanup cancels the deferred work, this\nwas done before the client_hdev itself is cleaned up, so it gets rescheduled.\nThis patch fixes the ordering to make sure the deferred work is properly\ncanceled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21923",
"url": "https://www.suse.com/security/cve/CVE-2025-21923"
},
{
"category": "external",
"summary": "SUSE Bug 1240691 for CVE-2025-21923",
"url": "https://bugzilla.suse.com/1240691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21923"
},
{
"cve": "CVE-2025-21924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error\n\nDuring the initialization of ptp, hclge_ptp_get_cycle might return an error\nand returned directly without unregister clock and free it. To avoid that,\ncall hclge_ptp_destroy_clock to unregist and free clock if\nhclge_ptp_get_cycle failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21924",
"url": "https://www.suse.com/security/cve/CVE-2025-21924"
},
{
"category": "external",
"summary": "SUSE Bug 1240720 for CVE-2025-21924",
"url": "https://bugzilla.suse.com/1240720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21924"
},
{
"cve": "CVE-2025-21927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()\n\nnvme_tcp_recv_pdu() doesn\u0027t check the validity of the header length.\nWhen header digests are enabled, a target might send a packet with an\ninvalid header length (e.g. 255), causing nvme_tcp_verify_hdgst()\nto access memory outside the allocated area and cause memory corruptions\nby overwriting it with the calculated digest.\n\nFix this by rejecting packets with an unexpected header length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21927",
"url": "https://www.suse.com/security/cve/CVE-2025-21927"
},
{
"category": "external",
"summary": "SUSE Bug 1240714 for CVE-2025-21927",
"url": "https://bugzilla.suse.com/1240714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21927"
},
{
"cve": "CVE-2025-21928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()\n\nThe system can experience a random crash a few minutes after the driver is\nremoved. This issue occurs due to improper handling of memory freeing in\nthe ishtp_hid_remove() function.\n\nThe function currently frees the `driver_data` directly within the loop\nthat destroys the HID devices, which can lead to accessing freed memory.\nSpecifically, `hid_destroy_device()` uses `driver_data` when it calls\n`hid_ishtp_set_feature()` to power off the sensor, so freeing\n`driver_data` beforehand can result in accessing invalid memory.\n\nThis patch resolves the issue by storing the `driver_data` in a temporary\nvariable before calling `hid_destroy_device()`, and then freeing the\n`driver_data` after the device is destroyed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21928",
"url": "https://www.suse.com/security/cve/CVE-2025-21928"
},
{
"category": "external",
"summary": "SUSE Bug 1240722 for CVE-2025-21928",
"url": "https://bugzilla.suse.com/1240722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21928"
},
{
"cve": "CVE-2025-21930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t try to talk to a dead firmware\n\nThis fixes:\n\n bad state = 0\n WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi]\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xca/0x1c0\n ? iwl_trans_send_cmd+0xba/0xe0 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n iwl_fw_dbg_clear_monitor_buf+0xd7/0x110 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n _iwl_dbgfs_fw_dbg_clear_write+0xe2/0x120 [iwlmvm 0e8adb18cea92d2c341766bcc10b18699290068a]\n\nAsk whether the firmware is alive before sending a command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21930",
"url": "https://www.suse.com/security/cve/CVE-2025-21930"
},
{
"category": "external",
"summary": "SUSE Bug 1240715 for CVE-2025-21930",
"url": "https://bugzilla.suse.com/1240715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21930"
},
{
"cve": "CVE-2025-21934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: fix an API misues when rio_add_net() fails\n\nrio_add_net() calls device_register() and fails when device_register()\nfails. Thus, put_device() should be used rather than kfree(). Add\n\"mport-\u003enet = NULL;\" to avoid a use after free issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21934",
"url": "https://www.suse.com/security/cve/CVE-2025-21934"
},
{
"category": "external",
"summary": "SUSE Bug 1240708 for CVE-2025-21934",
"url": "https://bugzilla.suse.com/1240708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21934"
},
{
"cve": "CVE-2025-21935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: add check for rio_add_net() in rio_scan_alloc_net()\n\nThe return value of rio_add_net() should be checked. If it fails,\nput_device() should be called to free the memory and give up the reference\ninitialized in rio_add_net().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21935",
"url": "https://www.suse.com/security/cve/CVE-2025-21935"
},
{
"category": "external",
"summary": "SUSE Bug 1240700 for CVE-2025-21935",
"url": "https://bugzilla.suse.com/1240700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21935"
},
{
"cve": "CVE-2025-21936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_device_connected() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21936",
"url": "https://www.suse.com/security/cve/CVE-2025-21936"
},
{
"category": "external",
"summary": "SUSE Bug 1240716 for CVE-2025-21936",
"url": "https://bugzilla.suse.com/1240716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21936"
},
{
"cve": "CVE-2025-21937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_remote_name() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21937",
"url": "https://www.suse.com/security/cve/CVE-2025-21937"
},
{
"category": "external",
"summary": "SUSE Bug 1240643 for CVE-2025-21937",
"url": "https://bugzilla.suse.com/1240643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21937"
},
{
"cve": "CVE-2025-21941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx-\u003eplane_state\nis null. The fix adds a check to ensure \u0027pipe_ctx-\u003eplane_state\u0027 is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21941",
"url": "https://www.suse.com/security/cve/CVE-2025-21941"
},
{
"category": "external",
"summary": "SUSE Bug 1240701 for CVE-2025-21941",
"url": "https://bugzilla.suse.com/1240701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21941"
},
{
"cve": "CVE-2025-21943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: aggregator: protect driver attr handlers against module unload\n\nBoth new_device_store and delete_device_store touch module global\nresources (e.g. gpio_aggregator_lock). To prevent race conditions with\nmodule unload, a reference needs to be held.\n\nAdd try_module_get() in these handlers.\n\nFor new_device_store, this eliminates what appears to be the most dangerous\nscenario: if an id is allocated from gpio_aggregator_idr but\nplatform_device_register has not yet been called or completed, a concurrent\nmodule unload could fail to unregister/delete the device, leaving behind a\ndangling platform device/GPIO forwarder. This can result in various issues.\nThe following simple reproducer demonstrates these problems:\n\n #!/bin/bash\n while :; do\n # note: whether \u0027gpiochip0 0\u0027 exists or not does not matter.\n echo \u0027gpiochip0 0\u0027 \u003e /sys/bus/platform/drivers/gpio-aggregator/new_device\n done \u0026\n while :; do\n modprobe gpio-aggregator\n modprobe -r gpio-aggregator\n done \u0026\n wait\n\n Starting with the following warning, several kinds of warnings will appear\n and the system may become unstable:\n\n ------------[ cut here ]------------\n list_del corruption, ffff888103e2e980-\u003enext is LIST_POISON1 (dead000000000100)\n WARNING: CPU: 1 PID: 1327 at lib/list_debug.c:56 __list_del_entry_valid_or_report+0xa3/0x120\n [...]\n RIP: 0010:__list_del_entry_valid_or_report+0xa3/0x120\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? __warn.cold+0x93/0xf2\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? report_bug+0xe6/0x170\n ? __irq_work_queue_local+0x39/0xe0\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_del_entry_valid_or_report+0xa3/0x120\n gpiod_remove_lookup_table+0x22/0x60\n new_device_store+0x315/0x350 [gpio_aggregator]\n kernfs_fop_write_iter+0x137/0x1f0\n vfs_write+0x262/0x430\n ksys_write+0x60/0xd0\n do_syscall_64+0x6c/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21943",
"url": "https://www.suse.com/security/cve/CVE-2025-21943"
},
{
"category": "external",
"summary": "SUSE Bug 1240647 for CVE-2025-21943",
"url": "https://bugzilla.suse.com/1240647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21943"
},
{
"cve": "CVE-2025-21948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: appleir: Fix potential NULL dereference at raw event handle\n\nSyzkaller reports a NULL pointer dereference issue in input_event().\n\nBUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:68 [inline]\nBUG: KASAN: null-ptr-deref in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: null-ptr-deref in is_event_supported drivers/input/input.c:67 [inline]\nBUG: KASAN: null-ptr-deref in input_event+0x42/0xa0 drivers/input/input.c:395\nRead of size 8 at addr 0000000000000028 by task syz-executor199/2949\n\nCPU: 0 UID: 0 PID: 2949 Comm: syz-executor199 Not tainted 6.13.0-rc4-syzkaller-00076-gf097a36ef88d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n instrument_atomic_read include/linux/instrumented.h:68 [inline]\n _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n is_event_supported drivers/input/input.c:67 [inline]\n input_event+0x42/0xa0 drivers/input/input.c:395\n input_report_key include/linux/input.h:439 [inline]\n key_down drivers/hid/hid-appleir.c:159 [inline]\n appleir_raw_event+0x3e5/0x5e0 drivers/hid/hid-appleir.c:232\n __hid_input_report.constprop.0+0x312/0x440 drivers/hid/hid-core.c:2111\n hid_ctrl+0x49f/0x550 drivers/hid/usbhid/hid-core.c:484\n __usb_hcd_giveback_urb+0x389/0x6e0 drivers/usb/core/hcd.c:1650\n usb_hcd_giveback_urb+0x396/0x450 drivers/usb/core/hcd.c:1734\n dummy_timer+0x17f7/0x3960 drivers/usb/gadget/udc/dummy_hcd.c:1993\n __run_hrtimer kernel/time/hrtimer.c:1739 [inline]\n __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1803\n hrtimer_run_softirq+0x17d/0x350 kernel/time/hrtimer.c:1820\n handle_softirqs+0x206/0x8d0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xfa/0x160 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n __mod_timer+0x8f6/0xdc0 kernel/time/timer.c:1185\n add_timer+0x62/0x90 kernel/time/timer.c:1295\n schedule_timeout+0x11f/0x280 kernel/time/sleep_timeout.c:98\n usbhid_wait_io+0x1c7/0x380 drivers/hid/usbhid/hid-core.c:645\n usbhid_init_reports+0x19f/0x390 drivers/hid/usbhid/hid-core.c:784\n hiddev_ioctl+0x1133/0x15b0 drivers/hid/usbhid/hiddev.c:794\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThis happens due to the malformed report items sent by the emulated device\nwhich results in a report, that has no fields, being added to the report list.\nDue to this appleir_input_configured() is never called, hidinput_connect()\nfails which results in the HID_CLAIMED_INPUT flag is not being set. However,\nit does not make appleir_probe() fail and lets the event callback to be\ncalled without the associated input device.\n\nThus, add a check for the HID_CLAIMED_INPUT flag and leave the event hook\nearly if the driver didn\u0027t claim any input_dev for some reason. Moreover,\nsome other hid drivers accessing input_dev in their event callbacks do have\nsimilar checks, too.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21948",
"url": "https://www.suse.com/security/cve/CVE-2025-21948"
},
{
"category": "external",
"summary": "SUSE Bug 1240703 for CVE-2025-21948",
"url": "https://bugzilla.suse.com/1240703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21948"
},
{
"cve": "CVE-2025-21950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl\n\nIn the \"pmcmd_ioctl\" function, three memory objects allocated by\nkmalloc are initialized by \"hcall_get_cpu_state\", which are then\ncopied to user space. The initializer is indeed implemented in\n\"acrn_hypercall2\" (arch/x86/include/asm/acrn.h). There is a risk of\ninformation leakage due to uninitialized bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21950",
"url": "https://www.suse.com/security/cve/CVE-2025-21950"
},
{
"category": "external",
"summary": "SUSE Bug 1240719 for CVE-2025-21950",
"url": "https://bugzilla.suse.com/1240719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21950"
},
{
"cve": "CVE-2025-21951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock\n\nThere are multiple places from where the recovery work gets scheduled\nasynchronously. Also, there are multiple places where the caller waits\nsynchronously for the recovery to be completed. One such place is during\nthe PM shutdown() callback.\n\nIf the device is not alive during recovery_work, it will try to reset the\ndevice using pci_reset_function(). This function internally will take the\ndevice_lock() first before resetting the device. By this time, if the lock\nhas already been acquired, then recovery_work will get stalled while\nwaiting for the lock. And if the lock was already acquired by the caller\nwhich waits for the recovery_work to be completed, it will lead to\ndeadlock.\n\nThis is what happened on the X1E80100 CRD device when the device died\nbefore shutdown() callback. Driver core calls the driver\u0027s shutdown()\ncallback while holding the device_lock() leading to deadlock.\n\nAnd this deadlock scenario can occur on other paths as well, like during\nthe PM suspend() callback, where the driver core would hold the\ndevice_lock() before calling driver\u0027s suspend() callback. And if the\nrecovery_work was already started, it could lead to deadlock. This is also\nobserved on the X1E80100 CRD.\n\nSo to fix both issues, use pci_try_reset_function() in recovery_work. This\nfunction first checks for the availability of the device_lock() before\ntrying to reset the device. If the lock is available, it will acquire it\nand reset the device. Otherwise, it will return -EAGAIN. If that happens,\nrecovery_work will fail with the error message \"Recovery failed\" as not\nmuch could be done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21951",
"url": "https://www.suse.com/security/cve/CVE-2025-21951"
},
{
"category": "external",
"summary": "SUSE Bug 1240718 for CVE-2025-21951",
"url": "https://bugzilla.suse.com/1240718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21951"
},
{
"cve": "CVE-2025-21953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: cleanup mana struct after debugfs_remove()\n\nWhen on a MANA VM hibernation is triggered, as part of hibernate_snapshot(),\nmana_gd_suspend() and mana_gd_resume() are called. If during this\nmana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs\npointer does not get reinitialized and ends up pointing to older,\ncleaned-up dentry.\nFurther in the hibernation path, as part of power_down(), mana_gd_shutdown()\nis triggered. This call, unaware of the failures in resume, tries to cleanup\nthe already cleaned up mana_port_debugfs value and hits the following bug:\n\n[ 191.359296] mana 7870:00:00.0: Shutdown was called\n[ 191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 191.360584] #PF: supervisor write access in kernel mode\n[ 191.361125] #PF: error_code(0x0002) - not-present page\n[ 191.361727] PGD 1080ea067 P4D 0\n[ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI\n[ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2\n[ 191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\n[ 191.364124] RIP: 0010:down_write+0x19/0x50\n[ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 \u003cf0\u003e 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d\n[ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246\n[ 191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000\n[ 191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098\n[ 191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001\n[ 191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000\n[ 191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020\n[ 191.369549] FS: 00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000\n[ 191.370213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0\n[ 191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 191.372906] Call Trace:\n[ 191.373262] \u003cTASK\u003e\n[ 191.373621] ? show_regs+0x64/0x70\n[ 191.374040] ? __die+0x24/0x70\n[ 191.374468] ? page_fault_oops+0x290/0x5b0\n[ 191.374875] ? do_user_addr_fault+0x448/0x800\n[ 191.375357] ? exc_page_fault+0x7a/0x160\n[ 191.375971] ? asm_exc_page_fault+0x27/0x30\n[ 191.376416] ? down_write+0x19/0x50\n[ 191.376832] ? down_write+0x12/0x50\n[ 191.377232] simple_recursive_removal+0x4a/0x2a0\n[ 191.377679] ? __pfx_remove_one+0x10/0x10\n[ 191.378088] debugfs_remove+0x44/0x70\n[ 191.378530] mana_detach+0x17c/0x4f0\n[ 191.378950] ? __flush_work+0x1e2/0x3b0\n[ 191.379362] ? __cond_resched+0x1a/0x50\n[ 191.379787] mana_remove+0xf2/0x1a0\n[ 191.380193] mana_gd_shutdown+0x3b/0x70\n[ 191.380642] pci_device_shutdown+0x3a/0x80\n[ 191.381063] device_shutdown+0x13e/0x230\n[ 191.381480] kernel_power_off+0x35/0x80\n[ 191.381890] hibernate+0x3c6/0x470\n[ 191.382312] state_store+0xcb/0xd0\n[ 191.382734] kobj_attr_store+0x12/0x30\n[ 191.383211] sysfs_kf_write+0x3e/0x50\n[ 191.383640] kernfs_fop_write_iter+0x140/0x1d0\n[ 191.384106] vfs_write+0x271/0x440\n[ 191.384521] ksys_write+0x72/0xf0\n[ 191.384924] __x64_sys_write+0x19/0x20\n[ 191.385313] x64_sys_call+0x2b0/0x20b0\n[ 191.385736] do_syscall_64+0x79/0x150\n[ 191.386146] ? __mod_memcg_lruvec_state+0xe7/0x240\n[ 191.386676] ? __lruvec_stat_mod_folio+0x79/0xb0\n[ 191.387124] ? __pfx_lru_add+0x10/0x10\n[ 191.387515] ? queued_spin_unlock+0x9/0x10\n[ 191.387937] ? do_anonymous_page+0x33c/0xa00\n[ 191.388374] ? __handle_mm_fault+0xcf3/0x1210\n[ 191.388805] ? __count_memcg_events+0xbe/0x180\n[ 191.389235] ? handle_mm_fault+0xae/0x300\n[ 19\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21953",
"url": "https://www.suse.com/security/cve/CVE-2025-21953"
},
{
"category": "external",
"summary": "SUSE Bug 1240727 for CVE-2025-21953",
"url": "https://bugzilla.suse.com/1240727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21953"
},
{
"cve": "CVE-2025-21956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Assign normalized_pix_clk when color depth = 14\n\n[WHY \u0026 HOW]\nA warning message \"WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397\ncalculate_phy_pix_clks+0xef/0x100 [amdgpu]\" occurs because the\ndisplay_color_depth == COLOR_DEPTH_141414 is not handled. This is\nobserved in Radeon RX 6600 XT.\n\nIt is fixed by assigning pix_clk * (14 * 3) / 24 - same as the rests.\n\nAlso fixes the indentation in get_norm_pix_clk.\n\n(cherry picked from commit 274a87eb389f58eddcbc5659ab0b180b37e92775)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21956",
"url": "https://www.suse.com/security/cve/CVE-2025-21956"
},
{
"category": "external",
"summary": "SUSE Bug 1240739 for CVE-2025-21956",
"url": "https://bugzilla.suse.com/1240739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21956"
},
{
"cve": "CVE-2025-21957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla1280: Fix kernel oops when debug level \u003e 2\n\nA null dereference or oops exception will eventually occur when qla1280.c\ndriver is compiled with DEBUG_QLA1280 enabled and ql_debug_level \u003e 2. I\nthink its clear from the code that the intention here is sg_dma_len(s) not\nlength of sg_next(s) when printing the debug info.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21957",
"url": "https://www.suse.com/security/cve/CVE-2025-21957"
},
{
"category": "external",
"summary": "SUSE Bug 1240742 for CVE-2025-21957",
"url": "https://bugzilla.suse.com/1240742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21957"
},
{
"cve": "CVE-2025-21960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: do not update checksum in bnxt_xdp_build_skb()\n\nThe bnxt_rx_pkt() updates ip_summed value at the end if checksum offload\nis enabled.\nWhen the XDP-MB program is attached and it returns XDP_PASS, the\nbnxt_xdp_build_skb() is called to update skb_shared_info.\nThe main purpose of bnxt_xdp_build_skb() is to update skb_shared_info,\nbut it updates ip_summed value too if checksum offload is enabled.\nThis is actually duplicate work.\n\nWhen the bnxt_rx_pkt() updates ip_summed value, it checks if ip_summed\nis CHECKSUM_NONE or not.\nIt means that ip_summed should be CHECKSUM_NONE at this moment.\nBut ip_summed may already be updated to CHECKSUM_UNNECESSARY in the\nXDP-MB-PASS path.\nSo the by skb_checksum_none_assert() WARNS about it.\n\nThis is duplicate work and updating ip_summed in the\nbnxt_xdp_build_skb() is not needed.\n\nSplat looks like:\nWARNING: CPU: 3 PID: 5782 at ./include/linux/skbuff.h:5155 bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nModules linked in: bnxt_re bnxt_en rdma_ucm rdma_cm iw_cm ib_cm ib_uverbs veth xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_]\nCPU: 3 UID: 0 PID: 5782 Comm: socat Tainted: G W 6.14.0-rc4+ #27\nTainted: [W]=WARN\nHardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\nRIP: 0010:bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nCode: 54 24 0c 4c 89 f1 4c 89 ff c1 ea 1f ff d3 0f 1f 00 49 89 c6 48 85 c0 0f 84 4c e5 ff ff 48 89 c7 e8 ca 3d a0 c8 e9 8f f4 ff ff \u003c0f\u003e 0b f\nRSP: 0018:ffff88881ba09928 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000c7590303 RCX: 0000000000000000\nRDX: 1ffff1104e7d1610 RSI: 0000000000000001 RDI: ffff8881c91300b8\nRBP: ffff88881ba09b28 R08: ffff888273e8b0d0 R09: ffff888273e8b070\nR10: ffff888273e8b010 R11: ffff888278b0f000 R12: ffff888273e8b080\nR13: ffff8881c9130e00 R14: ffff8881505d3800 R15: ffff888273e8b000\nFS: 00007f5a2e7be080(0000) GS:ffff88881ba00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fff2e708ff8 CR3: 000000013e3b0000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? __warn+0xcd/0x2f0\n ? bnxt_rx_pkt+0x479b/0x7610\n ? report_bug+0x326/0x3c0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? bnxt_rx_pkt+0x479b/0x7610\n ? bnxt_rx_pkt+0x3e41/0x7610\n ? __pfx_bnxt_rx_pkt+0x10/0x10\n ? napi_complete_done+0x2cf/0x7d0\n __bnxt_poll_work+0x4e8/0x1220\n ? __pfx___bnxt_poll_work+0x10/0x10\n ? __pfx_mark_lock.part.0+0x10/0x10\n bnxt_poll_p5+0x36a/0xfa0\n ? __pfx_bnxt_poll_p5+0x10/0x10\n __napi_poll.constprop.0+0xa0/0x440\n net_rx_action+0x899/0xd00\n...\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going\nto be able to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21960",
"url": "https://www.suse.com/security/cve/CVE-2025-21960"
},
{
"category": "external",
"summary": "SUSE Bug 1240815 for CVE-2025-21960",
"url": "https://bugzilla.suse.com/1240815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21960"
},
{
"cve": "CVE-2025-21961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix truesize for mb-xdp-pass case\n\nWhen mb-xdp is set and return is XDP_PASS, packet is converted from\nxdp_buff to sk_buff with xdp_update_skb_shared_info() in\nbnxt_xdp_build_skb().\nbnxt_xdp_build_skb() passes incorrect truesize argument to\nxdp_update_skb_shared_info().\nThe truesize is calculated as BNXT_RX_PAGE_SIZE * sinfo-\u003enr_frags but\nthe skb_shared_info was wiped by napi_build_skb() before.\nSo it stores sinfo-\u003enr_frags before bnxt_xdp_build_skb() and use it\ninstead of getting skb_shared_info from xdp_get_shared_info_from_buff().\n\nSplat looks like:\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 0 at net/core/skbuff.c:6072 skb_try_coalesce+0x504/0x590\n Modules linked in: xt_nat xt_tcpudp veth af_packet xt_conntrack nft_chain_nat xt_MASQUERADE nf_conntrack_netlink xfrm_user xt_addrtype nft_coms\n CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.14.0-rc2+ #3\n RIP: 0010:skb_try_coalesce+0x504/0x590\n Code: 4b fd ff ff 49 8b 34 24 40 80 e6 40 0f 84 3d fd ff ff 49 8b 74 24 48 40 f6 c6 01 0f 84 2e fd ff ff 48 8d 4e ff e9 25 fd ff ff \u003c0f\u003e 0b e99\n RSP: 0018:ffffb62c4120caa8 EFLAGS: 00010287\n RAX: 0000000000000003 RBX: ffffb62c4120cb14 RCX: 0000000000000ec0\n RDX: 0000000000001000 RSI: ffffa06e5d7dc000 RDI: 0000000000000003\n RBP: ffffa06e5d7ddec0 R08: ffffa06e6120a800 R09: ffffa06e7a119900\n R10: 0000000000002310 R11: ffffa06e5d7dcec0 R12: ffffe4360575f740\n R13: ffffe43600000000 R14: 0000000000000002 R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffffa0755f700000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f147b76b0f8 CR3: 00000001615d4000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __warn+0x84/0x130\n ? skb_try_coalesce+0x504/0x590\n ? report_bug+0x18a/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_try_coalesce+0x504/0x590\n inet_frag_reasm_finish+0x11f/0x2e0\n ip_defrag+0x37a/0x900\n ip_local_deliver+0x51/0x120\n ip_sublist_rcv_finish+0x64/0x70\n ip_sublist_rcv+0x179/0x210\n ip_list_rcv+0xf9/0x130\n\nHow to reproduce:\n\u003cNode A\u003e\nip link set $interface1 xdp obj xdp_pass.o\nip link set $interface1 mtu 9000 up\nip a a 10.0.0.1/24 dev $interface1\n\u003cNode B\u003e\nip link set $interfac2 mtu 9000 up\nip a a 10.0.0.2/24 dev $interface2\nping 10.0.0.1 -s 65000\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going to be\nable to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21961",
"url": "https://www.suse.com/security/cve/CVE-2025-21961"
},
{
"category": "external",
"summary": "SUSE Bug 1240816 for CVE-2025-21961",
"url": "https://bugzilla.suse.com/1240816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21961"
},
{
"cve": "CVE-2025-21966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-flakey: Fix memory corruption in optional corrupt_bio_byte feature\n\nFix memory corruption due to incorrect parameter being passed to bio_init",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21966",
"url": "https://www.suse.com/security/cve/CVE-2025-21966"
},
{
"category": "external",
"summary": "SUSE Bug 1240779 for CVE-2025-21966",
"url": "https://bugzilla.suse.com/1240779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21966"
},
{
"cve": "CVE-2025-21968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free on hdcp_work\n\n[Why]\nA slab-use-after-free is reported when HDCP is destroyed but the\nproperty_validate_dwork queue is still running.\n\n[How]\nCancel the delayed work when destroying workqueue.\n\n(cherry picked from commit 725a04ba5a95e89c89633d4322430cfbca7ce128)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21968",
"url": "https://www.suse.com/security/cve/CVE-2025-21968"
},
{
"category": "external",
"summary": "SUSE Bug 1240783 for CVE-2025-21968",
"url": "https://bugzilla.suse.com/1240783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21968"
},
{
"cve": "CVE-2025-21969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd\n\nAfter the hci sync command releases l2cap_conn, the hci receive data work\nqueue references the released l2cap_conn when sending to the upper layer.\nAdd hci dev lock to the hci receive data work queue to synchronize the two.\n\n[1]\nBUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\nRead of size 8 at addr ffff8880271a4000 by task kworker/u9:2/5837\n\nCPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:2 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci1 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n l2cap_build_cmd net/bluetooth/l2cap_core.c:2964 [inline]\n l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\n l2cap_sig_send_rej net/bluetooth/l2cap_core.c:5502 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5538 [inline]\n l2cap_recv_frame+0x221f/0x10db0 net/bluetooth/l2cap_core.c:6817\n hci_acldata_packet net/bluetooth/hci_core.c:3797 [inline]\n hci_rx_work+0x508/0xdb0 net/bluetooth/hci_core.c:4040\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 5837:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n l2cap_conn_add+0xa9/0x8e0 net/bluetooth/l2cap_core.c:6860\n l2cap_connect_cfm+0x115/0x1090 net/bluetooth/l2cap_core.c:7239\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_remote_features_evt+0x68e/0xac0 net/bluetooth/hci_event.c:3726\n hci_event_func net/bluetooth/hci_event.c:7473 [inline]\n hci_event_packet+0xac2/0x1540 net/bluetooth/hci_event.c:7525\n hci_rx_work+0x3f3/0xdb0 net/bluetooth/hci_core.c:4035\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nFreed by task 54:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n l2cap_connect_cfm+0xcc/0x1090 net/bluetooth/l2cap_core.c:7235\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_conn_failed+0x287/0x400 net/bluetooth/hci_conn.c:1266\n hci_abort_conn_sync+0x56c/0x11f0 net/bluetooth/hci_sync.c:5603\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21969",
"url": "https://www.suse.com/security/cve/CVE-2025-21969"
},
{
"category": "external",
"summary": "SUSE Bug 1240784 for CVE-2025-21969",
"url": "https://bugzilla.suse.com/1240784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21969"
},
{
"cve": "CVE-2025-21970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Bridge, fix the crash caused by LAG state check\n\nWhen removing LAG device from bridge, NETDEV_CHANGEUPPER event is\ntriggered. Driver finds the lower devices (PFs) to flush all the\noffloaded entries. And mlx5_lag_is_shared_fdb is checked, it returns\nfalse if one of PF is unloaded. In such case,\nmlx5_esw_bridge_lag_rep_get() and its caller return NULL, instead of\nthe alive PF, and the flush is skipped.\n\nBesides, the bridge fdb entry\u0027s lastuse is updated in mlx5 bridge\nevent handler. But this SWITCHDEV_FDB_ADD_TO_BRIDGE event can be\nignored in this case because the upper interface for bond is deleted,\nand the entry will never be aged because lastuse is never updated.\n\nTo make things worse, as the entry is alive, mlx5 bridge workqueue\nkeeps sending that event, which is then handled by kernel bridge\nnotifier. It causes the following crash when accessing the passed bond\nnetdev which is already destroyed.\n\nTo fix this issue, remove such checks. LAG state is already checked in\ncommit 15f8f168952f (\"net/mlx5: Bridge, verify LAG state when adding\nbond to bridge\"), driver still need to skip offload if LAG becomes\ninvalid state after initialization.\n\n Oops: stack segment: 0000 [#1] SMP\n CPU: 3 UID: 0 PID: 23695 Comm: kworker/u40:3 Tainted: G OE 6.11.0_mlnx #1\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: mlx5_bridge_wq mlx5_esw_bridge_update_work [mlx5_core]\n RIP: 0010:br_switchdev_event+0x2c/0x110 [bridge]\n Code: 44 00 00 48 8b 02 48 f7 00 00 02 00 00 74 69 41 54 55 53 48 83 ec 08 48 8b a8 08 01 00 00 48 85 ed 74 4a 48 83 fe 02 48 89 d3 \u003c4c\u003e 8b 65 00 74 23 76 49 48 83 fe 05 74 7e 48 83 fe 06 75 2f 0f b7\n RSP: 0018:ffffc900092cfda0 EFLAGS: 00010297\n RAX: ffff888123bfe000 RBX: ffffc900092cfe08 RCX: 00000000ffffffff\n RDX: ffffc900092cfe08 RSI: 0000000000000001 RDI: ffffffffa0c585f0\n RBP: 6669746f6e690a30 R08: 0000000000000000 R09: ffff888123ae92c8\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888123ae9c60\n R13: 0000000000000001 R14: ffffc900092cfe08 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff88852c980000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f15914c8734 CR3: 0000000002830005 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0x1a/0x60\n ? die+0x38/0x60\n ? do_trap+0x10b/0x120\n ? do_error_trap+0x64/0xa0\n ? exc_stack_segment+0x33/0x50\n ? asm_exc_stack_segment+0x22/0x30\n ? br_switchdev_event+0x2c/0x110 [bridge]\n ? sched_balance_newidle.isra.149+0x248/0x390\n notifier_call_chain+0x4b/0xa0\n atomic_notifier_call_chain+0x16/0x20\n mlx5_esw_bridge_update+0xec/0x170 [mlx5_core]\n mlx5_esw_bridge_update_work+0x19/0x40 [mlx5_core]\n process_scheduled_works+0x81/0x390\n worker_thread+0x106/0x250\n ? bh_worker+0x110/0x110\n kthread+0xb7/0xe0\n ? kthread_park+0x80/0x80\n ret_from_fork+0x2d/0x50\n ? kthread_park+0x80/0x80\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21970",
"url": "https://www.suse.com/security/cve/CVE-2025-21970"
},
{
"category": "external",
"summary": "SUSE Bug 1240819 for CVE-2025-21970",
"url": "https://bugzilla.suse.com/1240819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21970"
},
{
"cve": "CVE-2025-21971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Prevent creation of classes with TC_H_ROOT\n\nThe function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination\ncondition when traversing up the qdisc tree to update parent backlog\ncounters. However, if a class is created with classid TC_H_ROOT, the\ntraversal terminates prematurely at this class instead of reaching the\nactual root qdisc, causing parent statistics to be incorrectly maintained.\nIn case of DRR, this could lead to a crash as reported by Mingi Cho.\n\nPrevent the creation of any Qdisc class with classid TC_H_ROOT\n(0xFFFFFFFF) across all qdisc types, as suggested by Jamal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21971",
"url": "https://www.suse.com/security/cve/CVE-2025-21971"
},
{
"category": "external",
"summary": "SUSE Bug 1240799 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "external",
"summary": "SUSE Bug 1245794 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1245794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "important"
}
],
"title": "CVE-2025-21971"
},
{
"cve": "CVE-2025-21972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: unshare packets when reassembling\n\nEnsure that the frag_list used for reassembly isn\u0027t shared with other\npackets. This avoids incorrect reassembly when packets are cloned, and\nprevents a memory leak due to circular references between fragments and\ntheir skb_shared_info.\n\nThe upcoming MCTP-over-USB driver uses skb_clone which can trigger the\nproblem - other MCTP drivers don\u0027t share SKBs.\n\nA kunit test is added to reproduce the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21972",
"url": "https://www.suse.com/security/cve/CVE-2025-21972"
},
{
"category": "external",
"summary": "SUSE Bug 1240813 for CVE-2025-21972",
"url": "https://bugzilla.suse.com/1240813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21972"
},
{
"cve": "CVE-2025-21975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: handle errors in mlx5_chains_create_table()\n\nIn mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns()\nand mlx5_get_flow_namespace() must be checked to prevent NULL pointer\ndereferences. If either function fails, the function should log error\nmessage with mlx5_core_warn() and return error pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21975",
"url": "https://www.suse.com/security/cve/CVE-2025-21975"
},
{
"category": "external",
"summary": "SUSE Bug 1240812 for CVE-2025-21975",
"url": "https://bugzilla.suse.com/1240812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21975"
},
{
"cve": "CVE-2025-21978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/hyperv: Fix address space leak when Hyper-V DRM device is removed\n\nWhen a Hyper-V DRM device is probed, the driver allocates MMIO space for\nthe vram, and maps it cacheable. If the device removed, or in the error\npath for device probing, the MMIO space is released but no unmap is done.\nConsequently the kernel address space for the mapping is leaked.\n\nFix this by adding iounmap() calls in the device removal path, and in the\nerror path during device probing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21978",
"url": "https://www.suse.com/security/cve/CVE-2025-21978"
},
{
"category": "external",
"summary": "SUSE Bug 1240806 for CVE-2025-21978",
"url": "https://bugzilla.suse.com/1240806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21978"
},
{
"cve": "CVE-2025-21979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: cancel wiphy_work before freeing wiphy\n\nA wiphy_work can be queued from the moment the wiphy is allocated and\ninitialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the\nrdev::wiphy_work is getting queued.\n\nIf wiphy_free is called before the rdev::wiphy_work had a chance to run,\nthe wiphy memory will be freed, and then when it eventally gets to run\nit\u0027ll use invalid memory.\n\nFix this by canceling the work before freeing the wiphy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21979",
"url": "https://www.suse.com/security/cve/CVE-2025-21979"
},
{
"category": "external",
"summary": "SUSE Bug 1240808 for CVE-2025-21979",
"url": "https://bugzilla.suse.com/1240808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21979"
},
{
"cve": "CVE-2025-21981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory leak in aRFS after reset\n\nFix aRFS (accelerated Receive Flow Steering) structures memory leak by\nadding a checker to verify if aRFS memory is already allocated while\nconfiguring VSI. aRFS objects are allocated in two cases:\n- as part of VSI initialization (at probe), and\n- as part of reset handling\n\nHowever, VSI reconfiguration executed during reset involves memory\nallocation one more time, without prior releasing already allocated\nresources. This led to the memory leak with the following signature:\n\n[root@os-delivery ~]# cat /sys/kernel/debug/kmemleak\nunreferenced object 0xff3c1ca7252e6000 (size 8192):\n comm \"kworker/0:0\", pid 8, jiffies 4296833052\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 0):\n [\u003cffffffff991ec485\u003e] __kmalloc_cache_noprof+0x275/0x340\n [\u003cffffffffc0a6e06a\u003e] ice_init_arfs+0x3a/0xe0 [ice]\n [\u003cffffffffc09f1027\u003e] ice_vsi_cfg_def+0x607/0x850 [ice]\n [\u003cffffffffc09f244b\u003e] ice_vsi_setup+0x5b/0x130 [ice]\n [\u003cffffffffc09c2131\u003e] ice_init+0x1c1/0x460 [ice]\n [\u003cffffffffc09c64af\u003e] ice_probe+0x2af/0x520 [ice]\n [\u003cffffffff994fbcd3\u003e] local_pci_probe+0x43/0xa0\n [\u003cffffffff98f07103\u003e] work_for_cpu_fn+0x13/0x20\n [\u003cffffffff98f0b6d9\u003e] process_one_work+0x179/0x390\n [\u003cffffffff98f0c1e9\u003e] worker_thread+0x239/0x340\n [\u003cffffffff98f14abc\u003e] kthread+0xcc/0x100\n [\u003cffffffff98e45a6d\u003e] ret_from_fork+0x2d/0x50\n [\u003cffffffff98e083ba\u003e] ret_from_fork_asm+0x1a/0x30\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21981",
"url": "https://www.suse.com/security/cve/CVE-2025-21981"
},
{
"category": "external",
"summary": "SUSE Bug 1240612 for CVE-2025-21981",
"url": "https://bugzilla.suse.com/1240612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21981"
},
{
"cve": "CVE-2025-21991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes\n\nCurrently, load_microcode_amd() iterates over all NUMA nodes, retrieves their\nCPU masks and unconditionally accesses per-CPU data for the first CPU of each\nmask.\n\nAccording to Documentation/admin-guide/mm/numaperf.rst:\n\n \"Some memory may share the same node as a CPU, and others are provided as\n memory only nodes.\"\n\nTherefore, some node CPU masks may be empty and wouldn\u0027t have a \"first CPU\".\n\nOn a machine with far memory (and therefore CPU-less NUMA nodes):\n- cpumask_of_node(nid) is 0\n- cpumask_first(0) is CONFIG_NR_CPUS\n- cpu_data(CONFIG_NR_CPUS) accesses the cpu_info per-CPU array at an\n index that is 1 out of bounds\n\nThis does not have any security implications since flashing microcode is\na privileged operation but I believe this has reliability implications by\npotentially corrupting memory while flashing a microcode update.\n\nWhen booting with CONFIG_UBSAN_BOUNDS=y on an AMD machine that flashes\na microcode update. I get the following splat:\n\n UBSAN: array-index-out-of-bounds in arch/x86/kernel/cpu/microcode/amd.c:X:Y\n index 512 is out of range for type \u0027unsigned long[512]\u0027\n [...]\n Call Trace:\n dump_stack\n __ubsan_handle_out_of_bounds\n load_microcode_amd\n request_microcode_amd\n reload_store\n kernfs_fop_write_iter\n vfs_write\n ksys_write\n do_syscall_64\n entry_SYSCALL_64_after_hwframe\n\nChange the loop to go over only NUMA nodes which have CPUs before determining\nwhether the first CPU on the respective node needs microcode update.\n\n [ bp: Massage commit message, fix typo. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21991",
"url": "https://www.suse.com/security/cve/CVE-2025-21991"
},
{
"category": "external",
"summary": "SUSE Bug 1240795 for CVE-2025-21991",
"url": "https://bugzilla.suse.com/1240795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21991"
},
{
"cve": "CVE-2025-21992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: ignore non-functional sensor in HP 5MP Camera\n\nThe HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that\nis not actually implemented. Attempting to access this non-functional\nsensor via iio_info causes system hangs as runtime PM tries to wake up\nan unresponsive sensor.\n\n [453] hid-sensor-hub 0003:0408:5473.0003: Report latency attributes: ffffffff:ffffffff\n [453] hid-sensor-hub 0003:0408:5473.0003: common attributes: 5:1, 2:1, 3:1 ffffffff:ffffffff\n\nAdd this device to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21992",
"url": "https://www.suse.com/security/cve/CVE-2025-21992"
},
{
"category": "external",
"summary": "SUSE Bug 1240796 for CVE-2025-21992",
"url": "https://bugzilla.suse.com/1240796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21992"
},
{
"cve": "CVE-2025-21993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21993",
"url": "https://www.suse.com/security/cve/CVE-2025-21993"
},
{
"category": "external",
"summary": "SUSE Bug 1240797 for CVE-2025-21993",
"url": "https://bugzilla.suse.com/1240797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21993"
},
{
"cve": "CVE-2025-21995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Fix fence reference count leak\n\nThe last_scheduled fence leaks when an entity is being killed and adding\nthe cleanup callback fails.\n\nDecrement the reference count of prev when dma_fence_add_callback()\nfails, ensuring proper balance.\n\n[phasta: add git tag info for stable kernel]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21995",
"url": "https://www.suse.com/security/cve/CVE-2025-21995"
},
{
"category": "external",
"summary": "SUSE Bug 1240821 for CVE-2025-21995",
"url": "https://bugzilla.suse.com/1240821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21995"
},
{
"cve": "CVE-2025-21996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()\n\nOn the off chance that command stream passed from userspace via\nioctl() call to radeon_vce_cs_parse() is weirdly crafted and\nfirst command to execute is to encode (case 0x03000001), the function\nin question will attempt to call radeon_vce_cs_reloc() with size\nargument that has not been properly initialized. Specifically, \u0027size\u0027\nwill point to \u0027tmp\u0027 variable before the latter had a chance to be\nassigned any value.\n\nPlay it safe and init \u0027tmp\u0027 with 0, thus ensuring that\nradeon_vce_cs_reloc() will catch an early error in cases like these.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.\n\n(cherry picked from commit 2d52de55f9ee7aaee0e09ac443f77855989c6b68)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21996",
"url": "https://www.suse.com/security/cve/CVE-2025-21996"
},
{
"category": "external",
"summary": "SUSE Bug 1240801 for CVE-2025-21996",
"url": "https://bugzilla.suse.com/1240801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-21996"
},
{
"cve": "CVE-2025-22001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix integer overflow in qaic_validate_req()\n\nThese are u64 variables that come from the user via\nqaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that\nthe math doesn\u0027t have an integer wrapping bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22001",
"url": "https://www.suse.com/security/cve/CVE-2025-22001"
},
{
"category": "external",
"summary": "SUSE Bug 1240873 for CVE-2025-22001",
"url": "https://bugzilla.suse.com/1240873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22001"
},
{
"cve": "CVE-2025-22003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ucan: fix out of bound read in strscpy() source\n\nCommit 7fdaf8966aae (\"can: ucan: use strscpy() to instead of strncpy()\")\nunintentionally introduced a one byte out of bound read on strscpy()\u0027s\nsource argument (which is kind of ironic knowing that strscpy() is meant\nto be a more secure alternative :)).\n\nLet\u0027s consider below buffers:\n\n dest[len + 1]; /* will be NUL terminated */\n src[len]; /* may not be NUL terminated */\n\nWhen doing:\n\n strncpy(dest, src, len);\n dest[len] = \u0027\\0\u0027;\n\nstrncpy() will read up to len bytes from src.\n\nOn the other hand:\n\n strscpy(dest, src, len + 1);\n\nwill read up to len + 1 bytes from src, that is to say, an out of bound\nread of one byte will occur on src if it is not NUL terminated. Note\nthat the src[len] byte is never copied, but strscpy() still needs to\nread it to check whether a truncation occurred or not.\n\nThis exact pattern happened in ucan.\n\nThe root cause is that the source is not NUL terminated. Instead of\ndoing a copy in a local buffer, directly NUL terminate it as soon as\nusb_control_msg() returns. With this, the local firmware_str[] variable\ncan be removed.\n\nOn top of this do a couple refactors:\n\n - ucan_ctl_payload-\u003eraw is only used for the firmware string, so\n rename it to ucan_ctl_payload-\u003efw_str and change its type from u8 to\n char.\n\n - ucan_device_request_in() is only used to retrieve the firmware\n string, so rename it to ucan_get_fw_str() and refactor it to make it\n directly handle all the string termination logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22003",
"url": "https://www.suse.com/security/cve/CVE-2025-22003"
},
{
"category": "external",
"summary": "SUSE Bug 1240825 for CVE-2025-22003",
"url": "https://bugzilla.suse.com/1240825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22003"
},
{
"cve": "CVE-2025-22007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix error code in chan_alloc_skb_cb()\n\nThe chan_alloc_skb_cb() function is supposed to return error pointers on\nerror. Returning NULL will lead to a NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22007",
"url": "https://www.suse.com/security/cve/CVE-2025-22007"
},
{
"category": "external",
"summary": "SUSE Bug 1240829 for CVE-2025-22007",
"url": "https://bugzilla.suse.com/1240829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22007"
},
{
"cve": "CVE-2025-22008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: check that dummy regulator has been probed before using it\n\nDue to asynchronous driver probing there is a chance that the dummy\nregulator hasn\u0027t already been probed when first accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22008",
"url": "https://www.suse.com/security/cve/CVE-2025-22008"
},
{
"category": "external",
"summary": "SUSE Bug 1240942 for CVE-2025-22008",
"url": "https://bugzilla.suse.com/1240942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22008"
},
{
"cve": "CVE-2025-22009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: dummy: force synchronous probing\n\nSometimes I get a NULL pointer dereference at boot time in kobject_get()\nwith the following call stack:\n\nanatop_regulator_probe()\n devm_regulator_register()\n regulator_register()\n regulator_resolve_supply()\n kobject_get()\n\nBy placing some extra BUG_ON() statements I could verify that this is\nraised because probing of the \u0027dummy\u0027 regulator driver is not completed\n(\u0027dummy_regulator_rdev\u0027 is still NULL).\n\nIn the JTAG debugger I can see that dummy_regulator_probe() and\nanatop_regulator_probe() can be run by different kernel threads\n(kworker/u4:*). I haven\u0027t further investigated whether this can be\nchanged or if there are other possibilities to force synchronization\nbetween these two probe routines. On the other hand I don\u0027t expect much\nboot time penalty by probing the \u0027dummy\u0027 regulator synchronously.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22009",
"url": "https://www.suse.com/security/cve/CVE-2025-22009"
},
{
"category": "external",
"summary": "SUSE Bug 1240940 for CVE-2025-22009",
"url": "https://bugzilla.suse.com/1240940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22009"
},
{
"cve": "CVE-2025-22010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup during bt pages loop\n\nDriver runs a for-loop when allocating bt pages and mapping them with\nbuffer pages. When a large buffer (e.g. MR over 100GB) is being allocated,\nit may require a considerable loop count. This will lead to soft lockup:\n\n watchdog: BUG: soft lockup - CPU#27 stuck for 22s!\n ...\n Call trace:\n hem_list_alloc_mid_bt+0x124/0x394 [hns_roce_hw_v2]\n hns_roce_hem_list_request+0xf8/0x160 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x2e4/0x360 [hns_roce_hw_v2]\n alloc_mr_pbl+0xd4/0x17c [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0xf8/0x190 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x118/0x290\n\n watchdog: BUG: soft lockup - CPU#35 stuck for 23s!\n ...\n Call trace:\n hns_roce_hem_list_find_mtt+0x7c/0xb0 [hns_roce_hw_v2]\n mtr_map_bufs+0xc4/0x204 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x31c/0x3c4 [hns_roce_hw_v2]\n alloc_mr_pbl+0xb0/0x160 [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0x108/0x1c0 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x120/0x2bc\n\nAdd a cond_resched() to fix soft lockup during these loops. In order not\nto affect the allocation performance of normal-size buffer, set the loop\ncount of a 100GB MR as the threshold to call cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22010",
"url": "https://www.suse.com/security/cve/CVE-2025-22010"
},
{
"category": "external",
"summary": "SUSE Bug 1240943 for CVE-2025-22010",
"url": "https://bugzilla.suse.com/1240943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22010"
},
{
"cve": "CVE-2025-22013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state\n\nThere are several problems with the way hyp code lazily saves the host\u0027s\nFPSIMD/SVE state, including:\n\n* Host SVE being discarded unexpectedly due to inconsistent\n configuration of TIF_SVE and CPACR_ELx.ZEN. This has been seen to\n result in QEMU crashes where SVE is used by memmove(), as reported by\n Eric Auger:\n\n https://issues.redhat.com/browse/RHEL-68997\n\n* Host SVE state is discarded *after* modification by ptrace, which was an\n unintentional ptrace ABI change introduced with lazy discarding of SVE state.\n\n* The host FPMR value can be discarded when running a non-protected VM,\n where FPMR support is not exposed to a VM, and that VM uses\n FPSIMD/SVE. In these cases the hyp code does not save the host\u0027s FPMR\n before unbinding the host\u0027s FPSIMD/SVE/SME state, leaving a stale\n value in memory.\n\nAvoid these by eagerly saving and \"flushing\" the host\u0027s FPSIMD/SVE/SME\nstate when loading a vCPU such that KVM does not need to save any of the\nhost\u0027s FPSIMD/SVE/SME state. For clarity, fpsimd_kvm_prepare() is\nremoved and the necessary call to fpsimd_save_and_flush_cpu_state() is\nplaced in kvm_arch_vcpu_load_fp(). As \u0027fpsimd_state\u0027 and \u0027fpmr_ptr\u0027\nshould not be used, they are set to NULL; all uses of these will be\nremoved in subsequent patches.\n\nHistorical problems go back at least as far as v5.17, e.g. erroneous\nassumptions about TIF_SVE being clear in commit:\n\n 8383741ab2e773a9 (\"KVM: arm64: Get rid of host SVE tracking/saving\")\n\n... and so this eager save+flush probably needs to be backported to ALL\nstable trees.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22013",
"url": "https://www.suse.com/security/cve/CVE-2025-22013"
},
{
"category": "external",
"summary": "SUSE Bug 1240938 for CVE-2025-22013",
"url": "https://bugzilla.suse.com/1240938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22013"
},
{
"cve": "CVE-2025-22014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pdr: Fix the potential deadlock\n\nWhen some client process A call pdr_add_lookup() to add the look up for\nthe service and does schedule locator work, later a process B got a new\nserver packet indicating locator is up and call pdr_locator_new_server()\nwhich eventually sets pdr-\u003elocator_init_complete to true which process A\nsees and takes list lock and queries domain list but it will timeout due\nto deadlock as the response will queued to the same qmi-\u003ewq and it is\nordered workqueue and process B is not able to complete new server\nrequest work due to deadlock on list lock.\n\nFix it by removing the unnecessary list iteration as the list iteration\nis already being done inside locator work, so avoid it here and just\ncall schedule_work() here.\n\n Process A Process B\n\n process_scheduled_works()\npdr_add_lookup() qmi_data_ready_work()\n process_scheduled_works() pdr_locator_new_server()\n pdr-\u003elocator_init_complete=true;\n pdr_locator_work()\n mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_locate_service() mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_get_domain_list()\n pr_err(\"PDR: %s get domain list\n txn wait failed: %d\\n\",\n req-\u003eservice_name,\n ret);\n\nTimeout error log due to deadlock:\n\n\"\n PDR: tms/servreg get domain list txn wait failed: -110\n PDR: service lookup for msm/adsp/sensor_pd:tms/servreg failed: -110\n\"\n\nThanks to Bjorn and Johan for letting me know that this commit also fixes\nan audio regression when using the in-kernel pd-mapper as that makes it\neasier to hit this race. [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22014",
"url": "https://www.suse.com/security/cve/CVE-2025-22014"
},
{
"category": "external",
"summary": "SUSE Bug 1240937 for CVE-2025-22014",
"url": "https://bugzilla.suse.com/1240937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-22014"
},
{
"cve": "CVE-2025-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2312"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host\u0027s Kerberos credentials cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2312",
"url": "https://www.suse.com/security/cve/CVE-2025-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1239680 for CVE-2025-2312",
"url": "https://bugzilla.suse.com/1239680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-28.1.21.6.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-28.1.x86_64",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.s390x",
"SUSE Linux Micro 6.0:kernel-livepatch-6_4_0-28-default-1-3.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-28.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-17T14:37:10Z",
"details": "moderate"
}
],
"title": "CVE-2025-2312"
}
]
}
SUSE-SU-2025:1178-1
Vulnerability from csaf_suse - Published: 2025-04-08 16:32 - Updated: 2025-04-08 16:32Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56638: kABI fix for 'netfilter: nft_inner: incorrect percpu area handling under softirq' (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
The following non-security bugs were fixed:
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acpi: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- acpi: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- alsa: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- alsa: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- alsa: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- alsa: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- alsa: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- alsa: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- alsa: hda/realtek: Always honor no_shutup_pins (git-fixes).
- alsa: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- alsa: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- alsa: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- alsa: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- alsa: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- alsa: hda/realtek: update ALC222 depop optimize (stable-fixes).
- alsa: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- alsa: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- alsa: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- alsa: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- alsa: usx2y: validate nrpacks module parameter on probe (git-fixes).
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- asoc: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- asoc: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- asoc: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- asoc: cs35l41: check the return value from spi_setup() (git-fixes).
- asoc: ops: Consistently treat platform_max as control value (git-fixes).
- asoc: rt722-sdca: add missing readable registers (git-fixes).
- asoc: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- asoc: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- asoc: tas2764: Fix power control mask (stable-fixes).
- asoc: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- asoc: tas2770: Fix volume scale (stable-fixes).
- asoc: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix 'Full Going True' macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - Fix spelling mistake 'Invalide' -> 'Invalid' (jsc#PED-12416).
- crypto: qat - Fix typo 'accelaration' (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes). mwilck: some hand editing because d95e2c34a3ca ('dm verity: Fix IO priority lost when reading FEC and hash') is missing
- dm: Fix typo in error message (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- documentation: qat: fix auto_reset attribute details (git-fixes).
- documentation: qat: fix auto_reset section (git-fixes).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake 'gettin' -> 'getting' (git-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- dummycon: fix default rows/cols (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- hid: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- hid: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- hid: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- hid: Enable playstation driver independently of sony driver (git-fixes).
- hid: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- hid: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- hid: hid-steam: Fix use-after-free when detaching device (git-fixes).
- hid: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- hid: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- hid: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- hid: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- hid: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- hid: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- hid: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- ib/mad: Check available slots before posting receive WRs (git-fixes)
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- init: add initramfs_internal.h (bsc#1232848).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- input: ads7846 - fix gpiod allocation (git-fixes).
- input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- input: iqs7222 - preserve system status register (git-fixes).
- input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- input: xpad - add multiple supported devices (stable-fixes).
- input: xpad - add support for TECNO Pocket Go (stable-fixes).
- input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- input: xpad - rename QH controller to Legion Go S (stable-fixes).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: '__ALIGN_KERNEL' redefined (git-fixes). Fix tools/ build breakage introduced by suse commit 3d6cb93162fd 'bitmap: introduce generic optimized bitmap_size() (git-fixes)'
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- net l2tp: drop flow hash on forward (git-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).
- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).
- padata: fix sysfs store callback check (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- pci: Avoid reset when disabled via sysfs (git-fixes).
- pci: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- pci: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- pci: brcmstb: Fix potential premature regulator disabling (git-fixes).
- pci: brcmstb: Set generation limit before PCIe link up (git-fixes).
- pci: brcmstb: Use internal register to change link capability (git-fixes).
- pci: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- pci: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- pci: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- pci: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- pci: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- pci: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- pci/acs: Fix 'pci=config_acs=' parameter (git-fixes).
- pci/aspm: Fix link state exit during switch upstream function removal (git-fixes).
- pci/doe: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- pci/doe: Support discovery version 2 (bsc#1237853)
- pci/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- pm: sleep: Adjust check before setting power.must_resume (git-fixes).
- pm: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powerpc: Stop using no_llseek (bsc#1239573).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
- rdma/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- rdma/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- rdma/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- rdma/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- rdma/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- rdma/hns: Fix missing xa_destroy() (git-fixes)
- rdma/hns: Fix soft lockup during bt pages loop (git-fixes)
- rdma/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- rdma/hns: Fix wrong value of max_sge_rd (git-fixes)
- rdma/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- rdma/mlx5: Fix cache entry update on dereg error (git-fixes)
- rdma/mlx5: Fix calculation of total invalidated pages (git-fixes)
- rdma/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- rdma/mlx5: Fix MR cache initialization error flow (git-fixes)
- rdma/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- rdma/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- Reapply 'wifi: ath11k: restore country code during resume' (bsc#1207948).
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- Revert 'dm: requeue IO if mapping table not yet available' (git-fixes).
- Revert 'drivers/card_reader/rtsx_usb: Restore interrupt based detection' (git-fixes).
- Revert 'leds-pca955x: Remove the unused function pca95xx_num_led_regs()' (stable-fixes).
- Revert 'wifi: ath11k: restore country code during resume' (bsc#1207948).
- Revert 'wifi: ath11k: support hibernation' (bsc#1207948).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- sunrpc: convert RPC_TASK_* constants to enum (git-fixes).
- sunrpc: Handle -ETIMEDOUT return from tlshd (git-fixes).
- sunrpc: Prevent looping due to rpc_signal_task() races (git-fixes).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes). Fix tools/ build breakage introduced by suse commit 3d6cb93162fd 'bitmap: introduce generic optimized bitmap_size() (git-fixes)'
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- upstream: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- usb: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- usb: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- usb: serial: option: match on interface class for Telit FN990B (stable-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle 'nosmt' correctly (git-fixes).
- x86/microcode: Handle 'offline' CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
Patchnames
SUSE-2025-1178,SUSE-SLE-Module-Live-Patching-15-SP6-2025-1178,SUSE-SLE-Module-RT-15-SP6-2025-1178,openSUSE-SLE-15.6-2025-1178
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-49940: kABI fix for l2tp: prevent possible tunnel refcount underflow (bsc#1232812).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56638: kABI fix for \u0027netfilter: nft_inner: incorrect percpu area handling under softirq\u0027 (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56702: bpf: Add tracepoints with null-able arguments (bsc#1235501).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n\nThe following non-security bugs were fixed:\n\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acpi: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- acpi: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- af_unix: Annotate data-race of sk-\u003esk_state in unix_stream_read_skb() (bsc#1239435).\n- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- alsa: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- alsa: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).\n- alsa: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).\n- alsa: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).\n- alsa: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- alsa: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- alsa: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).\n- alsa: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- alsa: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).\n- alsa: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).\n- alsa: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- alsa: hda/realtek: update ALC222 depop optimize (stable-fixes).\n- alsa: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- alsa: seq: Avoid module auto-load handling at event delivery (stable-fixes).\n- alsa: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- alsa: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- alsa: usx2y: validate nrpacks module parameter on probe (git-fixes).\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- asoc: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- asoc: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- asoc: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- asoc: cs35l41: check the return value from spi_setup() (git-fixes).\n- asoc: ops: Consistently treat platform_max as control value (git-fixes).\n- asoc: rt722-sdca: add missing readable registers (git-fixes).\n- asoc: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- asoc: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- asoc: tas2764: Fix power control mask (stable-fixes).\n- asoc: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- asoc: tas2770: Fix volume scale (stable-fixes).\n- asoc: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- block: cleanup and fix batch completion adding conditions (git-fixes).\n- block: do not revert iter for -EIOCBQUEUED (git-fixes).\n- bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).\n- bpf: Fix a verifier verbose message (git-fixes).\n- bpf: prevent r10 register from being marked as precise (git-fixes).\n- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).\n- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdx: Fix possible UAF error in driver_override_show() (git-fixes).\n- char: misc: deallocate static minor in error path (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)\n- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)\n- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)\n- cpufreq/cppc: Move and rename (bsc#1237856)\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \u0027Full Going True\u0027 macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \u0027Invalide\u0027 -\u003e \u0027Invalid\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo \u0027accelaration\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes). mwilck: some hand editing because d95e2c34a3ca (\u0027dm verity: Fix IO priority lost when reading FEC and hash\u0027) is missing\n- dm: Fix typo in error message (git-fixes).\n- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).\n- documentation: qat: fix auto_reset attribute details (git-fixes).\n- documentation: qat: fix auto_reset section (git-fixes).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).\n- drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Fix HPD after gpu reset (stable-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \u0027gettin\u0027 -\u003e \u0027getting\u0027 (git-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Remove async regmap writes (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).\n- gpio: rcar: Fix missing of_node_put() call (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- hid: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- hid: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- hid: appleir: Fix potential NULL dereference at raw event handle (git-fixes).\n- hid: Enable playstation driver independently of sony driver (git-fixes).\n- hid: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).\n- hid: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- hid: hid-steam: Fix use-after-free when detaching device (git-fixes).\n- hid: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).\n- hid: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- hid: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- hid: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).\n- hid: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- hid: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- hid: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).\n- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).\n- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).\n- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- ib/mad: Check available slots before posting receive WRs (git-fixes)\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).\n- iio: dac: ad3552r: clear reset status flag (git-fixes).\n- iio: filter: admv8818: Force initialization of SDO (git-fixes).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- init: add initramfs_internal.h (bsc#1232848).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- input: ads7846 - fix gpiod allocation (git-fixes).\n- input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- input: iqs7222 - preserve system status register (git-fixes).\n- input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- input: xpad - add multiple supported devices (stable-fixes).\n- input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).\n- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).\n- l2tp: fix lockdep splat (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- memblock tests: fix warning: \u0027__ALIGN_KERNEL\u0027 redefined (git-fixes). Fix tools/ build breakage introduced by suse commit 3d6cb93162fd \u0027bitmap: introduce generic optimized bitmap_size() (git-fixes)\u0027\n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- Move upstreamed nfsd and sunrpc patches into sorted section\n- Move upstreamed PCI and initramfs patches into sorted section\n- Move upstreamed powerpc and SCSI patches into sorted section\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- net l2tp: drop flow hash on forward (git-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- nfsd: clear acl_access/acl_default after releasing them (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649). \n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- orangefs: fix a oob in orangefs_debug_write (git-fixes).\n- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).\n- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251). \n- padata: fix sysfs store callback check (git-fixes).\n- partitions: mac: fix handling of bogus partition table (git-fixes).\n- pci: Avoid reset when disabled via sysfs (git-fixes).\n- pci: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- pci: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- pci: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- pci: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- pci: brcmstb: Use internal register to change link capability (git-fixes).\n- pci: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- pci: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- pci: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- pci: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- pci: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- pci: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- pci/acs: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- pci/aspm: Fix link state exit during switch upstream function removal (git-fixes).\n- pci/doe: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)\n- pci/doe: Support discovery version 2 (bsc#1237853)\n- pci/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- pm: sleep: Adjust check before setting power.must_resume (git-fixes).\n- pm: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).\n- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).\n- rapidio: fix an API misues when rio_add_net() fails (git-fixes).\n- ras: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). \n- rdma/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- rdma/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- rdma/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- rdma/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- rdma/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- rdma/hns: Fix missing xa_destroy() (git-fixes)\n- rdma/hns: Fix soft lockup during bt pages loop (git-fixes)\n- rdma/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- rdma/hns: Fix wrong value of max_sge_rd (git-fixes)\n- rdma/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- rdma/mlx5: Fix cache entry update on dereg error (git-fixes)\n- rdma/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- rdma/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- rdma/mlx5: Fix MR cache initialization error flow (git-fixes)\n- rdma/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- rdma/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- Reapply \u0027wifi: ath11k: restore country code during resume\u0027 (bsc#1207948).\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- Revert \u0027dm: requeue IO if mapping table not yet available\u0027 (git-fixes).\n- Revert \u0027drivers/card_reader/rtsx_usb: Restore interrupt based detection\u0027 (git-fixes).\n- Revert \u0027leds-pca955x: Remove the unused function pca95xx_num_led_regs()\u0027 (stable-fixes).\n- Revert \u0027wifi: ath11k: restore country code during resume\u0027 (bsc#1207948).\n- Revert \u0027wifi: ath11k: support hibernation\u0027 (bsc#1207948).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986) sle_version was obsoleted for SLE16. It has to be combined with suse_version check.\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).\n- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).\n- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).\n- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- sunrpc: convert RPC_TASK_* constants to enum (git-fixes).\n- sunrpc: Handle -ETIMEDOUT return from tlshd (git-fixes).\n- sunrpc: Prevent looping due to rpc_signal_task() races (git-fixes).\n- sunrpc: suppress warnings for unused procfs functions (git-fixes).\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tcp: Update window clamping condition (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- tools: move alignment-related macros to new \u0026lt;linux/align.h\u003e (git-fixes). Fix tools/ build breakage introduced by suse commit 3d6cb93162fd \u0027bitmap: introduce generic optimized bitmap_size() (git-fixes)\u0027\n- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- upstream: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (git-fixes).\n- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).\n- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).\n- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).\n- usb: gadget: Fix setting self-powered state on suspend (git-fixes).\n- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).\n- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).\n- usb: hub: lack of clearing xHC resources (git-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: renesas_usbhs: Call clk_put() (git-fixes).\n- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).\n- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).\n- usb: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- usb: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- usb: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- usb: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).\n- usb: typec: ucsi: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \u0027nosmt\u0027 correctly (git-fixes).\n- x86/microcode: Handle \u0027offline\u0027 CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1178,SUSE-SLE-Module-Live-Patching-15-SP6-2025-1178,SUSE-SLE-Module-RT-15-SP6-2025-1178,openSUSE-SLE-15.6-2025-1178",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_1178-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:1178-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20251178-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:1178-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020674.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215211",
"url": "https://bugzilla.suse.com/1215211"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1221651",
"url": "https://bugzilla.suse.com/1221651"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1223047",
"url": "https://bugzilla.suse.com/1223047"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224610",
"url": "https://bugzilla.suse.com/1224610"
},
{
"category": "self",
"summary": "SUSE Bug 1225533",
"url": "https://bugzilla.suse.com/1225533"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1228653",
"url": "https://bugzilla.suse.com/1228653"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1229361",
"url": "https://bugzilla.suse.com/1229361"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230728",
"url": "https://bugzilla.suse.com/1230728"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1230832",
"url": "https://bugzilla.suse.com/1230832"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231432",
"url": "https://bugzilla.suse.com/1231432"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232421",
"url": "https://bugzilla.suse.com/1232421"
},
{
"category": "self",
"summary": "SUSE Bug 1232743",
"url": "https://bugzilla.suse.com/1232743"
},
{
"category": "self",
"summary": "SUSE Bug 1232812",
"url": "https://bugzilla.suse.com/1232812"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1233033",
"url": "https://bugzilla.suse.com/1233033"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233259",
"url": "https://bugzilla.suse.com/1233259"
},
{
"category": "self",
"summary": "SUSE Bug 1233260",
"url": "https://bugzilla.suse.com/1233260"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233749",
"url": "https://bugzilla.suse.com/1233749"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235698",
"url": "https://bugzilla.suse.com/1235698"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235761",
"url": "https://bugzilla.suse.com/1235761"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236099",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236692",
"url": "https://bugzilla.suse.com/1236692"
},
{
"category": "self",
"summary": "SUSE Bug 1237029",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237558",
"url": "https://bugzilla.suse.com/1237558"
},
{
"category": "self",
"summary": "SUSE Bug 1237562",
"url": "https://bugzilla.suse.com/1237562"
},
{
"category": "self",
"summary": "SUSE Bug 1237565",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "self",
"summary": "SUSE Bug 1237571",
"url": "https://bugzilla.suse.com/1237571"
},
{
"category": "self",
"summary": "SUSE Bug 1237853",
"url": "https://bugzilla.suse.com/1237853"
},
{
"category": "self",
"summary": "SUSE Bug 1237856",
"url": "https://bugzilla.suse.com/1237856"
},
{
"category": "self",
"summary": "SUSE Bug 1237873",
"url": "https://bugzilla.suse.com/1237873"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237876",
"url": "https://bugzilla.suse.com/1237876"
},
{
"category": "self",
"summary": "SUSE Bug 1237877",
"url": "https://bugzilla.suse.com/1237877"
},
{
"category": "self",
"summary": "SUSE Bug 1237881",
"url": "https://bugzilla.suse.com/1237881"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237890",
"url": "https://bugzilla.suse.com/1237890"
},
{
"category": "self",
"summary": "SUSE Bug 1237894",
"url": "https://bugzilla.suse.com/1237894"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237900",
"url": "https://bugzilla.suse.com/1237900"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1237907",
"url": "https://bugzilla.suse.com/1237907"
},
{
"category": "self",
"summary": "SUSE Bug 1237911",
"url": "https://bugzilla.suse.com/1237911"
},
{
"category": "self",
"summary": "SUSE Bug 1237912",
"url": "https://bugzilla.suse.com/1237912"
},
{
"category": "self",
"summary": "SUSE Bug 1237950",
"url": "https://bugzilla.suse.com/1237950"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238474",
"url": "https://bugzilla.suse.com/1238474"
},
{
"category": "self",
"summary": "SUSE Bug 1238475",
"url": "https://bugzilla.suse.com/1238475"
},
{
"category": "self",
"summary": "SUSE Bug 1238479",
"url": "https://bugzilla.suse.com/1238479"
},
{
"category": "self",
"summary": "SUSE Bug 1238494",
"url": "https://bugzilla.suse.com/1238494"
},
{
"category": "self",
"summary": "SUSE Bug 1238496",
"url": "https://bugzilla.suse.com/1238496"
},
{
"category": "self",
"summary": "SUSE Bug 1238497",
"url": "https://bugzilla.suse.com/1238497"
},
{
"category": "self",
"summary": "SUSE Bug 1238500",
"url": "https://bugzilla.suse.com/1238500"
},
{
"category": "self",
"summary": "SUSE Bug 1238501",
"url": "https://bugzilla.suse.com/1238501"
},
{
"category": "self",
"summary": "SUSE Bug 1238502",
"url": "https://bugzilla.suse.com/1238502"
},
{
"category": "self",
"summary": "SUSE Bug 1238503",
"url": "https://bugzilla.suse.com/1238503"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238507",
"url": "https://bugzilla.suse.com/1238507"
},
{
"category": "self",
"summary": "SUSE Bug 1238510",
"url": "https://bugzilla.suse.com/1238510"
},
{
"category": "self",
"summary": "SUSE Bug 1238511",
"url": "https://bugzilla.suse.com/1238511"
},
{
"category": "self",
"summary": "SUSE Bug 1238512",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "self",
"summary": "SUSE Bug 1238521",
"url": "https://bugzilla.suse.com/1238521"
},
{
"category": "self",
"summary": "SUSE Bug 1238523",
"url": "https://bugzilla.suse.com/1238523"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238529",
"url": "https://bugzilla.suse.com/1238529"
},
{
"category": "self",
"summary": "SUSE Bug 1238531",
"url": "https://bugzilla.suse.com/1238531"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238715",
"url": "https://bugzilla.suse.com/1238715"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238734",
"url": "https://bugzilla.suse.com/1238734"
},
{
"category": "self",
"summary": "SUSE Bug 1238735",
"url": "https://bugzilla.suse.com/1238735"
},
{
"category": "self",
"summary": "SUSE Bug 1238736",
"url": "https://bugzilla.suse.com/1238736"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238747",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238757",
"url": "https://bugzilla.suse.com/1238757"
},
{
"category": "self",
"summary": "SUSE Bug 1238760",
"url": "https://bugzilla.suse.com/1238760"
},
{
"category": "self",
"summary": "SUSE Bug 1238762",
"url": "https://bugzilla.suse.com/1238762"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238767",
"url": "https://bugzilla.suse.com/1238767"
},
{
"category": "self",
"summary": "SUSE Bug 1238768",
"url": "https://bugzilla.suse.com/1238768"
},
{
"category": "self",
"summary": "SUSE Bug 1238771",
"url": "https://bugzilla.suse.com/1238771"
},
{
"category": "self",
"summary": "SUSE Bug 1238772",
"url": "https://bugzilla.suse.com/1238772"
},
{
"category": "self",
"summary": "SUSE Bug 1238773",
"url": "https://bugzilla.suse.com/1238773"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238781",
"url": "https://bugzilla.suse.com/1238781"
},
{
"category": "self",
"summary": "SUSE Bug 1238785",
"url": "https://bugzilla.suse.com/1238785"
},
{
"category": "self",
"summary": "SUSE Bug 1238864",
"url": "https://bugzilla.suse.com/1238864"
},
{
"category": "self",
"summary": "SUSE Bug 1238865",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1238903",
"url": "https://bugzilla.suse.com/1238903"
},
{
"category": "self",
"summary": "SUSE Bug 1238904",
"url": "https://bugzilla.suse.com/1238904"
},
{
"category": "self",
"summary": "SUSE Bug 1238905",
"url": "https://bugzilla.suse.com/1238905"
},
{
"category": "self",
"summary": "SUSE Bug 1238909",
"url": "https://bugzilla.suse.com/1238909"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238917",
"url": "https://bugzilla.suse.com/1238917"
},
{
"category": "self",
"summary": "SUSE Bug 1238958",
"url": "https://bugzilla.suse.com/1238958"
},
{
"category": "self",
"summary": "SUSE Bug 1238959",
"url": "https://bugzilla.suse.com/1238959"
},
{
"category": "self",
"summary": "SUSE Bug 1238963",
"url": "https://bugzilla.suse.com/1238963"
},
{
"category": "self",
"summary": "SUSE Bug 1238964",
"url": "https://bugzilla.suse.com/1238964"
},
{
"category": "self",
"summary": "SUSE Bug 1238969",
"url": "https://bugzilla.suse.com/1238969"
},
{
"category": "self",
"summary": "SUSE Bug 1238971",
"url": "https://bugzilla.suse.com/1238971"
},
{
"category": "self",
"summary": "SUSE Bug 1238973",
"url": "https://bugzilla.suse.com/1238973"
},
{
"category": "self",
"summary": "SUSE Bug 1238975",
"url": "https://bugzilla.suse.com/1238975"
},
{
"category": "self",
"summary": "SUSE Bug 1238978",
"url": "https://bugzilla.suse.com/1238978"
},
{
"category": "self",
"summary": "SUSE Bug 1238979",
"url": "https://bugzilla.suse.com/1238979"
},
{
"category": "self",
"summary": "SUSE Bug 1238981",
"url": "https://bugzilla.suse.com/1238981"
},
{
"category": "self",
"summary": "SUSE Bug 1238984",
"url": "https://bugzilla.suse.com/1238984"
},
{
"category": "self",
"summary": "SUSE Bug 1238986",
"url": "https://bugzilla.suse.com/1238986"
},
{
"category": "self",
"summary": "SUSE Bug 1238993",
"url": "https://bugzilla.suse.com/1238993"
},
{
"category": "self",
"summary": "SUSE Bug 1238994",
"url": "https://bugzilla.suse.com/1238994"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239027",
"url": "https://bugzilla.suse.com/1239027"
},
{
"category": "self",
"summary": "SUSE Bug 1239029",
"url": "https://bugzilla.suse.com/1239029"
},
{
"category": "self",
"summary": "SUSE Bug 1239030",
"url": "https://bugzilla.suse.com/1239030"
},
{
"category": "self",
"summary": "SUSE Bug 1239033",
"url": "https://bugzilla.suse.com/1239033"
},
{
"category": "self",
"summary": "SUSE Bug 1239034",
"url": "https://bugzilla.suse.com/1239034"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239037",
"url": "https://bugzilla.suse.com/1239037"
},
{
"category": "self",
"summary": "SUSE Bug 1239038",
"url": "https://bugzilla.suse.com/1239038"
},
{
"category": "self",
"summary": "SUSE Bug 1239039",
"url": "https://bugzilla.suse.com/1239039"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239065",
"url": "https://bugzilla.suse.com/1239065"
},
{
"category": "self",
"summary": "SUSE Bug 1239068",
"url": "https://bugzilla.suse.com/1239068"
},
{
"category": "self",
"summary": "SUSE Bug 1239073",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "self",
"summary": "SUSE Bug 1239076",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "self",
"summary": "SUSE Bug 1239080",
"url": "https://bugzilla.suse.com/1239080"
},
{
"category": "self",
"summary": "SUSE Bug 1239085",
"url": "https://bugzilla.suse.com/1239085"
},
{
"category": "self",
"summary": "SUSE Bug 1239087",
"url": "https://bugzilla.suse.com/1239087"
},
{
"category": "self",
"summary": "SUSE Bug 1239095",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "self",
"summary": "SUSE Bug 1239104",
"url": "https://bugzilla.suse.com/1239104"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239109",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "self",
"summary": "SUSE Bug 1239112",
"url": "https://bugzilla.suse.com/1239112"
},
{
"category": "self",
"summary": "SUSE Bug 1239114",
"url": "https://bugzilla.suse.com/1239114"
},
{
"category": "self",
"summary": "SUSE Bug 1239115",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239167",
"url": "https://bugzilla.suse.com/1239167"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239435",
"url": "https://bugzilla.suse.com/1239435"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239615",
"url": "https://bugzilla.suse.com/1239615"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52831 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52926 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26873 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46736 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58079 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21631 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21704 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21708 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21731 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21733 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21736 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21745 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21784 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21828 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-04-08T16:32:07Z",
"generator": {
"date": "2025-04-08T16:32:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:1178-1",
"initial_release_date": "2025-04-08T16:32:07Z",
"revision_history": [
{
"date": "2025-04-08T16:32:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"product_id": "kernel-source-rt-6.4.0-150600.10.34.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product_id": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product_id": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product_id": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"product_id": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product_id": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product_id": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product": {
"name": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"product_id": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Real Time Module 15 SP6",
"product": {
"name": "SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-rt:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP6",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150600.10.34.1.noarch as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of SUSE Real Time Module 15 SP6",
"product_id": "SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "SUSE Real Time Module 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-150600.10.34.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
},
"product_reference": "reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52831",
"url": "https://www.suse.com/security/cve/CVE-2023-52831"
},
{
"category": "external",
"summary": "SUSE Bug 1225533 for CVE-2023-52831",
"url": "https://bugzilla.suse.com/1225533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIORING_OP_READ did not correctly consume the provided buffer list when\nread i/o returned \u003c 0 (except for -EAGAIN and -EIOCBQUEUED return).\nThis can lead to a potential use-after-free when the completion via\nio_rw_done runs at separate context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52926",
"url": "https://www.suse.com/security/cve/CVE-2023-52926"
},
{
"category": "external",
"summary": "SUSE Bug 1237565 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "external",
"summary": "SUSE Bug 1237567 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-26634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26634",
"url": "https://www.suse.com/security/cve/CVE-2024-26634"
},
{
"category": "external",
"summary": "SUSE Bug 1221651 for CVE-2024-26634",
"url": "https://bugzilla.suse.com/1221651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix a deadlock issue related to automatic dump\n\nIf we issue a disabling PHY command, the device attached with it will go\noffline, if a 2 bit ECC error occurs at the same time, a hung task may be\nfound:\n\n[ 4613.652388] INFO: task kworker/u256:0:165233 blocked for more than 120 seconds.\n[ 4613.666297] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.674809] task:kworker/u256:0 state:D stack: 0 pid:165233 ppid: 2 flags:0x00000208\n[ 4613.683959] Workqueue: 0000:74:02.0_disco_q sas_revalidate_domain [libsas]\n[ 4613.691518] Call trace:\n[ 4613.694678] __switch_to+0xf8/0x17c\n[ 4613.698872] __schedule+0x660/0xee0\n[ 4613.703063] schedule+0xac/0x240\n[ 4613.706994] schedule_timeout+0x500/0x610\n[ 4613.711705] __down+0x128/0x36c\n[ 4613.715548] down+0x240/0x2d0\n[ 4613.719221] hisi_sas_internal_abort_timeout+0x1bc/0x260 [hisi_sas_main]\n[ 4613.726618] sas_execute_internal_abort+0x144/0x310 [libsas]\n[ 4613.732976] sas_execute_internal_abort_dev+0x44/0x60 [libsas]\n[ 4613.739504] hisi_sas_internal_task_abort_dev.isra.0+0xbc/0x1b0 [hisi_sas_main]\n[ 4613.747499] hisi_sas_dev_gone+0x174/0x250 [hisi_sas_main]\n[ 4613.753682] sas_notify_lldd_dev_gone+0xec/0x2e0 [libsas]\n[ 4613.759781] sas_unregister_common_dev+0x4c/0x7a0 [libsas]\n[ 4613.765962] sas_destruct_devices+0xb8/0x120 [libsas]\n[ 4613.771709] sas_do_revalidate_domain.constprop.0+0x1b8/0x31c [libsas]\n[ 4613.778930] sas_revalidate_domain+0x60/0xa4 [libsas]\n[ 4613.784716] process_one_work+0x248/0x950\n[ 4613.789424] worker_thread+0x318/0x934\n[ 4613.793878] kthread+0x190/0x200\n[ 4613.797810] ret_from_fork+0x10/0x18\n[ 4613.802121] INFO: task kworker/u256:4:316722 blocked for more than 120 seconds.\n[ 4613.816026] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.824538] task:kworker/u256:4 state:D stack: 0 pid:316722 ppid: 2 flags:0x00000208\n[ 4613.833670] Workqueue: 0000:74:02.0 hisi_sas_rst_work_handler [hisi_sas_main]\n[ 4613.841491] Call trace:\n[ 4613.844647] __switch_to+0xf8/0x17c\n[ 4613.848852] __schedule+0x660/0xee0\n[ 4613.853052] schedule+0xac/0x240\n[ 4613.856984] schedule_timeout+0x500/0x610\n[ 4613.861695] __down+0x128/0x36c\n[ 4613.865542] down+0x240/0x2d0\n[ 4613.869216] hisi_sas_controller_prereset+0x58/0x1fc [hisi_sas_main]\n[ 4613.876324] hisi_sas_rst_work_handler+0x40/0x8c [hisi_sas_main]\n[ 4613.883019] process_one_work+0x248/0x950\n[ 4613.887732] worker_thread+0x318/0x934\n[ 4613.892204] kthread+0x190/0x200\n[ 4613.896118] ret_from_fork+0x10/0x18\n[ 4613.900423] INFO: task kworker/u256:1:348985 blocked for more than 121 seconds.\n[ 4613.914341] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.922852] task:kworker/u256:1 state:D stack: 0 pid:348985 ppid: 2 flags:0x00000208\n[ 4613.931984] Workqueue: 0000:74:02.0_event_q sas_port_event_worker [libsas]\n[ 4613.939549] Call trace:\n[ 4613.942702] __switch_to+0xf8/0x17c\n[ 4613.946892] __schedule+0x660/0xee0\n[ 4613.951083] schedule+0xac/0x240\n[ 4613.955015] schedule_timeout+0x500/0x610\n[ 4613.959725] wait_for_common+0x200/0x610\n[ 4613.964349] wait_for_completion+0x3c/0x5c\n[ 4613.969146] flush_workqueue+0x198/0x790\n[ 4613.973776] sas_porte_broadcast_rcvd+0x1e8/0x320 [libsas]\n[ 4613.979960] sas_port_event_worker+0x54/0xa0 [libsas]\n[ 4613.985708] process_one_work+0x248/0x950\n[ 4613.990420] worker_thread+0x318/0x934\n[ 4613.994868] kthread+0x190/0x200\n[ 4613.998800] ret_from_fork+0x10/0x18\n\nThis is because when the device goes offline, we obtain the hisi_hba\nsemaphore and send the ABORT_DEV command to the device. However, the\ninternal abort timed out due to the 2 bit ECC error and triggers automatic\ndump. In addition, since the hisi_hba semaphore has been obtained, the dump\ncannot be executed and the controller cannot be reset.\n\nTherefore, the deadlocks occur on the following circular dependencies\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26873",
"url": "https://www.suse.com/security/cve/CVE-2024-26873"
},
{
"category": "external",
"summary": "SUSE Bug 1223047 for CVE-2024-26873",
"url": "https://bugzilla.suse.com/1223047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-35826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix page refcounts for unaligned buffers in __bio_release_pages()\n\nFix an incorrect number of pages being released for buffers that do not\nstart at the beginning of a page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35826",
"url": "https://www.suse.com/security/cve/CVE-2024-35826"
},
{
"category": "external",
"summary": "SUSE Bug 1224610 for CVE-2024-35826",
"url": "https://bugzilla.suse.com/1224610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix validation of block size\n\nBlock size should be between 512 and PAGE_SIZE and be a power of 2. The current\ncheck does not validate this, so update the check.\n\nWithout this patch, null_blk would Oops due to a null pointer deref when\nloaded with bs=1536 [1].\n\n\n[axboe: remove unnecessary braces and != 0 check]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41077",
"url": "https://www.suse.com/security/cve/CVE-2024-41077"
},
{
"category": "external",
"summary": "SUSE Bug 1228653 for CVE-2024-41077",
"url": "https://bugzilla.suse.com/1228653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41149",
"url": "https://www.suse.com/security/cve/CVE-2024-41149"
},
{
"category": "external",
"summary": "SUSE Bug 1235698 for CVE-2024-41149",
"url": "https://bugzilla.suse.com/1235698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n fs/smb/client/cifsfs.c:1981 init_cifs()\n error: we previously assumed \u0027serverclose_wq\u0027 could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42307",
"url": "https://www.suse.com/security/cve/CVE-2024-42307"
},
{
"category": "external",
"summary": "SUSE Bug 1229361 for CVE-2024-42307",
"url": "https://bugzilla.suse.com/1229361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-46736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46736",
"url": "https://www.suse.com/security/cve/CVE-2024-46736"
},
{
"category": "external",
"summary": "SUSE Bug 1230728 for CVE-2024-46736",
"url": "https://bugzilla.suse.com/1230728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n CIFS: Attempting to mount //w22-fs0/scratch\n run fstests generic/013 at 2024-09-02 19:48:59\n ==================================================================\n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n 04/01/2014\n Workqueue: cifsoplockd cifs_oplock_break [cifs]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? detach_if_pending+0xab/0x200\n print_report+0x156/0x4d9\n ? detach_if_pending+0xab/0x200\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? detach_if_pending+0xab/0x200\n kasan_report+0xda/0x110\n ? detach_if_pending+0xab/0x200\n detach_if_pending+0xab/0x200\n timer_delete+0x96/0xe0\n ? __pfx_timer_delete+0x10/0x10\n ? rcu_is_watching+0x20/0x50\n try_to_grab_pending+0x46/0x3b0\n __cancel_work+0x89/0x1b0\n ? __pfx___cancel_work+0x10/0x10\n ? kasan_save_track+0x14/0x30\n cifs_close_deferred_file+0x110/0x2c0 [cifs]\n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n ? __pfx_down_read+0x10/0x10\n cifs_oplock_break+0x4c1/0xa50 [cifs]\n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n ? lock_is_held_type+0x85/0xf0\n ? mark_held_locks+0x1a/0x90\n process_one_work+0x4c6/0x9f0\n ? find_held_lock+0x8a/0xa0\n ? __pfx_process_one_work+0x10/0x10\n ? lock_acquired+0x220/0x550\n ? __list_add_valid_or_report+0x37/0x100\n worker_thread+0x2e4/0x570\n ? __kthread_parkme+0xd1/0xf0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x17f/0x1c0\n ? kthread+0xda/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 1118:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n cifs_atomic_open+0x467/0x770 [cifs]\n lookup_open.isra.0+0x665/0x8b0\n path_openat+0x4c3/0x1380\n do_filp_open+0x167/0x270\n do_sys_openat2+0x129/0x160\n __x64_sys_creat+0xad/0xe0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 83:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n poison_slab_object+0xe9/0x160\n __kasan_slab_free+0x32/0x50\n kfree+0xf2/0x300\n process_one_work+0x4c6/0x9f0\n worker_thread+0x2e4/0x570\n kthread+0x17f/0x1c0\n ret_from_fork+0x31/0x60\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x30/0x50\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x29/0xe0\n __queue_work+0x5ea/0x760\n queue_work_on+0x6d/0x90\n _cifsFileInfo_put+0x3f6/0x770 [cifs]\n smb2_compound_op+0x911/0x3940 [cifs]\n smb2_set_path_size+0x228/0x270 [cifs]\n cifs_set_file_size+0x197/0x460 [cifs]\n cifs_setattr+0xd9c/0x14b0 [cifs]\n notify_change+0x4e3/0x740\n do_truncate+0xfa/0x180\n vfs_truncate+0x195/0x200\n __x64_sys_truncate+0x109/0x150\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46796",
"url": "https://www.suse.com/security/cve/CVE-2024-46796"
},
{
"category": "external",
"summary": "SUSE Bug 1230832 for CVE-2024-46796",
"url": "https://bugzilla.suse.com/1230832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session-\u003etunnel is non-NULL. However, session-\u003etunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession-\u003etunnel is non-NULL when the tunnel refcount hasn\u0027t been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession-\u003etunnel to get the tunnel\u0027s encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session-\u003etunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn\u0027t yet have session-\u003etunnel set. Add a check for\nthis case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49940",
"url": "https://www.suse.com/security/cve/CVE-2024-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1232812 for CVE-2024-49940",
"url": "https://bugzilla.suse.com/1232812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n\u0027ea is initialized to NULL\u0027 -\u003e \u0027first successful memory allocation for\nea\u0027 -\u003e \u0027something failed, goto sea_exit\u0027 -\u003e \u0027first memory release for ea\u0027\n-\u003e \u0027goto replay_again\u0027 -\u003e \u0027second goto sea_exit before allocate memory\nfor ea\u0027 -\u003e \u0027second memory release for ea resulted in double free\u0027.\n\nRe-initialie \u0027ea\u0027 to NULL near to the replay_again label, it can fix this\ndouble free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50152",
"url": "https://www.suse.com/security/cve/CVE-2024-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1233033 for CVE-2024-50152",
"url": "https://bugzilla.suse.com/1233033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-52559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52559",
"url": "https://www.suse.com/security/cve/CVE-2024-52559"
},
{
"category": "external",
"summary": "SUSE Bug 1238507 for CVE-2024-52559",
"url": "https://bugzilla.suse.com/1238507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core-indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a \u0027possible circular locking dependency detected\u0027 warning\n CPU0 CPU1\n ---- ----\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n\nFix this by temporarily releasing the reset_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57807",
"url": "https://www.suse.com/security/cve/CVE-2024-57807"
},
{
"category": "external",
"summary": "SUSE Bug 1235761 for CVE-2024-57807",
"url": "https://bugzilla.suse.com/1235761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread\n\nsyzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1]\n\nIf dvb-\u003emux is not initialized successfully by vidtv_mux_init() in the\nvidtv_start_streaming(), it will trigger null pointer dereference about mux\nin vidtv_mux_stop_thread().\n\nAdjust the timing of streaming initialization and check it before\nstopping it.\n\n[1]\nKASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]\nCPU: 0 UID: 0 PID: 5842 Comm: syz-executor248 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:vidtv_mux_stop_thread+0x26/0x80 drivers/media/test-drivers/vidtv/vidtv_mux.c:471\nCode: 90 90 90 90 66 0f 1f 00 55 53 48 89 fb e8 82 2e c8 f9 48 8d bb 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 02 7e 3b 0f b6 ab 28 01 00 00 31 ff 89 ee e8\nRSP: 0018:ffffc90003f2faa8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87cfb125\nRDX: 0000000000000025 RSI: ffffffff87d120ce RDI: 0000000000000128\nRBP: ffff888029b8d220 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000003 R12: ffff888029b8d188\nR13: ffffffff8f590aa0 R14: ffffc9000581c5c8 R15: ffff888029a17710\nFS: 00007f7eef5156c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7eef5e635c CR3: 0000000076ca6000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vidtv_stop_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:209 [inline]\n vidtv_stop_feed+0x151/0x250 drivers/media/test-drivers/vidtv/vidtv_bridge.c:252\n dmx_section_feed_stop_filtering+0x90/0x160 drivers/media/dvb-core/dvb_demux.c:1000\n dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270 drivers/media/dvb-core/dmxdev.c:486\n dvb_dmxdev_filter_stop+0x22a/0x3a0 drivers/media/dvb-core/dmxdev.c:559\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3f8/0xb60 fs/file_table.c:450\n task_work_run+0x14e/0x250 kernel/task_work.c:239\n get_signal+0x1d3/0x2610 kernel/signal.c:2790\n arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218\n do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57834",
"url": "https://www.suse.com/security/cve/CVE-2024-57834"
},
{
"category": "external",
"summary": "SUSE Bug 1238993 for CVE-2024-57834",
"url": "https://bugzilla.suse.com/1238993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user. It comes from\nprocess_responses(). On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug. Use size_add() to prevent this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57973",
"url": "https://www.suse.com/security/cve/CVE-2024-57973"
},
{
"category": "external",
"summary": "SUSE Bug 1238531 for CVE-2024-57973",
"url": "https://bugzilla.suse.com/1238531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Fix potential error pointer dereference in detach_pm()\n\nThe proble is on the first line:\n\n\tif (jpeg-\u003epd_dev[i] \u0026\u0026 !pm_runtime_suspended(jpeg-\u003epd_dev[i]))\n\nIf jpeg-\u003epd_dev[i] is an error pointer, then passing it to\npm_runtime_suspended() will lead to an Oops. The other conditions\ncheck for both error pointers and NULL, but it would be more clear to\nuse the IS_ERR_OR_NULL() check for that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57978",
"url": "https://www.suse.com/security/cve/CVE-2024-57978"
},
{
"category": "external",
"summary": "SUSE Bug 1238523 for CVE-2024-57978",
"url": "https://bugzilla.suse.com/1238523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: Fix a use-after-free\n\nOn a board running ntpd and gpsd, I\u0027m seeing a consistent use-after-free\nin sys_exit() from gpsd when rebooting:\n\n pps pps1: removed\n ------------[ cut here ]------------\n kobject: \u0027(null)\u0027 (00000000db4bec24): is not initialized, yet kobject_put() is being called.\n WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150\n CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1\n Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : kobject_put+0x120/0x150\n lr : kobject_put+0x120/0x150\n sp : ffffffc0803d3ae0\n x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001\n x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440\n x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600\n x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20\n x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n kobject_put+0x120/0x150\n cdev_put+0x20/0x3c\n __fput+0x2c4/0x2d8\n ____fput+0x1c/0x38\n task_work_run+0x70/0xfc\n do_exit+0x2a0/0x924\n do_group_exit+0x34/0x90\n get_signal+0x7fc/0x8c0\n do_signal+0x128/0x13b4\n do_notify_resume+0xdc/0x160\n el0_svc+0xd4/0xf8\n el0t_64_sync_handler+0x140/0x14c\n el0t_64_sync+0x190/0x194\n ---[ end trace 0000000000000000 ]---\n\n...followed by more symptoms of corruption, with similar stacks:\n\n refcount_t: underflow; use-after-free.\n kernel BUG at lib/list_debug.c:62!\n Kernel panic - not syncing: Oops - BUG: Fatal exception\n\nThis happens because pps_device_destruct() frees the pps_device with the\nembedded cdev immediately after calling cdev_del(), but, as the comment\nabove cdev_del() notes, fops for previously opened cdevs are still\ncallable even after cdev_del() returns. I think this bug has always\nbeen there: I can\u0027t explain why it suddenly started happening every time\nI reboot this particular board.\n\nIn commit d953e0e837e6 (\"pps: Fix a use-after free bug when\nunregistering a source.\"), George Spelvin suggested removing the\nembedded cdev. That seems like the simplest way to fix this, so I\u0027ve\nimplemented his suggestion, using __register_chrdev() with pps_idr\nbecoming the source of truth for which minor corresponds to which\ndevice.\n\nBut now that pps_idr defines userspace visibility instead of cdev_add(),\nwe need to be sure the pps-\u003edev refcount can\u0027t reach zero while\nuserspace can still find it again. So, the idr_remove() call moves to\npps_unregister_cdev(), and pps_idr now holds a reference to pps-\u003edev.\n\n pps_core: source serial1 got cdev (251:1)\n \u003c...\u003e\n pps pps1: removed\n pps_core: unregistering pps1\n pps_core: deallocating pps1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57979",
"url": "https://www.suse.com/security/cve/CVE-2024-57979"
},
{
"category": "external",
"summary": "SUSE Bug 1238521 for CVE-2024-57979",
"url": "https://bugzilla.suse.com/1238521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57980",
"url": "https://www.suse.com/security/cve/CVE-2024-57980"
},
{
"category": "external",
"summary": "SUSE Bug 1237911 for CVE-2024-57980",
"url": "https://bugzilla.suse.com/1237911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57981",
"url": "https://www.suse.com/security/cve/CVE-2024-57981"
},
{
"category": "external",
"summary": "SUSE Bug 1237912 for CVE-2024-57981",
"url": "https://bugzilla.suse.com/1237912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Fix assumption that Resolution Multipliers must be in Logical Collections\n\nA report in 2019 by the syzbot fuzzer was found to be connected to two\nerrors in the HID core associated with Resolution Multipliers. One of\nthe errors was fixed by commit ea427a222d8b (\"HID: core: Fix deadloop\nin hid_apply_multiplier.\"), but the other has not been fixed.\n\nThis error arises because hid_apply_multipler() assumes that every\nResolution Multiplier control is contained in a Logical Collection,\ni.e., there\u0027s no way the routine can ever set multiplier_collection to\nNULL. This is in spite of the fact that the function starts with a\nbig comment saying:\n\n\t * \"The Resolution Multiplier control must be contained in the same\n\t * Logical Collection as the control(s) to which it is to be applied.\n\t ...\n\t * If no Logical Collection is\n\t * defined, the Resolution Multiplier is associated with all\n\t * controls in the report.\"\n\t * HID Usage Table, v1.12, Section 4.3.1, p30\n\t *\n\t * Thus, search from the current collection upwards until we find a\n\t * logical collection...\n\nThe comment and the code overlook the possibility that none of the\ncollections found may be a Logical Collection.\n\nThe fix is to set the multiplier_collection pointer to NULL if the\ncollection found isn\u0027t a Logical Collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57986",
"url": "https://www.suse.com/security/cve/CVE-2024-57986"
},
{
"category": "external",
"summary": "SUSE Bug 1237907 for CVE-2024-57986",
"url": "https://bugzilla.suse.com/1237907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: fix off by one in mt7925_load_clc()\n\nThis comparison should be \u003e= instead of \u003e to prevent an out of bounds\nread and write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57990",
"url": "https://www.suse.com/security/cve/CVE-2024-57990"
},
{
"category": "external",
"summary": "SUSE Bug 1237900 for CVE-2024-57990",
"url": "https://bugzilla.suse.com/1237900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check\n\nsyzbot has found a type mismatch between a USB pipe and the transfer\nendpoint, which is triggered by the hid-thrustmaster driver[1].\nThere is a number of similar, already fixed issues [2].\nIn this case as in others, implementing check for endpoint type fixes the issue.\n\n[1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470\n[2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57993",
"url": "https://www.suse.com/security/cve/CVE-2024-57993"
},
{
"category": "external",
"summary": "SUSE Bug 1237894 for CVE-2024-57993",
"url": "https://bugzilla.suse.com/1237894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wcn36xx: fix channel survey memory allocation size\n\nKASAN reported a memory allocation issue in wcn-\u003echan_survey\ndue to incorrect size calculation.\nThis commit uses kcalloc to allocate memory for wcn-\u003echan_survey,\nensuring proper initialization and preventing the use of uninitialized\nvalues when there are no frames on the channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57997",
"url": "https://www.suse.com/security/cve/CVE-2024-57997"
},
{
"category": "external",
"summary": "SUSE Bug 1238529 for CVE-2024-57997",
"url": "https://bugzilla.suse.com/1238529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58002",
"url": "https://www.suse.com/security/cve/CVE-2024-58002"
},
{
"category": "external",
"summary": "SUSE Bug 1238503 for CVE-2024-58002",
"url": "https://bugzilla.suse.com/1238503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58005",
"url": "https://www.suse.com/security/cve/CVE-2024-58005"
},
{
"category": "external",
"summary": "SUSE Bug 1237873 for CVE-2024-58005",
"url": "https://bugzilla.suse.com/1237873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()\n\nIn commit 4284c88fff0e (\"PCI: designware-ep: Allow pci_epc_set_bar() update\ninbound map address\") set_bar() was modified to support dynamically\nchanging the backing physical address of a BAR that was already configured.\n\nThis means that set_bar() can be called twice, without ever calling\nclear_bar() (as calling clear_bar() would clear the BAR\u0027s PCI address\nassigned by the host).\n\nThis can only be done if the new BAR size/flags does not differ from the\nexisting BAR configuration. Add these missing checks.\n\nIf we allow set_bar() to set e.g. a new BAR size that differs from the\nexisting BAR size, the new address translation range will be smaller than\nthe BAR size already determined by the host, which would mean that a read\npast the new BAR size would pass the iATU untranslated, which could allow\nthe host to read memory not belonging to the new struct pci_epf_bar.\n\nWhile at it, add comments which clarifies the support for dynamically\nchanging the physical address of a BAR. (Which was also missing.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58006",
"url": "https://www.suse.com/security/cve/CVE-2024-58006"
},
{
"category": "external",
"summary": "SUSE Bug 1238772 for CVE-2024-58006",
"url": "https://bugzilla.suse.com/1238772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It\u0027s always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it\u0027s\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58007",
"url": "https://www.suse.com/security/cve/CVE-2024-58007"
},
{
"category": "external",
"summary": "SUSE Bug 1238511 for CVE-2024-58007",
"url": "https://bugzilla.suse.com/1238511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58009",
"url": "https://www.suse.com/security/cve/CVE-2024-58009"
},
{
"category": "external",
"summary": "SUSE Bug 1238760 for CVE-2024-58009",
"url": "https://bugzilla.suse.com/1238760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58011",
"url": "https://www.suse.com/security/cve/CVE-2024-58011"
},
{
"category": "external",
"summary": "SUSE Bug 1239080 for CVE-2024-58011",
"url": "https://bugzilla.suse.com/1239080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params\n\nEach cpu DAI should associate with a widget. However, the topology might\nnot create the right number of DAI widgets for aggregated amps. And it\nwill cause NULL pointer deference.\nCheck that the DAI widget associated with the CPU DAI is valid to prevent\nNULL pointer deference due to missing DAI widgets in topologies with\naggregated amps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58012",
"url": "https://www.suse.com/security/cve/CVE-2024-58012"
},
{
"category": "external",
"summary": "SUSE Bug 1239104 for CVE-2024-58012",
"url": "https://bugzilla.suse.com/1239104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58013",
"url": "https://www.suse.com/security/cve/CVE-2024-58013"
},
{
"category": "external",
"summary": "SUSE Bug 1239095 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "external",
"summary": "SUSE Bug 1239096 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58014",
"url": "https://www.suse.com/security/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "SUSE Bug 1239109 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "external",
"summary": "SUSE Bug 1239110 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58017",
"url": "https://www.suse.com/security/cve/CVE-2024-58017"
},
{
"category": "external",
"summary": "SUSE Bug 1239112 for CVE-2024-58017",
"url": "https://bugzilla.suse.com/1239112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()\n\nAs of_find_node_by_name() release the reference of the argument device\nnode, tegra_emc_find_node_by_ram_code() releases some device nodes while\nstill in use, resulting in possible UAFs. According to the bindings and\nthe in-tree DTS files, the \"emc-tables\" node is always device\u0027s child\nnode with the property \"nvidia,use-ram-code\", and the \"lpddr2\" node is a\nchild of the \"emc-tables\" node. Thus utilize the\nfor_each_child_of_node() macro and of_get_child_by_name() instead of\nof_find_node_by_name() to simplify the code.\n\nThis bug was found by an experimental verification tool that I am\ndeveloping.\n\n[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58034",
"url": "https://www.suse.com/security/cve/CVE-2024-58034"
},
{
"category": "external",
"summary": "SUSE Bug 1238773 for CVE-2024-58034",
"url": "https://bugzilla.suse.com/1238773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: ipmb: Add check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this\nreturned value is not checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58051",
"url": "https://www.suse.com/security/cve/CVE-2024-58051"
},
{
"category": "external",
"summary": "SUSE Bug 1238963 for CVE-2024-58051",
"url": "https://bugzilla.suse.com/1238963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58052",
"url": "https://www.suse.com/security/cve/CVE-2024-58052"
},
{
"category": "external",
"summary": "SUSE Bug 1238986 for CVE-2024-58052",
"url": "https://bugzilla.suse.com/1238986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: max96712: fix kernel oops when removing module\n\nThe following kernel oops is thrown when trying to remove the max96712\nmodule:\n\nUnable to handle kernel paging request at virtual address 00007375746174db\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000\n[00007375746174db] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan\n snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2\n imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev\n snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils\n max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse\n [last unloaded: imx8_isi]\nCPU: 0 UID: 0 PID: 754 Comm: rmmod\n\t Tainted: G C 6.12.0-rc6-06364-g327fec852c31 #17\nTainted: [C]=CRAP\nHardware name: NXP i.MX95 19X19 board (DT)\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : led_put+0x1c/0x40\nlr : v4l2_subdev_put_privacy_led+0x48/0x58\nsp : ffff80008699bbb0\nx29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000\nx26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8\nx20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000\nx11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010\nx8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\nx5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1\nx2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473\nCall trace:\n led_put+0x1c/0x40\n v4l2_subdev_put_privacy_led+0x48/0x58\n v4l2_async_unregister_subdev+0x2c/0x1a4\n max96712_remove+0x1c/0x38 [max96712]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x4c/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n max96712_i2c_driver_exit+0x18/0x1d0 [max96712]\n __arm64_sys_delete_module+0x1a4/0x290\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xd8\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\nCode: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400)\n---[ end trace 0000000000000000 ]---\n\nThis happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata()\nis called again and the data is overwritten to point to sd, instead of\npriv. So, in remove(), the wrong pointer is passed to\nv4l2_async_unregister_subdev(), leading to a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58054",
"url": "https://www.suse.com/security/cve/CVE-2024-58054"
},
{
"category": "external",
"summary": "SUSE Bug 1238975 for CVE-2024-58054",
"url": "https://bugzilla.suse.com/1238975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don\u0027t free command immediately\n\nDon\u0027t prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58055",
"url": "https://www.suse.com/security/cve/CVE-2024-58055"
},
{
"category": "external",
"summary": "SUSE Bug 1238959 for CVE-2024-58055",
"url": "https://bugzilla.suse.com/1238959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been initialized to 0.\nida_free() is called reporting a warning:\n[ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[ 4.188854] ida_free called for id=0 which is not allocated.\n[ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[ 4.231481] Hardware name: STM32 (Device Tree Support)\n[ 4.236627] Workqueue: events_unbound deferred_probe_work_func\n[ 4.242504] Call trace:\n[ 4.242522] unwind_backtrace from show_stack+0x10/0x14\n[ 4.250218] show_stack from dump_stack_lvl+0x50/0x64\n[ 4.255274] dump_stack_lvl from __warn+0x80/0x12c\n[ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188\n[ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164\n[ 4.270565] ida_free from rproc_type_release+0x38/0x60\n[ 4.275832] rproc_type_release from device_release+0x30/0xa0\n[ 4.281601] device_release from kobject_put+0xc4/0x294\n[ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c\n[ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58056",
"url": "https://www.suse.com/security/cve/CVE-2024-58056"
},
{
"category": "external",
"summary": "SUSE Bug 1238981 for CVE-2024-58056",
"url": "https://bugzilla.suse.com/1238981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert workqueues to unbound\n\nWhen a workqueue is created with `WQ_UNBOUND`, its work items are\nserved by special worker-pools, whose host workers are not bound to\nany specific CPU. In the default configuration (i.e. when\n`queue_delayed_work` and friends do not specify which CPU to run the\nwork item on), `WQ_UNBOUND` allows the work item to be executed on any\nCPU in the same node of the CPU it was enqueued on. While this\nsolution potentially sacrifices locality, it avoids contention with\nother processes that might dominate the CPU time of the processor the\nwork item was scheduled on.\n\nThis is not just a theoretical problem: in a particular scenario\nmisconfigured process was hogging most of the time from CPU0, leaving\nless than 0.5% of its CPU time to the kworker. The IDPF workqueues\nthat were using the kworker on CPU0 suffered large completion delays\nas a result, causing performance degradation, timeouts and eventual\nsystem crash.\n\n\n* I have also run a manual test to gauge the performance\n improvement. The test consists of an antagonist process\n (`./stress --cpu 2`) consuming as much of CPU 0 as possible. This\n process is run under `taskset 01` to bind it to CPU0, and its\n priority is changed with `chrt -pQ 9900 10000 ${pid}` and\n `renice -n -20 ${pid}` after start.\n\n Then, the IDPF driver is forced to prefer CPU0 by editing all calls\n to `queue_delayed_work`, `mod_delayed_work`, etc... to use CPU 0.\n\n Finally, `ktraces` for the workqueue events are collected.\n\n Without the current patch, the antagonist process can force\n arbitrary delays between `workqueue_queue_work` and\n `workqueue_execute_start`, that in my tests were as high as\n `30ms`. With the current patch applied, the workqueue can be\n migrated to another unloaded CPU in the same node, and, keeping\n everything else equal, the maximum delay I could see was `6us`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58057",
"url": "https://www.suse.com/security/cve/CVE-2024-58057"
},
{
"category": "external",
"summary": "SUSE Bug 1238969 for CVE-2024-58057",
"url": "https://bugzilla.suse.com/1238969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58058",
"url": "https://www.suse.com/security/cve/CVE-2024-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1238979 for CVE-2024-58058",
"url": "https://bugzilla.suse.com/1238979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58061",
"url": "https://www.suse.com/security/cve/CVE-2024-58061"
},
{
"category": "external",
"summary": "SUSE Bug 1238973 for CVE-2024-58061",
"url": "https://bugzilla.suse.com/1238973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58063",
"url": "https://www.suse.com/security/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "SUSE Bug 1238984 for CVE-2024-58063",
"url": "https://bugzilla.suse.com/1238984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read\n\nThe nvmem interface supports variable buffer sizes, while the regmap\ninterface operates with fixed-size storage. If an nvmem client uses a\nbuffer size less than 4 bytes, regmap_read will write out of bounds\nas it expects the buffer to point at an unsigned int.\n\nFix this by using an intermediary unsigned int to hold the value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58069",
"url": "https://www.suse.com/security/cve/CVE-2024-58069"
},
{
"category": "external",
"summary": "SUSE Bug 1238978 for CVE-2024-58069",
"url": "https://bugzilla.suse.com/1238978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58072",
"url": "https://www.suse.com/security/cve/CVE-2024-58072"
},
{
"category": "external",
"summary": "SUSE Bug 1238964 for CVE-2024-58072",
"url": "https://bugzilla.suse.com/1238964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58076",
"url": "https://www.suse.com/security/cve/CVE-2024-58076"
},
{
"category": "external",
"summary": "SUSE Bug 1239037 for CVE-2024-58076",
"url": "https://bugzilla.suse.com/1239037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n\u003e \u003e WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n\u003e \u003e ida_free called for id=127 which is not allocated.\n\u003e \u003e \u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\n...\n\u003e \u003e [\u003c60941eb4\u003e] ida_free+0x3e0/0x41f\n\u003e \u003e [\u003c605ac993\u003e] misc_minor_free+0x3e/0xbc\n\u003e \u003e [\u003c605acb82\u003e] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58078",
"url": "https://www.suse.com/security/cve/CVE-2024-58078"
},
{
"category": "external",
"summary": "SUSE Bug 1239034 for CVE-2024-58078",
"url": "https://bugzilla.suse.com/1239034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58079",
"url": "https://www.suse.com/security/cve/CVE-2024-58079"
},
{
"category": "external",
"summary": "SUSE Bug 1239029 for CVE-2024-58079",
"url": "https://bugzilla.suse.com/1239029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58080",
"url": "https://www.suse.com/security/cve/CVE-2024-58080"
},
{
"category": "external",
"summary": "SUSE Bug 1239027 for CVE-2024-58080",
"url": "https://bugzilla.suse.com/1239027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don\u0027t emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58085",
"url": "https://www.suse.com/security/cve/CVE-2024-58085"
},
{
"category": "external",
"summary": "SUSE Bug 1239085 for CVE-2024-58085",
"url": "https://bugzilla.suse.com/1239085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58086",
"url": "https://www.suse.com/security/cve/CVE-2024-58086"
},
{
"category": "external",
"summary": "SUSE Bug 1239038 for CVE-2024-58086",
"url": "https://bugzilla.suse.com/1239038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2025-21631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix waker_bfqq UAF after bfq_split_bfqq()\n\nOur syzkaller report a following UAF for v6.6:\n\nBUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\nRead of size 8 at addr ffff8881b57147d8 by task fsstress/232726\n\nCPU: 2 PID: 232726 Comm: fsstress Not tainted 6.6.0-g3629d1885222 #39\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\n print_report+0x3e/0x70 mm/kasan/report.c:475\n kasan_report+0xb8/0xf0 mm/kasan/report.c:588\n hlist_add_head include/linux/list.h:1023 [inline]\n bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh+0x15e/0x2e0 fs/ext4/super.c:230\n __read_extent_tree_block+0x304/0x6f0 fs/ext4/extents.c:567\n ext4_find_extent+0x479/0xd20 fs/ext4/extents.c:947\n ext4_ext_map_blocks+0x1a3/0x2680 fs/ext4/extents.c:4182\n ext4_map_blocks+0x929/0x15a0 fs/ext4/inode.c:660\n ext4_iomap_begin_report+0x298/0x480 fs/ext4/inode.c:3569\n iomap_iter+0x3dd/0x1010 fs/iomap/iter.c:91\n iomap_fiemap+0x1f4/0x360 fs/iomap/fiemap.c:80\n ext4_fiemap+0x181/0x210 fs/ext4/extents.c:5051\n ioctl_fiemap.isra.0+0x1b4/0x290 fs/ioctl.c:220\n do_vfs_ioctl+0x31c/0x11a0 fs/ioctl.c:811\n __do_sys_ioctl fs/ioctl.c:869 [inline]\n __se_sys_ioctl+0xae/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nAllocated by task 232719:\n kasan_save_stack+0x22/0x50 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:768 [inline]\n slab_alloc_node mm/slub.c:3492 [inline]\n kmem_cache_alloc_node+0x1b8/0x6f0 mm/slub.c:3537\n bfq_get_queue+0x215/0x1f00 block/bfq-iosched.c:5869\n bfq_get_bfqq_handle_split+0x167/0x5f0 block/bfq-iosched.c:6776\n bfq_init_rq+0x13a4/0x17a0 block/bfq-iosched.c:6938\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh_nowait+0x15a/0x240 fs/ext4/super.c:217\n ext4_read_bh_lock+0xac/0xd0 fs/ext4/super.c:242\n ext4_bread_batch+0x268/0x500 fs/ext4/inode.c:958\n __ext4_find_entry+0x448/0x10f0 fs/ext4/namei.c:1671\n ext4_lookup_entry fs/ext4/namei.c:1774 [inline]\n ext4_lookup.part.0+0x359/0x6f0 fs/ext4/namei.c:1842\n ext4_lookup+0x72/0x90 fs/ext4/namei.c:1839\n __lookup_slow+0x257/0x480 fs/namei.c:1696\n lookup_slow fs/namei.c:1713 [inline]\n walk_component+0x454/0x5c0 fs/namei.c:2004\n link_path_walk.part.0+0x773/0xda0 fs/namei.c:2331\n link_path_walk fs/namei.c:3826 [inline]\n path_openat+0x1b9/0x520 fs/namei.c:3826\n do_filp_open+0x1b7/0x400 fs/namei.c:3857\n do_sys_openat2+0x5dc/0x6e0 fs/open.c:1428\n do_sys_open fs/open.c:1443 [inline]\n __do_sys_openat fs/open.c:1459 [inline]\n __se_sys_openat fs/open.c:1454 [inline]\n __x64_sys_openat+0x148/0x200 fs/open.c:1454\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_6\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21631",
"url": "https://www.suse.com/security/cve/CVE-2025-21631"
},
{
"category": "external",
"summary": "SUSE Bug 1236099 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "external",
"summary": "SUSE Bug 1236100 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram-\u003etable without\nsetting it NULL. Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21671",
"url": "https://www.suse.com/security/cve/CVE-2025-21671"
},
{
"category": "external",
"summary": "SUSE Bug 1236692 for CVE-2025-21671",
"url": "https://bugzilla.suse.com/1236692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that\u0027s discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21693",
"url": "https://www.suse.com/security/cve/CVE-2025-21693"
},
{
"category": "external",
"summary": "SUSE Bug 1237029 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "external",
"summary": "SUSE Bug 1237047 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdc-acm: Check control transfer buffer size before access\n\nIf the first fragment is shorter than struct usb_cdc_notification, we can\u0027t\ncalculate an expected_size. Log an error and discard the notification\ninstead of reading lengths from memory outside the received data, which can\nlead to memory corruption when the expected_size decreases between\nfragments, causing `expected_size - acm-\u003enb_index` to wrap.\n\nThis issue has been present since the beginning of git history; however,\nit only leads to memory corruption since commit ea2583529cd1\n(\"cdc-acm: reassemble fragmented notifications\").\n\nA mitigating factor is that acm_ctrl_irq() can only execute after userspace\nhas opened /dev/ttyACM*; but if ModemManager is running, ModemManager will\ndo that automatically depending on the USB device\u0027s vendor/product IDs and\nits other interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21704",
"url": "https://www.suse.com/security/cve/CVE-2025-21704"
},
{
"category": "external",
"summary": "SUSE Bug 1237571 for CVE-2025-21704",
"url": "https://bugzilla.suse.com/1237571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: enable basic endpoint checking\n\nSyzkaller reports [1] encountering a common issue of utilizing a wrong\nusb endpoint type during URB submitting stage. This, in turn, triggers\na warning shown below.\n\nFor now, enable simple endpoint checking (specifically, bulk and\ninterrupt eps, testing control one is not essential) to mitigate\nthe issue with a view to do other related cosmetic changes later,\nif they are necessary.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 1 PID: 2586 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 driv\u003e\nModules linked in:\nCPU: 1 UID: 0 PID: 2586 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00069-gfc88bb11617\u003e\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nCode: 84 3c 02 00 00 e8 05 e4 fc fc 4c 89 ef e8 fd 25 d7 fe 45 89 e0 89 e9 4c 89 f2 48 8\u003e\nRSP: 0018:ffffc9000441f740 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888112487a00 RCX: ffffffff811a99a9\nRDX: ffff88810df6ba80 RSI: ffffffff811a99b6 RDI: 0000000000000001\nRBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff8881023bf0a8 R14: ffff888112452a20 R15: ffff888112487a7c\nFS: 00007fc04eea5740(0000) GS:ffff8881f6300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0a1de9f870 CR3: 000000010dbd0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rtl8150_open+0x300/0xe30 drivers/net/usb/rtl8150.c:733\n __dev_open+0x2d4/0x4e0 net/core/dev.c:1474\n __dev_change_flags+0x561/0x720 net/core/dev.c:8838\n dev_change_flags+0x8f/0x160 net/core/dev.c:8910\n devinet_ioctl+0x127a/0x1f10 net/ipv4/devinet.c:1177\n inet_ioctl+0x3aa/0x3f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x116/0x280 net/socket.c:1222\n sock_ioctl+0x22e/0x6c0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fc04ef73d49\n...\n\nThis change has not been tested on real hardware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21708",
"url": "https://www.suse.com/security/cve/CVE-2025-21708"
},
{
"category": "external",
"summary": "SUSE Bug 1239087 for CVE-2025-21708",
"url": "https://bugzilla.suse.com/1239087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rose: prevent integer overflows in rose_setsockopt()\n\nIn case of possible unpredictably large arguments passed to\nrose_setsockopt() and multiplied by extra values on top of that,\ninteger overflows may occur.\n\nDo the safest minimum and fix these issues by checking the\ncontents of \u0027opt\u0027 and returning -EINVAL if they are too large. Also,\nswitch to unsigned int and remove useless check for negative \u0027opt\u0027\nin ROSE_IDLE case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21711",
"url": "https://www.suse.com/security/cve/CVE-2025-21711"
},
{
"category": "external",
"summary": "SUSE Bug 1239114 for CVE-2025-21711",
"url": "https://bugzilla.suse.com/1239114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP use after free\n\nPrevent double queueing of implicit ODP mr destroy work by using\n__xa_cmpxchg() to make sure this is the only time we are destroying this\nspecific mr.\n\nWithout this change, we could try to invalidate this mr twice, which in\nturn could result in queuing a MR work destroy twice, and eventually the\nsecond work could execute after the MR was freed due to the first work,\ncausing a user after free and trace below.\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 2 PID: 12178 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x130\n Modules linked in: bonding ib_ipoib vfio_pci ip_gre geneve nf_tables ip6_gre gre ip6_tunnel tunnel6 ipip tunnel4 ib_umad rdma_ucm mlx5_vfio_pci vfio_pci_core vfio_iommu_type1 mlx5_ib vfio ib_uverbs mlx5_core iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\n CPU: 2 PID: 12178 Comm: kworker/u20:5 Not tainted 6.5.0-rc1_net_next_mlx5_58c644e #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events_unbound free_implicit_child_mr_work [mlx5_ib]\n RIP: 0010:refcount_warn_saturate+0x12b/0x130\n Code: 48 c7 c7 38 95 2a 82 c6 05 bc c6 fe 00 01 e8 0c 66 aa ff 0f 0b 5b c3 48 c7 c7 e0 94 2a 82 c6 05 a7 c6 fe 00 01 e8 f5 65 aa ff \u003c0f\u003e 0b 5b c3 90 8b 07 3d 00 00 00 c0 74 12 83 f8 01 74 13 8d 50 ff\n RSP: 0018:ffff8881008e3e40 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000027\n RDX: ffff88852c91b5c8 RSI: 0000000000000001 RDI: ffff88852c91b5c0\n RBP: ffff8881dacd4e00 R08: 00000000ffffffff R09: 0000000000000019\n R10: 000000000000072e R11: 0000000063666572 R12: ffff88812bfd9e00\n R13: ffff8881c792d200 R14: ffff88810011c005 R15: ffff8881002099c0\n FS: 0000000000000000(0000) GS:ffff88852c900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5694b5e000 CR3: 00000001153f6003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0x12b/0x130\n free_implicit_child_mr_work+0x180/0x1b0 [mlx5_ib]\n process_one_work+0x1cc/0x3c0\n worker_thread+0x218/0x3c0\n kthread+0xc6/0xf0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21714",
"url": "https://www.suse.com/security/cve/CVE-2025-21714"
},
{
"category": "external",
"summary": "SUSE Bug 1237890 for CVE-2025-21714",
"url": "https://bugzilla.suse.com/1237890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21718",
"url": "https://www.suse.com/security/cve/CVE-2025-21718"
},
{
"category": "external",
"summary": "SUSE Bug 1239073 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "external",
"summary": "SUSE Bug 1239074 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239074"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix possible crash when setting up bsg fails\n\nIf bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.\nConsequently, in mpi3mr_bsg_exit(), the condition \"if(!mrioc-\u003ebsg_queue)\"\nwill not be satisfied, preventing execution from entering\nbsg_remove_queue(), which could lead to the following crash:\n\nBUG: kernel NULL pointer dereference, address: 000000000000041c\nCall Trace:\n \u003cTASK\u003e\n mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr]\n mpi3mr_remove+0x6f/0x340 [mpi3mr]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x19d/0x220\n unbind_store+0xa4/0xb0\n kernfs_fop_write_iter+0x11f/0x200\n vfs_write+0x1fc/0x3e0\n ksys_write+0x67/0xe0\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0xe2",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21723",
"url": "https://www.suse.com/security/cve/CVE-2025-21723"
},
{
"category": "external",
"summary": "SUSE Bug 1238864 for CVE-2025-21723",
"url": "https://bugzilla.suse.com/1238864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: avoid UAF for reorder_work\n\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\n\ncrypto_request\t\t\tcrypto_request\t\tcrypto_del_alg\npadata_do_serial\n ...\n padata_reorder\n // processes all remaining\n // requests then breaks\n while (1) {\n if (!padata)\n break;\n ...\n }\n\n\t\t\t\tpadata_do_serial\n\t\t\t\t // new request added\n\t\t\t\t list_add\n // sees the new request\n queue_work(reorder_work)\n\t\t\t\t padata_reorder\n\t\t\t\t queue_work_on(squeue-\u003ework)\n...\n\n\t\t\t\t\u003ckworker context\u003e\n\t\t\t\tpadata_serial_worker\n\t\t\t\t// completes new request,\n\t\t\t\t// no more outstanding\n\t\t\t\t// requests\n\n\t\t\t\t\t\t\tcrypto_del_alg\n\t\t\t\t\t\t\t // free pd\n\n\u003ckworker context\u003e\ninvoke_padata_reorder\n // UAF of pd\n\nTo avoid UAF for \u0027reorder_work\u0027, get \u0027pd\u0027 ref before put \u0027reorder_work\u0027\ninto the \u0027serial_wq\u0027 and put \u0027pd\u0027 ref until the \u0027serial_wq\u0027 finish.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21726",
"url": "https://www.suse.com/security/cve/CVE-2025-21726"
},
{
"category": "external",
"summary": "SUSE Bug 1238865 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "external",
"summary": "SUSE Bug 1240837 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1240837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf \u0027mdelay(10)\u0027 is added before calling \u0027padata_find_next\u0027 in the\n\u0027padata_reorder\u0027 function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(\u0026pd-\u003erefcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps-\u003epd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in \u0027while\u0027, if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n\u0027padata_find_next\u0027, which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in \u0027padata_free_shell\u0027 wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21727",
"url": "https://www.suse.com/security/cve/CVE-2025-21727"
},
{
"category": "external",
"summary": "SUSE Bug 1237876 for CVE-2025-21727",
"url": "https://bugzilla.suse.com/1237876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd-\u003erecv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -\u003e succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -\u003e succeed\n nbd_reconnect_socket\n queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -\u003e nbd_config is freed\n atomic_dec(\u0026config-\u003erecv_threads)\n -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21731",
"url": "https://www.suse.com/security/cve/CVE-2025-21731"
},
{
"category": "external",
"summary": "SUSE Bug 1237881 for CVE-2025-21731",
"url": "https://bugzilla.suse.com/1237881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error\n\nThis patch addresses a race condition for an ODP MR that can result in a\nCQE with an error on the UMR QP.\n\nDuring the __mlx5_ib_dereg_mr() flow, the following sequence of calls\noccurs:\n\nmlx5_revoke_mr()\n mlx5r_umr_revoke_mr()\n mlx5r_umr_post_send_wait()\n\nAt this point, the lkey is freed from the hardware\u0027s perspective.\n\nHowever, concurrently, mlx5_ib_invalidate_range() might be triggered by\nanother task attempting to invalidate a range for the same freed lkey.\n\nThis task will:\n - Acquire the umem_odp-\u003eumem_mutex lock.\n - Call mlx5r_umr_update_xlt() on the UMR QP.\n - Since the lkey has already been freed, this can lead to a CQE error,\n causing the UMR QP to enter an error state [1].\n\nTo resolve this race condition, the umem_odp-\u003eumem_mutex lock is now also\nacquired as part of the mlx5_revoke_mr() scope. Upon successful revoke,\nwe set umem_odp-\u003eprivate which points to that MR to NULL, preventing any\nfurther invalidation attempts on its lkey.\n\n[1] From dmesg:\n\n infiniband rocep8s0f0: dump_cqe:277:(pid 0): WC error: 6, Message: memory bind operation error\n cqe_dump: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000030: 00 00 00 00 08 00 78 06 25 00 11 b9 00 0e dd d2\n\n WARNING: CPU: 15 PID: 1506 at drivers/infiniband/hw/mlx5/umr.c:394 mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n Modules linked in: ip6table_mangle ip6table_natip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\n CPU: 15 UID: 0 PID: 1506 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1626\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n [..]\n Call Trace:\n \u003cTASK\u003e\n mlx5r_umr_update_xlt+0x23c/0x3e0 [mlx5_ib]\n mlx5_ib_invalidate_range+0x2e1/0x330 [mlx5_ib]\n __mmu_notifier_invalidate_range_start+0x1e1/0x240\n zap_page_range_single+0xf1/0x1a0\n madvise_vma_behavior+0x677/0x6e0\n do_madvise+0x1a2/0x4b0\n __x64_sys_madvise+0x25/0x30\n do_syscall_64+0x6b/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21732",
"url": "https://www.suse.com/security/cve/CVE-2025-21732"
},
{
"category": "external",
"summary": "SUSE Bug 1237877 for CVE-2025-21732",
"url": "https://bugzilla.suse.com/1237877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Fix resetting of tracepoints\n\nIf a timerlat tracer is started with the osnoise option OSNOISE_WORKLOAD\ndisabled, but then that option is enabled and timerlat is removed, the\ntracepoints that were enabled on timerlat registration do not get\ndisabled. If the option is disabled again and timelat is started, then it\ntriggers a warning in the tracepoint code due to registering the\ntracepoint again without ever disabling it.\n\nDo not use the same user space defined options to know to disable the\ntracepoints when timerlat is removed. Instead, set a global flag when it\nis enabled and use that flag to know to disable the events.\n\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n ~# echo OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo nop \u003e /sys/kernel/tracing/current_tracer\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n\nTriggers:\n\n ------------[ cut here ]------------\n WARNING: CPU: 6 PID: 1337 at kernel/tracepoint.c:294 tracepoint_add_func+0x3b6/0x3f0\n Modules linked in:\n CPU: 6 UID: 0 PID: 1337 Comm: rtla Not tainted 6.13.0-rc4-test-00018-ga867c441128e-dirty #73\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:tracepoint_add_func+0x3b6/0x3f0\n Code: 48 8b 53 28 48 8b 73 20 4c 89 04 24 e8 23 59 11 00 4c 8b 04 24 e9 36 fe ff ff 0f 0b b8 ea ff ff ff 45 84 e4 0f 84 68 fe ff ff \u003c0f\u003e 0b e9 61 fe ff ff 48 8b 7b 18 48 85 ff 0f 84 4f ff ff ff 49 8b\n RSP: 0018:ffffb9b003a87ca0 EFLAGS: 00010202\n RAX: 00000000ffffffef RBX: ffffffff92f30860 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9bf59e91ccd0 RDI: ffffffff913b6410\n RBP: 000000000000000a R08: 00000000000005c7 R09: 0000000000000002\n R10: ffffb9b003a87ce0 R11: 0000000000000002 R12: 0000000000000001\n R13: ffffb9b003a87ce0 R14: ffffffffffffffef R15: 0000000000000008\n FS: 00007fce81209240(0000) GS:ffff9bf6fdd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055e99b728000 CR3: 00000001277c0002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ? __warn.cold+0xb7/0x14d\n ? tracepoint_add_func+0x3b6/0x3f0\n ? report_bug+0xea/0x170\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? tracepoint_add_func+0x3b6/0x3f0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n tracepoint_probe_register+0x78/0xb0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n osnoise_workload_start+0x2b5/0x370\n timerlat_tracer_init+0x76/0x1b0\n tracing_set_tracer+0x244/0x400\n tracing_set_trace_write+0xa0/0xe0\n vfs_write+0xfc/0x570\n ? do_sys_openat2+0x9c/0xe0\n ksys_write+0x72/0xf0\n do_syscall_64+0x79/0x1c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21733",
"url": "https://www.suse.com/security/cve/CVE-2025-21733"
},
{
"category": "external",
"summary": "SUSE Bug 1238494 for CVE-2025-21733",
"url": "https://bugzilla.suse.com/1238494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21734",
"url": "https://www.suse.com/security/cve/CVE-2025-21734"
},
{
"category": "external",
"summary": "SUSE Bug 1238734 for CVE-2025-21734",
"url": "https://bugzilla.suse.com/1238734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21735",
"url": "https://www.suse.com/security/cve/CVE-2025-21735"
},
{
"category": "external",
"summary": "SUSE Bug 1238497 for CVE-2025-21735",
"url": "https://bugzilla.suse.com/1238497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix possible int overflows in nilfs_fiemap()\n\nSince nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result\nby being prepared to go through potentially maxblocks == INT_MAX blocks,\nthe value in n may experience an overflow caused by left shift of blkbits.\n\nWhile it is extremely unlikely to occur, play it safe and cast right hand\nexpression to wider type to mitigate the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with static analysis\ntool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21736",
"url": "https://www.suse.com/security/cve/CVE-2025-21736"
},
{
"category": "external",
"summary": "SUSE Bug 1238715 for CVE-2025-21736",
"url": "https://bugzilla.suse.com/1238715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21738",
"url": "https://www.suse.com/security/cve/CVE-2025-21738"
},
{
"category": "external",
"summary": "SUSE Bug 1238917 for CVE-2025-21738",
"url": "https://bugzilla.suse.com/1238917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21741",
"url": "https://www.suse.com/security/cve/CVE-2025-21741"
},
{
"category": "external",
"summary": "SUSE Bug 1238767 for CVE-2025-21741",
"url": "https://bugzilla.suse.com/1238767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21742",
"url": "https://www.suse.com/security/cve/CVE-2025-21742"
},
{
"category": "external",
"summary": "SUSE Bug 1238771 for CVE-2025-21742",
"url": "https://bugzilla.suse.com/1238771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix possible overflow in DPE length check\n\nOriginally, it was possible for the DPE length check to overflow if\nwDatagramIndex + wDatagramLength \u003e U16_MAX. This could lead to an OoB\nread.\n\nMove the wDatagramIndex term to the other side of the inequality.\n\nAn existing condition ensures that wDatagramIndex \u003c urb-\u003eactual_length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21743",
"url": "https://www.suse.com/security/cve/CVE-2025-21743"
},
{
"category": "external",
"summary": "SUSE Bug 1238781 for CVE-2025-21743",
"url": "https://bugzilla.suse.com/1238781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr-\u003eif2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp-\u003endev-\u003estats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21744",
"url": "https://www.suse.com/security/cve/CVE-2025-21744"
},
{
"category": "external",
"summary": "SUSE Bug 1238903 for CVE-2025-21744",
"url": "https://bugzilla.suse.com/1238903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21745",
"url": "https://www.suse.com/security/cve/CVE-2025-21745"
},
{
"category": "external",
"summary": "SUSE Bug 1238785 for CVE-2025-21745",
"url": "https://bugzilla.suse.com/1238785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21749",
"url": "https://www.suse.com/security/cve/CVE-2025-21749"
},
{
"category": "external",
"summary": "SUSE Bug 1238904 for CVE-2025-21749",
"url": "https://bugzilla.suse.com/1238904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "low"
}
],
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS: 00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21750",
"url": "https://www.suse.com/security/cve/CVE-2025-21750"
},
{
"category": "external",
"summary": "SUSE Bug 1238905 for CVE-2025-21750",
"url": "https://bugzilla.suse.com/1238905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn\u0027t cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n ASSERT(!(flags \u0026 ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n FAULT_INJECTION: forcing a failure.\n name failslab, interval 1, probability 0, space 0, times 1\n CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n fail_dump lib/fault-inject.c:53 [inline]\n should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n should_failslab+0xac/0x100 mm/failslab.c:46\n slab_pre_alloc_hook mm/slub.c:4072 [inline]\n slab_alloc_node mm/slub.c:4148 [inline]\n __do_kmalloc_node mm/slub.c:4297 [inline]\n __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_pwritev fs/read_write.c:1146 [inline]\n __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f1281f85d29\n RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n \u003c/TASK\u003e\n BTRFS error (device loop0 state A): Transaction aborted (error -12)\n BTRFS: error (device loop0 state A\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21754",
"url": "https://www.suse.com/security/cve/CVE-2025-21754"
},
{
"category": "external",
"summary": "SUSE Bug 1238496 for CVE-2025-21754",
"url": "https://bugzilla.suse.com/1238496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial\n\nThe driver assumed that es58x_dev-\u003eudev-\u003eserial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev-\u003eudev-\u003eserial before accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21773",
"url": "https://www.suse.com/security/cve/CVE-2025-21773"
},
{
"category": "external",
"summary": "SUSE Bug 1238762 for CVE-2025-21773",
"url": "https://bugzilla.suse.com/1238762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21775",
"url": "https://www.suse.com/security/cve/CVE-2025-21775"
},
{
"category": "external",
"summary": "SUSE Bug 1238501 for CVE-2025-21775",
"url": "https://bugzilla.suse.com/1238501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: hub: Ignore non-compliant devices with too many configs or interfaces\n\nRobert Morris created a test program which can cause\nusb_hub_to_struct_hub() to dereference a NULL or inappropriate\npointer:\n\nOops: general protection fault, probably for non-canonical address\n0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI\nCPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14\nHardware name: FreeBSD BHYVE/BHYVE, BIOS 14.0 10/17/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_hub_adjust_deviceremovable+0x78/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x31/0x80\n ? exc_general_protection+0x1b4/0x3c0\n ? asm_exc_general_protection+0x26/0x30\n ? usb_hub_adjust_deviceremovable+0x78/0x110\n hub_probe+0x7c7/0xab0\n usb_probe_interface+0x14b/0x350\n really_probe+0xd0/0x2d0\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x6e/0x110\n driver_probe_device+0x1a/0x90\n __device_attach_driver+0x7e/0xc0\n bus_for_each_drv+0x7f/0xd0\n __device_attach+0xaa/0x1a0\n bus_probe_device+0x8b/0xa0\n device_add+0x62e/0x810\n usb_set_configuration+0x65d/0x990\n usb_generic_driver_probe+0x4b/0x70\n usb_probe_device+0x36/0xd0\n\nThe cause of this error is that the device has two interfaces, and the\nhub driver binds to interface 1 instead of interface 0, which is where\nusb_hub_to_struct_hub() looks.\n\nWe can prevent the problem from occurring by refusing to accept hub\ndevices that violate the USB spec by having more than one\nconfiguration or interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21776",
"url": "https://www.suse.com/security/cve/CVE-2025-21776"
},
{
"category": "external",
"summary": "SUSE Bug 1238909 for CVE-2025-21776",
"url": "https://bugzilla.suse.com/1238909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21779",
"url": "https://www.suse.com/security/cve/CVE-2025-21779"
},
{
"category": "external",
"summary": "SUSE Bug 1238768 for CVE-2025-21779",
"url": "https://bugzilla.suse.com/1238768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21780",
"url": "https://www.suse.com/security/cve/CVE-2025-21780"
},
{
"category": "external",
"summary": "SUSE Bug 1239115 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "external",
"summary": "SUSE Bug 1239116 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn\u0027t a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh-\u003ebat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21781",
"url": "https://www.suse.com/security/cve/CVE-2025-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1238735 for CVE-2025-21781",
"url": "https://bugzilla.suse.com/1238735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21784",
"url": "https://www.suse.com/security/cve/CVE-2025-21784"
},
{
"category": "external",
"summary": "SUSE Bug 1238510 for CVE-2025-21784",
"url": "https://bugzilla.suse.com/1238510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21785",
"url": "https://www.suse.com/security/cve/CVE-2025-21785"
},
{
"category": "external",
"summary": "SUSE Bug 1238747 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "external",
"summary": "SUSE Bug 1240745 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1240745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21793",
"url": "https://www.suse.com/security/cve/CVE-2025-21793"
},
{
"category": "external",
"summary": "SUSE Bug 1238500 for CVE-2025-21793",
"url": "https://bugzilla.suse.com/1238500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()\n\nSyzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from\nhid-thrustmaster driver. This array is passed to usb_check_int_endpoints\nfunction from usb.c core driver, which executes a for loop that iterates\nover the elements of the passed array. Not finding a null element at the end of\nthe array, it tries to read the next, non-existent element, crashing the kernel.\n\nTo fix this, a 0 element was added at the end of the array to break the for\nloop.\n\n[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21794",
"url": "https://www.suse.com/security/cve/CVE-2025-21794"
},
{
"category": "external",
"summary": "SUSE Bug 1238502 for CVE-2025-21794",
"url": "https://bugzilla.suse.com/1238502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n $ cat /proc/iomem\n 30000000-37ffffff :\n 38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n $ cat /proc/iomem\n 30000000-37ffffff : memory2\n 38000000-3fffffff : memory3\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21804",
"url": "https://www.suse.com/security/cve/CVE-2025-21804"
},
{
"category": "external",
"summary": "SUSE Bug 1238736 for CVE-2025-21804",
"url": "https://bugzilla.suse.com/1238736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: class: Fix wild pointer dereferences in API class_dev_iter_next()\n\nThere are a potential wild pointer dereferences issue regarding APIs\nclass_dev_iter_(init|next|exit)(), as explained by below typical usage:\n\n// All members of @iter are wild pointers.\nstruct class_dev_iter iter;\n\n// class_dev_iter_init(@iter, @class, ...) checks parameter @class for\n// potential class_to_subsys() error, and it returns void type and does\n// not initialize its output parameter @iter, so caller can not detect\n// the error and continues to invoke class_dev_iter_next(@iter) even if\n// @iter still contains wild pointers.\nclass_dev_iter_init(\u0026iter, ...);\n\n// Dereference these wild pointers in @iter here once suffer the error.\nwhile (dev = class_dev_iter_next(\u0026iter)) { ... };\n\n// Also dereference these wild pointers here.\nclass_dev_iter_exit(\u0026iter);\n\nActually, all callers of these APIs have such usage pattern in kernel tree.\nFix by:\n- Initialize output parameter @iter by memset() in class_dev_iter_init()\n and give callers prompt by pr_crit() for the error.\n- Check if @iter is valid in class_dev_iter_next().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21810",
"url": "https://www.suse.com/security/cve/CVE-2025-21810"
},
{
"category": "external",
"summary": "SUSE Bug 1238757 for CVE-2025-21810",
"url": "https://bugzilla.suse.com/1238757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/compaction: fix UBSAN shift-out-of-bounds warning\n\nsyzkaller reported a UBSAN shift-out-of-bounds warning of (1UL \u003c\u003c order)\nin isolate_freepages_block(). The bogus compound_order can be any value\nbecause it is union with flags. Add back the MAX_PAGE_ORDER check to fix\nthe warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21815",
"url": "https://www.suse.com/security/cve/CVE-2025-21815"
},
{
"category": "external",
"summary": "SUSE Bug 1238474 for CVE-2025-21815",
"url": "https://bugzilla.suse.com/1238474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/display: Use HW lock mgr for PSR1\"\n\nThis reverts commit\na2b5a9956269 (\"drm/amd/display: Use HW lock mgr for PSR1\")\n\nBecause it may cause system hang while connect with two edp panel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21819",
"url": "https://www.suse.com/security/cve/CVE-2025-21819"
},
{
"category": "external",
"summary": "SUSE Bug 1238994 for CVE-2025-21819",
"url": "https://bugzilla.suse.com/1238994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port-\u003esysrq)\n uart_port_lock(port)\n uart_handle_break()\n port-\u003esysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port-\u003esysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port-\u003esysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21820",
"url": "https://www.suse.com/security/cve/CVE-2025-21820"
},
{
"category": "external",
"summary": "SUSE Bug 1238479 for CVE-2025-21820",
"url": "https://bugzilla.suse.com/1238479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21823",
"url": "https://www.suse.com/security/cve/CVE-2025-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1238475 for CVE-2025-21823",
"url": "https://bugzilla.suse.com/1238475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Cancel the running bpf_timer through kworker for PREEMPT_RT\n\nDuring the update procedure, when overwrite element in a pre-allocated\nhtab, the freeing of old_element is protected by the bucket lock. The\nreason why the bucket lock is necessary is that the old_element has\nalready been stashed in htab-\u003eextra_elems after alloc_htab_elem()\nreturns. If freeing the old_element after the bucket lock is unlocked,\nthe stashed element may be reused by concurrent update procedure and the\nfreeing of old_element will run concurrently with the reuse of the\nold_element. However, the invocation of check_and_free_fields() may\nacquire a spin-lock which violates the lockdep rule because its caller\nhas already held a raw-spin-lock (bucket lock). The following warning\nwill be reported when such race happens:\n\n BUG: scheduling while atomic: test_progs/676/0x00000003\n 3 locks held by test_progs/676:\n #0: ffffffff864b0240 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830\n #1: ffff88810e961188 (\u0026htab-\u003elockdep_key){....}-{2:2}, at: htab_map_update_elem+0x306/0x1500\n #2: ffff8881f4eac1b8 (\u0026base-\u003esoftirq_expiry_lock){....}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0\n Modules linked in: bpf_testmod(O)\n Preemption disabled at:\n [\u003cffffffff817837a3\u003e] htab_map_update_elem+0x293/0x1500\n CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G ... 6.12.0+ #11\n Tainted: [W]=WARN, [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n __schedule_bug+0x120/0x170\n __schedule+0x300c/0x4800\n schedule_rtlock+0x37/0x60\n rtlock_slowlock_locked+0x6d9/0x54c0\n rt_spin_lock+0x168/0x230\n hrtimer_cancel_wait_running+0xe9/0x1b0\n hrtimer_cancel+0x24/0x30\n bpf_timer_delete_work+0x1d/0x40\n bpf_timer_cancel_and_free+0x5e/0x80\n bpf_obj_free_fields+0x262/0x4a0\n check_and_free_fields+0x1d0/0x280\n htab_map_update_elem+0x7fc/0x1500\n bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43\n bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e\n bpf_prog_test_run_syscall+0x322/0x830\n __sys_bpf+0x135d/0x3ca0\n __x64_sys_bpf+0x75/0xb0\n x64_sys_call+0x1b5/0xa10\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n ...\n \u003c/TASK\u003e\n\nIt seems feasible to break the reuse and refill of per-cpu extra_elems\ninto two independent parts: reuse the per-cpu extra_elems with bucket\nlock being held and refill the old_element as per-cpu extra_elems after\nthe bucket lock is unlocked. However, it will make the concurrent\noverwrite procedures on the same CPU return unexpected -E2BIG error when\nthe map is full.\n\nTherefore, the patch fixes the lock problem by breaking the cancelling\nof bpf_timer into two steps for PREEMPT_RT:\n1) use hrtimer_try_to_cancel() and check its return value\n2) if the timer is running, use hrtimer_cancel() through a kworker to\n cancel it again\nConsidering that the current implementation of hrtimer_cancel() will try\nto acquire a being held softirq_expiry_lock when the current timer is\nrunning, these steps above are reasonable. However, it also has\ndownside. When the timer is running, the cancelling of the timer is\ndelayed when releasing the last map uref. The delay is also fixable\n(e.g., break the cancelling of bpf timer into two parts: one part in\nlocked scope, another one in unlocked scope), it can be revised later if\nnecessary.\n\nIt is a bit hard to decide the right fix tag. One reason is that the\nproblem depends on PREEMPT_RT which is enabled in v6.12. Considering the\nsoftirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced\nin v5.15, the bpf_timer commit is used in the fixes tag and an extra\ndepends-on tag is added to state the dependency on PREEMPT_RT.\n\nDepends-on: v6.12+ with PREEMPT_RT enabled",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21825",
"url": "https://www.suse.com/security/cve/CVE-2025-21825"
},
{
"category": "external",
"summary": "SUSE Bug 1238971 for CVE-2025-21825",
"url": "https://bugzilla.suse.com/1238971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t flush non-uploaded STAs\n\nIf STA state is pre-moved to AUTHORIZED (such as in IBSS\nscenarios) and insertion fails, the station is freed.\nIn this case, the driver never knew about the station,\nso trying to flush it is unexpected and may crash.\n\nCheck if the sta was uploaded to the driver before and\nfix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21828",
"url": "https://www.suse.com/security/cve/CVE-2025-21828"
},
{
"category": "external",
"summary": "SUSE Bug 1238958 for CVE-2025-21828",
"url": "https://bugzilla.suse.com/1238958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n \u003cTASK\u003e\n ? show_regs.cold+0x1a/0x1f\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __warn+0x84/0xd0\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? report_bug+0x105/0x180\n ? handle_bug+0x46/0x80\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n ib_destroy_qp_user+0x118/0x190 [ib_core]\n rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n process_one_work+0x21d/0x3f0\n worker_thread+0x4a/0x3c0\n ? process_one_work+0x3f0/0x3f0\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21829",
"url": "https://www.suse.com/security/cve/CVE-2025-21829"
},
{
"category": "external",
"summary": "SUSE Bug 1239030 for CVE-2025-21829",
"url": "https://bugzilla.suse.com/1239030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21830",
"url": "https://www.suse.com/security/cve/CVE-2025-21830"
},
{
"category": "external",
"summary": "SUSE Bug 1239033 for CVE-2025-21830",
"url": "https://bugzilla.suse.com/1239033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won\u0027t be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21831",
"url": "https://www.suse.com/security/cve/CVE-2025-21831"
},
{
"category": "external",
"summary": "SUSE Bug 1239039 for CVE-2025-21831",
"url": "https://bugzilla.suse.com/1239039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21835",
"url": "https://www.suse.com/security/cve/CVE-2025-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1239068 for CVE-2025-21835",
"url": "https://bugzilla.suse.com/1239068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget-\u003ework\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(\u0026gadget-\u003ework)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21838",
"url": "https://www.suse.com/security/cve/CVE-2025-21838"
},
{
"category": "external",
"summary": "SUSE Bug 1239065 for CVE-2025-21838",
"url": "https://bugzilla.suse.com/1239065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 15 SP6:kernel-livepatch-6_4_0-150600_10_34-rt-1-150600.1.5.1.x86_64",
"SUSE Real Time Module 15 SP6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"SUSE Real Time Module 15 SP6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"SUSE Real Time Module 15 SP6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-extra-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-livepatch-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-optional-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-devel-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-rt_debug-vdso-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kernel-source-rt-6.4.0-150600.10.34.1.noarch",
"openSUSE Leap 15.6:kernel-syms-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-rt-6.4.0-150600.10.34.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-rt-6.4.0-150600.10.34.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-04-08T16:32:07Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
}
]
}
SUSE-SU-2025:01919-1
Vulnerability from csaf_suse - Published: 2025-06-12 06:29 - Updated: 2025-06-12 06:29Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).
- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).
- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).
- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).
- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).
- CVE-2024-43869: perf: Fix hang while freeing sigtrap event (bsc#1229491).
- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).
- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).
- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).
- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).
- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).
- CVE-2024-49940: l2tp: prevent possible tunnel refcount underflow (bsc#1232812).
- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).
- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).
- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).
- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).
- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).
- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).
- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).
- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).
- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).
- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).
- CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc (bsc#1234074).
- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).
- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).
- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).
- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).
- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).
- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).
- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).
- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).
- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).
- CVE-2024-56638: kABI fix for 'netfilter: nft_inner: incorrect percpu area handling under softirq' (bsc#1235524).
- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).
- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).
- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).
- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).
- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).
- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).
- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).
- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).
- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).
- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).
- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).
- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).
- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).
- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).
- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).
- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).
- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).
- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).
- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).
- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).
- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).
- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).
- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy (bsc#1236111).
- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).
- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).
- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).
- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).
- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).
- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).
- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (bsc#1237312).
- CVE-2025-21703: netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).
- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).
- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).
- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).
- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).
- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).
- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).
- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).
- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).
- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).
- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).
- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).
- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).
- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).
- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).
- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).
- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).
- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).
- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).
- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).
- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).
- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).
- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).
- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).
- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).
- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).
- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).
- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).
- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).
- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).
- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).
- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).
- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).
- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).
- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).
- CVE-2025-21812: ax25: rcu protect dev->ax25_ptr (bsc#1238471).
- CVE-2025-21814: ptp: Ensure info->enable callback is always set (bsc#1238473).
- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).
- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).
- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).
- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).
- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).
- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).
- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).
- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).
- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).
- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).
- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).
- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).
- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).
- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).
- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).
- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).
- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).
- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).
- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).
- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).
- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).
- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).
- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).
- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).
- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).
- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).
- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).
- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).
- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).
- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).
- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).
- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).
- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).
- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).
- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).
- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).
- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).
- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level > 2 (bsc#1240742).
- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).
- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).
- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).
- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).
- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).
- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).
- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).
- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).
- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).
- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).
- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).
- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).
- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).
- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).
- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).
- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).
- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).
- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).
- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).
- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).
- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).
- CVE-2025-22029: exec: fix the racy usage of fs_struct->in_exec (bsc#1241378).
- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).
- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).
- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).
- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).
- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).
- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).
- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).
- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).
- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).
- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).
- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).
- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).
- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).
- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).
- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).
- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).
- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).
- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).
- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).
- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).
- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).
- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).
- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).
- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).
- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).
- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).
- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).
- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).
- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).
- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).
- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).
- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).
- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).
- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).
- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).
- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).
- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).
- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).
- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).
- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).
- CVE-2025-37798: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).
- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).
- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).
- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).
- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).
- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).
- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).
- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).
- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).
- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).
- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).
- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).
- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).
- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).
- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).
- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).
- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).
- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).
- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).
- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).
- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).
- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).
- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).
- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).
- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).
The following non-security bugs were fixed:
- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).
- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).
- ACPI: PPTT: Fix processor subtable walk (git-fixes).
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).
- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).
- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).
- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).
- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).
- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).
- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).
- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).
- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).
- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).
- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).
- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).
- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).
- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).
- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).
- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).
- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).
- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).
- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).
- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).
- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).
- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).
- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).
- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).
- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).
- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).
- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).
- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).
- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).
- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).
- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).
- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).
- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).
- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).
- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).
- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).
- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).
- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).
- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).
- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).
- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).
- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).
- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).
- ASoC: Use of_property_read_bool() (stable-fixes).
- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).
- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).
- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).
- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).
- ASoC: es8328: fix route from DAC to output (git-fixes).
- ASoC: fsl_audmix: register card device depends on 'dais' property (stable-fixes).
- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).
- ASoC: ops: Consistently treat platform_max as control value (git-fixes).
- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).
- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).
- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).
- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).
- ASoC: rt722-sdca: add missing readable registers (git-fixes).
- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).
- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).
- ASoC: tas2764: Fix power control mask (stable-fixes).
- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).
- ASoC: tas2770: Fix volume scale (stable-fixes).
- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).
- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).
- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).
- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).
- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).
- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).
- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).
- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).
- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).
- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).
- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).
- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).
- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).
- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).
- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).
- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).
- Bluetooth: hci_uart: fix race during initialization (stable-fixes).
- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).
- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).
- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).
- GHES: Fatal hardware error (GHES panic timeout) (bsc#1239615).
- Documentation: qat: fix auto_reset attribute details (git-fixes).
- Documentation: qat: fix auto_reset section (git-fixes).
- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).
- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).
- PCI: Drop PCI patch that caused a regression (bsc#1241123).
- memory: Fix memory-hotplug regression (bsc#1237504).
- net/ipv6: Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).
- HID: Enable playstation driver independently of sony driver (git-fixes).
- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).
- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).
- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).
- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).
- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).
- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).
- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).
- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).
- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).
- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).
- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).
- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).
- IB/cm: use rwlock for MAD agent lock (git-fixes)
- IB/mad: Check available slots before posting receive WRs (git-fixes)
- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)
- Input: ads7846 - fix gpiod allocation (git-fixes).
- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).
- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).
- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).
- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).
- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).
- Input: iqs7222 - preserve system status register (git-fixes).
- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).
- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).
- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).
- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).
- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).
- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).
- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).
- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).
- Input: xpad - add multiple supported devices (stable-fixes).
- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).
- Input: xpad - add support for TECNO Pocket Go (stable-fixes).
- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).
- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).
- Input: xpad - fix two controller table values (git-fixes).
- Input: xpad - rename QH controller to Legion Go S (stable-fixes).
- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).
- KVM: SVM: Disable AVIC on SNP-enabled system without HvInUseWrAllowed feature (bsc#1235862).
- KVM: SVM: Do not change target vCPU state on AP Creation VMGEXIT error (git-fixes).
- KVM: SVM: Drop DEBUGCTL[5:2] from guest's effective value (git-fixes).
- KVM: SVM: Refuse to attempt VRMUN if an SEV-ES+ guest had an invalid VMSA (git-fixes).
- KVM: SVM: Save host DR masks on CPUs with DebugSwap (jsc#PED-348).
- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).
- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).
- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).
- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).
- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).
- KVM: arm64: Mark some header functions as inline (git-fixes).
- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).
- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).
- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).
- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).
- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).
- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).
- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).
- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).
- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).
- KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload() (git-fixes).
- KVM: x86/xen: Use guest's copy of pvclock when starting timer (git-fixes).
- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).
- KVM: x86: Check that the high 32bits are clear in kvm_arch_vcpu_ioctl_run() (git-fixes).
- KVM: x86: Do not take kvm->lock when iterating over vCPUs in suspend notifier (git-fixes).
- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).
- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn't supported by KVM (git-fixes).
- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).
- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).
- KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel (git-fixes).
- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).
- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).
- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).
- KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected (git-fixes).
- Move upstreamed ACPI patch into sorted section
- Move upstreamed PCI and initramfs patches into sorted section
- Move upstreamed nfsd and sunrpc patches into sorted section
- Move upstreamed powerpc and SCSI patches into sorted section
- Move upstreamed smb patch into sorted section Also move other out-of-tree patches into the proper section
- Move upstreamed sound patch into sorted section
- Move upstreamed tpm patch into sorted section
- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).
- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn't up (git-fixes).
- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).
- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).
- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)
- PCI/ACS: Fix 'pci=config_acs=' parameter (git-fixes).
- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).
- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)
- PCI/DOE: Support discovery version 2 (bsc#1237853)
- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).
- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).
- PCI: Avoid reset when disabled via sysfs (git-fixes).
- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).
- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).
- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).
- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).
- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).
- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).
- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).
- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).
- PCI: brcmstb: Use internal register to change link capability (git-fixes).
- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).
- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).
- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).
- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).
- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).
- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).
- PM: sleep: Adjust check before setting power.must_resume (git-fixes).
- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). Replace our patch with the upstream version.
- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)
- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)
- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)
- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)
- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)
- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)
- RDMA/core: Fix 'KASAN: slab-use-after-free Read in ib_register_device' problem (git-fixes)
- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)
- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)
- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)
- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)
- RDMA/hns: Fix missing xa_destroy() (git-fixes)
- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)
- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)
- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)
- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)
- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).
- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).
- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).
- RDMA/mlx5: Fix AH static rate parsing (git-fixes)
- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)
- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)
- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)
- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)
- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)
- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)
- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)
- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)
- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)
- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)
- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)
- RDMA/rxe: Fix 'trying to register non-static key in rxe_qp_do_cleanup' bug (git-fixes)
- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)
- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)
- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)
- mm: Revert patch mm-various-give-up-if-pte_offset_map-_lock-fails.patch (bsc#1241051).
- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).
- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).
- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).
- Squashfs: check return result of sb_min_blocksize (git-fixes).
- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).
- USB: VLI disk crashes if LPM is used (stable-fixes).
- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).
- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).
- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).
- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).
- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).
- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).
- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).
- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).
- USB: wdm: add annotation (git-fixes).
- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).
- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).
- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).
- RDMA: Update patch RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch (git-fixes bsc#1239925).
- kABI: Update patch kABI-fix-for-RDMA-core-Don-t-expose-hw_counters-outs.patch (git-fixes bsc#1239925).
- nvme: Update patch nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).
- nvme: Update patch nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).
- s390: Update patch s390-pci-Fix-SR-IOV-for-PFs-initially-in-standby.patch (git-fixes bsc#1236752 bsc#1238368).
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).
- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).
- accel/qaic: Fix possible data corruption in BOs > 2G (git-fixes).
- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).
- add bug reference for an existing hv_netvsc change (bsc#1243737).
- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).
- af_unix: Annotate data-race of sk->sk_state in unix_stream_read_skb() (bsc#1239435).
- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).
- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).
- affs: do not write overlarge OFS data block size fields (git-fixes).
- affs: generate OFS sequence numbers starting at 1 (git-fixes).
- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).
- afs: Make it possible to find the volumes that are using a server (git-fixes).
- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).
- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).
- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)
- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)
- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)
- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)
- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)
- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)
- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)
- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)
- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)
- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)
- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)
- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)
- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)
- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)
- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)
- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)
- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)
- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)
- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)
- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)
- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)
- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)
- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)
- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)
- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)
- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)
- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)
- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)
- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)
- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)
- arm64: insn: Add support for encoding DSB (git-fixes)
- arm64: mm: Correct the update of max_pfn (git-fixes)
- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)
- arm64: proton-pack: Add new CPUs 'k' values for branch mitigation (git-fixes)
- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)
- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)
- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)
- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).
- asus-laptop: Fix an uninitialized variable (git-fixes).
- ata: ahci: Add mask_port_map module parameter (git-fixes).
- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).
- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).
- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).
- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).
- ata: libata-scsi: Improve CDL control (git-fixes).
- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).
- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).
- ata: pata_parport: add custom version of wait_after_reset (git-fixes).
- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).
- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).
- ata: pata_serverworks: Do not use the term blacklist (git-fixes).
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).
- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).
- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).
- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).
- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).
- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).
- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).
- badblocks: Fix error shitf ops (git-fixes).
- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).
- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).
- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).
- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).
- badblocks: return error if any badblock set fails (git-fixes).
- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).
- bitmap: introduce generic optimized bitmap_size() (git-fixes).
- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).
- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).
- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).
- block: cleanup and fix batch completion adding conditions (git-fixes).
- block: do not revert iter for -EIOCBQUEUED (git-fixes).
- block: fix 'kmem_cache of name 'bio-108' already exists' (git-fixes).
- block: fix conversion of GPT partition name to 7-bit (git-fixes).
- block: fix resource leak in blk_register_queue() error path (git-fixes).
- block: integrity: Do not call set_page_dirty_lock() (git-fixes).
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).
- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).
- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).
- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).
- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).
- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).
- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).
- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).
- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).
- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).
- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).
- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).
- bpf: Fix a verifier verbose message (git-fixes).
- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).
- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).
- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).
- bpf: Scrub packet on bpf_redirect_peer (git-fixes).
- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).
- bpf: add find_containing_subprog() utility function (bsc#1241590).
- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).
- bpf: check changes_pkt_data property for extension programs (bsc#1241590).
- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).
- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).
- bpf: fix potential error return (git-fixes).
- bpf: prevent r10 register from being marked as precise (git-fixes).
- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).
- bpf: track changes_pkt_data property for global functions (bsc#1241590).
- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).
- broadcom: fix supported flag check in periodic output function (git-fixes).
- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).
- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).
- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).
- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).
- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).
- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).
- btrfs: check delayed refs when we're checking if a ref exists (bsc#1239605).
- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).
- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).
- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).
- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).
- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).
- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).
- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).
- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).
- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).
- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).
- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).
- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).
- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).
- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).
- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).
- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).
- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).
- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).
- can: bcm: add locking for bcm_op runtime updates (git-fixes).
- can: bcm: add missing rcu read protection for procfs content (git-fixes).
- can: flexcan: disable transceiver during system PM (git-fixes).
- can: flexcan: only change CAN state when link up in system PM (git-fixes).
- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).
- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).
- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).
- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).
- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).
- can: slcan: allow reception of short error messages (git-fixes).
- can: ucan: fix out of bound read in strscpy() source (git-fixes).
- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).
- cdx: Fix possible UAF error in driver_override_show() (git-fixes).
- char: misc: deallocate static minor in error path (git-fixes).
- char: misc: register chrdev region with all possible minors (git-fixes).
- check-for-config-changes: Fix flag name typo
- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).
- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).
- cifs: Remove intermediate object of failed create reparse call (git-fixes).
- cifs: commands that are retried should have replay flag set (bsc#1231432).
- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).
- cifs: helper function to check replayable error codes (bsc#1231432).
- cifs: new mount option called retrans (bsc#1231432).
- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).
- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).
- cifs: reduce warning log level for server not advertising interfaces (git-fixes).
- cifs: update desired access while requesting for directory lease (git-fixes).
- cifs: update the same create_guid on replay (git-fixes).
- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).
- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).
- counter: fix privdata alignment (git-fixes).
- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).
- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).
- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)
- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).
- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)
- cpufreq/cppc: Move and rename (bsc#1237856)
- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)
- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)
- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)
- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)
- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)
- cpumask: add cpumask_weight_andnot() (bsc#1239015).
- cpumask: define cleanup function for cpumasks (bsc#1239015).
- crypto: algif_hash - fix double free in hash_accept (git-fixes).
- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).
- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).
- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).
- crypto: ccp - Fix check for the primary ASP device (git-fixes).
- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).
- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).
- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).
- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).
- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).
- crypto: iaa - Change desc->priv to 0 (jsc#PED-12416).
- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).
- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).
- crypto: iaa - Remove header table code (jsc#PED-12416).
- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).
- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).
- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).
- crypto: iaa - Test the correct request flag (git-fixes).
- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).
- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).
- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).
- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).
- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).
- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).
- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).
- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).
- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).
- crypto: qat - Fix spelling mistake 'Invalide' -> 'Invalid' (jsc#PED-12416).
- crypto: qat - Fix typo 'accelaration' (jsc#PED-12416).
- crypto: qat - Fix typo (jsc#PED-12416).
- crypto: qat - Remove trailing space after \n newline (jsc#PED-12416).
- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).
- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).
- crypto: qat - add auto reset on error (jsc#PED-12416).
- crypto: qat - add bank save and restore flows (jsc#PED-12416).
- crypto: qat - add fatal error notification (jsc#PED-12416).
- crypto: qat - add fatal error notify method (jsc#PED-12416).
- crypto: qat - add heartbeat error simulator (jsc#PED-12416).
- crypto: qat - add interface for live migration (jsc#PED-12416).
- crypto: qat - add support for 420xx devices (jsc#PED-12416).
- crypto: qat - add support for device telemetry (jsc#PED-12416).
- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).
- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).
- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).
- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).
- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).
- crypto: qat - disable arbitration before reset (jsc#PED-12416).
- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).
- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).
- crypto: qat - fix 'Full Going True' macro definition (jsc#PED-12416).
- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).
- crypto: qat - fix comment structure (jsc#PED-12416).
- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).
- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).
- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).
- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).
- crypto: qat - implement dh fallback for primes > 4K (jsc#PED-12416).
- crypto: qat - implement interface for live migration (jsc#PED-12416).
- crypto: qat - improve aer error reset handling (jsc#PED-12416).
- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).
- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).
- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).
- crypto: qat - limit heartbeat notifications (jsc#PED-12416).
- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).
- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).
- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).
- crypto: qat - move fw config related structures (jsc#PED-12416).
- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).
- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).
- crypto: qat - relocate CSR access code (jsc#PED-12416).
- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).
- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).
- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).
- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).
- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).
- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).
- crypto: qat - set parity error mask for qat_420xx (git-fixes).
- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).
- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).
- crypto: qat - validate slices count returned by FW (jsc#PED-12416).
- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).
- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).
- devlink: fix port new reply cmd type (git-fixes).
- dlm: prevent NPD when writing a positive value to event_done (git-fixes).
- dm array: fix cursor index when skipping across block boundaries (git-fixes).
- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).
- dm init: Handle minors larger than 255 (git-fixes).
- dm integrity: fix out-of-range warning (git-fixes).
- dm persistent data: fix memory allocation failure (git-fixes).
- dm resume: do not return EINVAL when signalled (git-fixes).
- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).
- dm thin: Add missing destroy_work_on_stack() (git-fixes).
- dm-bufio: do not schedule in atomic context (git-fixes).
- dm-crypt: do not update io->sector after kcryptd_crypt_write_io_submit() (git-fixes).
- dm-crypt: track tag_offset in convert_context (git-fixes).
- dm-delay: fix hung task introduced by kthread mode (git-fixes).
- dm-delay: fix max_delay calculations (git-fixes).
- dm-delay: fix workqueue delay_timer race (git-fixes).
- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).
- dm-ebs: fix prefetch-vs-suspend race (git-fixes).
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).
- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).
- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).
- dm-integrity: fix a warning on invalid table line (git-fixes).
- dm-integrity: set ti->error on memory allocation failure (git-fixes).
- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).
- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).
- dm-verity: fix prefetch-vs-suspend race (git-fixes).
- dm: Fix typo in error message (git-fixes).
- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).
- dm: always update the array size in realloc_argv on success (git-fixes).
- dm: fix copying after src array boundaries (git-fixes).
- dma-buf: insert memory barrier before updating num_fences (git-fixes).
- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).
- dmaengine: Revert 'dmaengine: dmatest: Fix dmatest waiting less when interrupted' (git-fixes).
- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).
- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).
- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).
- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).
- dmaengine: idxd: Fix ->poll() return value (git-fixes).
- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).
- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).
- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).
- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: mediatek: drop unused variable (git-fixes).
- dmaengine: ti: k3-udma: Add missing locking (git-fixes).
- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).
- driver core: Remove needless return in void API device_remove_group() (git-fixes).
- drivers: base: devres: Allow to release group on device release (stable-fixes).
- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).
- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).
- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).
- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).
- drm/amd/display: Copy AUX read reply data whenever length > 0 (git-fixes).
- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).
- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).
- drm/amd/display: Fix HPD after gpu reset (stable-fixes).
- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).
- drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params (git-fixes).
- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).
- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).
- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).
- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).
- drm/amd/display: Force full update in gpu reset (stable-fixes).
- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).
- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).
- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).
- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).
- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).
- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).
- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).
- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).
- drm/amd/pm/smu11: Prevent division by zero (git-fixes).
- drm/amd/pm: Prevent division by zero (git-fixes).
- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).
- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).
- drm/amd: Keep display off while going into S4 (stable-fixes).
- drm/amdgpu/dma_buf: fix page_link check (git-fixes).
- drm/amdgpu/gfx11: fix num_mec (git-fixes).
- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).
- drm/amdgpu/umsch: declare umsch firmware (git-fixes).
- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).
- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).
- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).
- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).
- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).
- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).
- drm/amdgpu: fix pm notifier handling (git-fixes).
- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).
- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).
- drm/amdkfd: Fix Circular Locking Dependency in 'svm_range_cpu_invalidate_pagetables' (git-fixes).
- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).
- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).
- drm/amdkfd: clamp queue size to minimum (stable-fixes).
- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).
- drm/atomic: Filter out redundant DPMS calls (stable-fixes).
- drm/bridge: Fix spelling mistake 'gettin' -> 'getting' (git-fixes).
- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).
- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).
- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).
- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).
- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).
- drm/dp_mst: Fix drm RAD print (git-fixes).
- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).
- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).
- drm/fdinfo: Protect against driver unbind (git-fixes).
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).
- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).
- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).
- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).
- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).
- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL's own port width macro (git-fixes).
- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).
- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).
- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions' (git-fixes).
- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).
- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).
- drm/i915: Disable RPG during live selftest (git-fixes).
- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).
- drm/mediatek: dp: drm_err => dev_err in HPD path to avoid NULL ptr (git-fixes).
- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).
- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).
- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).
- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).
- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).
- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).
- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).
- drm/msm/dpu: do not use active in atomic_check() (git-fixes).
- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).
- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).
- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).
- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).
- drm/nouveau: Do not override forced connector status (stable-fixes).
- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).
- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).
- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).
- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).
- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).
- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).
- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).
- drm/repaper: fix integer overflows in repeat functions (git-fixes).
- drm/sched: Fix fence reference count leak (git-fixes).
- drm/sched: Fix preprocessor guard (git-fixes).
- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).
- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).
- drm/ssd130x: fix ssd132x encoding (git-fixes).
- drm/sti: remove duplicate object names (git-fixes).
- drm/tests: Add helper to create mock crtc (stable-fixes).
- drm/tests: Add helper to create mock plane (stable-fixes).
- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).
- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: helpers: Add atomic helpers (stable-fixes).
- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).
- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).
- drm/tests: helpers: Fix compiler warning (git-fixes).
- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).
- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).
- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).
- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).
- drm/vkms: Fix use after free and double free on init error (git-fixes).
- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).
- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).
- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).
- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).
- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).
- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).
- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).
- dummycon: fix default rows/cols (git-fixes).
- e1000e: change k1 configuration on MTP and later platforms (git-fixes).
- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).
- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).
- eth: bnxt: fix missing ring index trim on error path (git-fixes).
- ethtool: Fix context creation with no parameters (git-fixes).
- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).
- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).
- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).
- ethtool: fix setting key and resetting indir at once (git-fixes).
- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).
- ethtool: netlink: do not return SQI value if link is down (git-fixes).
- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).
- ethtool: rss: echo the context number back (git-fixes).
- exfat: do not fallback to buffered write (git-fixes).
- exfat: do not zero the extended part (bsc#1237356).
- exfat: drop ->i_size_ondisk (git-fixes).
- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).
- exfat: fix potential wrong error return from get_block (git-fixes).
- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).
- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).
- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).
- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).
- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).
- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).
- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).
- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).
- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).
- ext4: goto right label 'out_mmap_sem' in ext4_setattr() (bsc#1242556).
- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).
- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).
- ext4: protect ext4_release_dquot against freezing (bsc#1242335).
- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).
- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).
- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).
- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).
- fbdev: omapfb: Add 'plane' value check (stable-fixes).
- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).
- fbdev: sm501fb: Add some geometry checks (git-fixes).
- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).
- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).
- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).
- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).
- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).
- firmware: cs_dsp: Remove async regmap writes (git-fixes).
- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).
- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).
- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).
- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).
- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).
- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).
- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).
- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).
- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).
- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).
- gpio: rcar: Fix missing of_node_put() call (git-fixes).
- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).
- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).
- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).
- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).
- gup: make the stack expansion warning a bit more targeted (bsc#1238214).
- gve: handle overflow when reporting TX consumed descriptors (git-fixes).
- gve: set xdp redirect target only when it is available (git-fixes).
- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).
- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).
- hv_netvsc: Remove rmsg_pgcnt (git-fixes).
- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).
- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).
- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).
- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).
- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).
- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).
- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).
- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).
- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).
- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).
- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).
- i2c: ls2x: Fix frequency division register access (git-fixes).
- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).
- i2c: omap: fix IRQ storms (git-fixes).
- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).
- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).
- i3c: master: svc: Fix missing the IBI rules (git-fixes).
- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).
- ice: Add check for devm_kzalloc() (git-fixes).
- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).
- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).
- ice: fix reservation of resources for RDMA when disabled (git-fixes).
- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).
- ice: stop truncating queue ids when checking (git-fixes).
- idpf: check error for register_netdev() on init (git-fixes).
- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).
- idpf: fix offloads support for encapsulated packets (git-fixes).
- idpf: fix potential memory leak on kcalloc() failure (git-fixes).
- idpf: protect shutdown from reset (git-fixes).
- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).
- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).
- igc: cleanup PTP module if probe fails (git-fixes).
- igc: fix PTM cycle trigger logic (git-fixes).
- igc: fix lock order in igc_ptp_reset (git-fixes).
- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).
- igc: increase wait time before retrying PTM (git-fixes).
- igc: move ktime snapshot into PTM retry loop (git-fixes).
- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).
- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).
- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).
- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).
- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).
- iio: adc: ad7606: fix serial register access (git-fixes).
- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).
- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).
- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).
- iio: adis16201: Correct inclinometer channel resolution (git-fixes).
- iio: dac: ad3552r: clear reset status flag (git-fixes).
- iio: filter: admv8818: Force initialization of SDO (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).
- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).
- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).
- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).
- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).
- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).
- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).
- init: add initramfs_internal.h (bsc#1232848).
- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).
- initramfs: allocate heap buffers together (bsc#1232848).
- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).
- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).
- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).
- intel_th: pci: Add Arrow Lake support (stable-fixes).
- intel_th: pci: Add Panther Lake-H support (stable-fixes).
- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).
- ioam6: improve checks on user data (git-fixes).
- iommu/vt-d: Fix suspicious RCU usage (git-fixes).
- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).
- ipv4/route: avoid unused-but-set-variable warning (git-fixes).
- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).
- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).
- ipv4: Fix incorrect source address in Record Route option (git-fixes).
- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).
- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).
- ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr (git-fixes).
- ipv4: fix source address selection with route leak (git-fixes).
- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).
- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).
- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).
- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).
- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).
- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).
- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).
- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).
- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).
- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).
- ipv6: Align behavior across nexthops during path selection (git-fixes).
- ipv6: Do not consider link down nexthops in path selection (git-fixes).
- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).
- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).
- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).
- ipv6: Start path selection from the first nexthop (git-fixes).
- ipv6: Use RCU in ip6_input() (bsc#1239994).
- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).
- ipv6: avoid atomic fragment on GSO packets (git-fixes).
- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).
- ipv6: fib: hide unused 'pn' variable (git-fixes).
- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).
- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).
- ipv6: fix potential NULL deref in fib6_add() (git-fixes).
- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).
- ipv6: introduce dst_rt6_info() helper (git-fixes).
- ipv6: ioam: block BH from ioam6_output() (git-fixes).
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).
- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- ipv6: sr: add missing seg6_local_exit (git-fixes).
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).
- ipv6: take care of scope when choosing the src addr (git-fixes).
- irqchip/davinci: Remove leftover header (git-fixes).
- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).
- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).
- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).
- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).
- jbd2: fix off-by-one while erasing journal (bsc#1242344).
- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).
- jbd2: increase IO priority for writing revoke records (bsc#1242332).
- jbd2: increase the journal IO's priority (bsc#1242537).
- jbd2: remove wrong sb->s_sequence check (bsc#1242343).
- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).
- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).
- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).
- jfs: add check read-only before txBeginAnon() call (git-fixes).
- jfs: add index corruption check to DT_GETPAGE() (git-fixes).
- jfs: add sanity check for agwidth in dbMount (git-fixes).
- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).
- jfs: reject on-disk inodes of an unsupported type (git-fixes).
- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).
- jiffies: Define secs_to_jiffies() (bsc#1242993).
- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)
- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).
- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).
- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).
- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).
- kABI workaround for intel-ish-hid (git-fixes).
- kABI workaround for powercap update (bsc#1241010).
- kABI workaround for soc_mixer_control changes (git-fixes).
- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).
- kbuild: hdrcheck: fix cross build with clang (git-fixes).
- kernel-binary: Support livepatch_rt with merged RT branch
- kernel-obs-qa: Use srchash for dependency as well
- kernel-source: Also replace bin/env
- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).
- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).
- kunit: qemu_configs: sparc: use Zilog console (git-fixes).
- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).
- l2tp: fix lockdep splat (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).
- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).
- lib: 842: Improve error handling in sw842_compress() (git-fixes).
- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).
- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).
- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).
- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).
- loop: Add sanity check for read/write_iter (git-fixes).
- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).
- loop: aio inherit the ioprio of original request (git-fixes).
- loop: do not require ->write_iter for writable files in loop_configure (git-fixes).
- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).
- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).
- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).
- md/md-bitmap: add 'sync_size' into struct md_bitmap_stats (git-fixes).
- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212).
- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).
- md/md-cluster: fix spares warnings for __le64 (git-fixes).
- md/raid0: do not free conf on raid0_run failure (git-fixes).
- md/raid1,raid10: do not ignore IO flags (git-fixes).
- md/raid10: fix missing discard IO accounting (git-fixes).
- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).
- md/raid1: Add check for missing source disk in process_checks() (git-fixes).
- md/raid1: do not free conf on raid0_run failure (git-fixes).
- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).
- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).
- md/raid5: implement pers->bitmap_sector() (git-fixes).
- md: Do not flush sync_work in md_write_start() (git-fixes).
- md: add a new callback pers->bitmap_sector() (git-fixes).
- md: convert comma to semicolon (git-fixes).
- md: ensure resync is prioritized over recovery (git-fixes).
- md: fix mddev uaf while iterating all_mddevs list (git-fixes).
- md: preserve KABI in struct md_personality v2 (git-fixes).
- mdacon: rework dependency list (git-fixes).
- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).
- media: i2c: ccs: Set the device's runtime PM status correctly in remove (git-fixes).
- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).
- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).
- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).
- media: platform: stm32: Add check for clk_enable() (git-fixes).
- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).
- media: streamzap: fix race between device disconnection and urb callback (git-fixes).
- media: streamzap: prevent processing IR data on URB failure (git-fixes).
- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).
- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).
- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).
- media: venus: hfi: add check to handle incorrect queue size (git-fixes).
- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).
- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).
- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).
- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).
- media: vim2m: print device name after registering device (git-fixes).
- media: visl: Fix ERANGE error when setting enum controls (git-fixes).
- mei: me: add panther lake H DID (stable-fixes).
- mei: me: add panther lake P DID (stable-fixes).
- memblock tests: fix warning: '__ALIGN_KERNEL' redefined (git-fixes).
- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).
- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).
- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).
- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).
- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).
- mfd: syscon: Remove extern from function prototypes (stable-fixes).
- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).
- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).
- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).
- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).
- mm/readahead: fix large folio support in async readahead (bsc#1242321).
- mm: accept to promo watermark (bsc#1239600).
- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).
- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).
- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).
- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).
- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).
- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)
- mm: zswap: move allocations during CPU init outside the lock (git-fixes).
- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).
- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).
- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).
- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).
- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).
- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).
- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).
- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).
- mptcp: refine opt_mp_capable determination (git-fixes).
- mptcp: relax check on MPC passive fallback (git-fixes).
- mptcp: strict validation before using mp_opt->hmac (git-fixes).
- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).
- mtd: Add check for devm_kcalloc() (git-fixes).
- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).
- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).
- mtd: nand: Fix a kdoc comment (git-fixes).
- mtd: phram: Add the kernel lock down check (bsc#1232649).
- mtd: rawnand: Add status chack in r852_ready() (git-fixes).
- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).
- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).
- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).
- neighbour: delete redundant judgment statements (git-fixes).
- net l2tp: drop flow hash on forward (git-fixes).
- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).
- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).
- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).
- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).
- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).
- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).
- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).
- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).
- net/mlx5: IRQ, Fix null string in debug print (git-fixes).
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).
- net/mlx5: Start health poll after enable hca (git-fixes).
- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).
- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).
- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).
- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).
- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).
- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).
- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).
- net/sched: flower: Add lock protection when remove filter handle (git-fixes).
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (git-fixes).
- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).
- net/tcp: refactor tcp_inet6_sk() (git-fixes).
- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).
- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).
- net: Fix undefined behavior in netdev name allocation (bsc#1233749).
- net: Handle napi_schedule() calls from non-interrupt (git-fixes).
- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).
- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).
- net: add dev_net_rcu() helper (bsc#1239994).
- net: annotate data-races around sk->sk_dst_pending_confirm (git-fixes).
- net: annotate data-races around sk->sk_tx_queue_mapping (git-fixes).
- net: avoid UAF on deleted altname (bsc#1233749).
- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).
- net: check for altname conflicts when changing netdev's netns (bsc#1233749).
- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).
- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).
- net: do not dump stack on queue timeout (git-fixes).
- net: do not send a MOVE event when netdev changes netns (bsc#1233749).
- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).
- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).
- net: ethtool: Fix RSS setting (git-fixes).
- net: fix ifname in netlink ntf during netns move (bsc#1233749).
- net: fix removing a namespace with conflicting altnames (bsc#1233749).
- net: free altname using an RCU callback (bsc#1233749).
- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).
- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).
- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).
- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).
- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).
- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).
- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).
- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).
- net: ipv6: ioam6: code alignment (git-fixes).
- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).
- net: ipv6: ioam6: new feature tunsrc (git-fixes).
- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).
- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).
- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).
- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).
- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).
- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).
- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).
- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).
- net: mana: Allow variable size indirection table (bsc#1239016).
- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).
- net: mana: Avoid open coded arithmetic (bsc#1239016).
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).
- net: mana: Support holes in device list reply msg (git-fixes).
- net: mana: Switch to page pool for jumbo frames (git-fixes).
- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).
- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).
- net: mark racy access on sk->sk_rcvbuf (git-fixes).
- net: move altnames together with the netdevice (bsc#1233749).
- net: phy: leds: fix memory leak (git-fixes).
- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).
- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).
- net: reduce indentation of __dev_alloc_name() (bsc#1233749).
- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).
- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).
- net: remove else after return in dev_prep_valid_name() (bsc#1233749).
- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).
- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).
- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).
- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).
- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).
- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).
- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).
- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).
- net: use unrcu_pointer() helper (git-fixes).
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).
- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).
- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).
- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).
- net_sched: sch_sfq: annotate data-races around q->perturb_period (git-fixes).
- net_sched: sch_sfq: handle bigger packets (git-fixes).
- netdev-genl: avoid empty messages in queue dump (git-fixes).
- netdev: fix repeated netlink messages in queue dump (git-fixes).
- netlink: annotate data-races around sk->sk_err (git-fixes).
- netpoll: Ensure clean state on setup failures (git-fixes).
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).
- nfs: add missing selections of CONFIG_CRC32 (git-fixes).
- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).
- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).
- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).
- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).
- nfsd: clear acl_access/acl_default after releasing them (git-fixes).
- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).
- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).
- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).
- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).
- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).
- ntb: intel: Fix using link status DB's (git-fixes).
- ntb: reduce stack usage in idt_scan_mws (stable-fixes).
- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).
- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).
- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).
- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).
- ntb_perf: Fix printk format (git-fixes).
- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).
- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).
- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).
- nvme-fc: use ctrl state getter (git-fixes).
- nvme-ioctl: fix leaked requests on mapping error (git-fixes).
- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).
- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).
- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).
- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).
- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).
- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).
- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).
- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).
- nvme-pci: remove stale comment (git-fixes).
- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).
- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).
- nvme-tcp: Fix a C2HTermReq error message (git-fixes).
- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).
- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).
- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).
- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).
- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).
- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).
- nvme/ioctl: add missing space in err message (git-fixes).
- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).
- nvme: Add 'partial_nid' quirk (bsc#1241148).
- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).
- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).
- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).
- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).
- nvme: make nvme_tls_attrs_group static (git-fixes).
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).
- nvme: move passthrough logging attribute to head (git-fixes).
- nvme: multipath: fix return value of nvme_available_path (git-fixes).
- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).
- nvme: re-read ANA log page after ns scan completes (git-fixes).
- nvme: requeue namespace scan on missed AENs (git-fixes).
- nvme: tcp: Fix compilation warning with W=1 (git-fixes).
- nvme: unblock ctrl state transition for firmware update (git-fixes).
- nvmet-fc: Remove unused functions (git-fixes).
- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).
- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).
- nvmet-fc: put ref when assoc->del_work is already scheduled (git-fixes).
- nvmet-fc: take tgtport reference only once (git-fixes).
- nvmet-fc: update tgtport ref per assoc (git-fixes).
- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).
- nvmet-fcloop: add ref counting to lport (git-fixes).
- nvmet-fcloop: replace kref with refcount (git-fixes).
- nvmet-fcloop: swap list_add_tail arguments (git-fixes).
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).
- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).
- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).
- nvmet: Fix crash when a namespace is disabled (git-fixes).
- nvmet: remove old function prototype (git-fixes).
- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).
- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).
- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).
- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).
- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).
- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).
- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).
- ocfs2: handle a symlink read error correctly (git-fixes).
- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).
- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).
- orangefs: fix a oob in orangefs_debug_write (git-fixes).
- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251).
- packaging: Turn gcc version into config.sh variable Fixes: 51dacec21eb1 ('Use gcc-13 for build on SLE16 (jsc#PED-10028).')
- padata: do not leak refcount in reorder_work (git-fixes).
- padata: fix sysfs store callback check (git-fixes).
- partitions: mac: fix handling of bogus partition table (git-fixes).
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).
- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).
- perf tools: annotate asm_pure_loop.S (bsc#1239906).
- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).
- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)
- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)
- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)
- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)
- phy: Fix error handling in tegra_xusb_port_init (git-fixes).
- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).
- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).
- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).
- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).
- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).
- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).
- phy: tegra: xusb: remove a stray unlock (git-fixes).
- phy: tegra: xusb: reset VBUS & ID OVERRIDE (git-fixes).
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).
- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).
- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).
- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).
- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).
- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).
- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).
- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).
- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).
- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).
- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).
- platform/x86: ISST: Correct command storage data length (git-fixes).
- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).
- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).
- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).
- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).
- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).
- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).
- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).
- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).
- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).
- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).
- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).
- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).
- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).
- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).
- powerpc/boot: Check for ld-option support (bsc#1215199).
- powerpc/boot: Fix dash warning (bsc#1215199).
- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).
- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).
- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).
- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).
- powerpc: Do not use --- in kernel logs (git-fixes).
- powerpc: Stop using no_llseek (bsc#1239573).
- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).
- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).
- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).
- pwm: rcar: Improve register calculation (git-fixes).
- qibfs: fix _another_ leak (git-fixes)
- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).
- rapidio: fix an API misues when rio_add_net() fails (git-fixes).
- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)
- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)
- rcu: Break rcu_node_0 --> &rq->__lock order (git-fixes)
- rcu: Introduce rcu_cpu_online() (git-fixes)
- regulator: check that dummy regulator has been probed before using it (stable-fixes).
- regulator: core: Fix deadlock in create_regulator() (git-fixes).
- regulator: dummy: force synchronous probing (git-fixes).
- regulator: max20086: fix invalid memory access (git-fixes).
- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).
- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN
- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).
- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986).
- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)
- rpm/package-descriptions: Add rt and rt_debug descriptions
- rpm/release-projects: Update the ALP projects again (bsc#1231293).
- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)
- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).
- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).
- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).
- s390/cio: Fix CHPID 'configure' attribute caching (git-fixes bsc#1240979).
- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).
- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).
- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).
- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).
- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)
- scsi: Improve CDL control (git-fixes).
- scsi: core: Clear driver private data when retrying request (git-fixes).
- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).
- scsi: core: Do not retry I/Os during depopulation (git-fixes).
- scsi: core: Handle depopulation and restoration in progress (git-fixes).
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).
- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).
- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).
- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).
- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).
- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).
- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).
- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).
- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).
- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).
- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).
- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).
- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).
- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).
- scsi: lpfc: Fix spelling mistake 'Toplogy' -> 'Topology' (bsc#1242993).
- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).
- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).
- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).
- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).
- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).
- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).
- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).
- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp->nlp_flag (git-fixes).
- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).
- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).
- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).
- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).
- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).
- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).
- scsi: mpi3mr: Fix locking in an error path (git-fixes).
- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).
- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).
- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).
- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).
- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).
- scsi: myrb: Remove dead code (git-fixes).
- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).
- scsi: qedi: Fix potential deadlock on &qedi_percpu->p_work_lock (git-fixes).
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).
- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).
- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).
- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).
- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).
- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).
- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).
- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).
- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).
- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).
- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).
- scsi: sg: Enable runtime power management (git-fixes).
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).
- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).
- sctp: Fix undefined behavior in left shift operation (git-fixes).
- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).
- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).
- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).
- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).
- sctp: fix busy polling (git-fixes).
- sctp: prefer struct_size over open coded arithmetic (git-fixes).
- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).
- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).
- selftests/bpf: Add a few tests to cover (git-fixes).
- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).
- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).
- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).
- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).
- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).
- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).
- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).
- selftests/bpf: test for changing packet data from global functions (bsc#1241590).
- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).
- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).
- selftests/mm/cow: fix the incorrect error handling (git-fixes).
- selftests/mm: fix incorrect buffer->mirror size in hmm2 double_map test (bsc#1242203).
- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).
- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).
- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).
- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).
- selinux: Implement mptcp_add_subflow hook (bsc#1240375).
- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).
- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).
- serial: msm: Configure correct working mode before starting earlycon (git-fixes).
- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).
- series.conf: temporarily disable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch (bsc#1238212)
- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).
- smb3: fix creating FIFOs when mounting with 'sfu' mount option (git-fixes).
- smb3: request handle caching when caching directories (bsc#1231432).
- smb3: retrying on failed server close (bsc#1231432).
- smb: cached directories can be more than root file handle (bsc#1231432).
- smb: cilent: set reparse mount points as automounts (git-fixes).
- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).
- smb: client: Fix minor whitespace errors and warnings (git-fixes).
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).
- smb: client: add support for WSL reparse points (git-fixes).
- smb: client: allow creating special files via reparse points (git-fixes).
- smb: client: allow creating symlinks via reparse points (git-fixes).
- smb: client: cleanup smb2_query_reparse_point() (git-fixes).
- smb: client: destroy cfid_put_wq on module exit (git-fixes).
- smb: client: do not query reparse points twice on symlinks (git-fixes).
- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).
- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).
- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).
- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).
- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).
- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).
- smb: client: fix hardlinking of reparse points (git-fixes).
- smb: client: fix missing mode bits for SMB symlinks (git-fixes).
- smb: client: fix open_cached_dir retries with 'hard' mount option (bsc#1240616).
- smb: client: fix possible double free in smb2_set_ea() (git-fixes).
- smb: client: fix potential broken compound request (git-fixes).
- smb: client: fix renaming of reparse points (git-fixes).
- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).
- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).
- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).
- smb: client: handle path separator of created SMB symlinks (git-fixes).
- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).
- smb: client: ignore unhandled reparse tags (git-fixes).
- smb: client: implement ->query_reparse_point() for SMB1 (git-fixes).
- smb: client: instantiate when creating SFU files (git-fixes).
- smb: client: introduce ->parse_reparse_point() (git-fixes).
- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).
- smb: client: introduce cifs_sfu_make_node() (git-fixes).
- smb: client: introduce reparse mount option (git-fixes).
- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).
- smb: client: move most of reparse point handling code to common file (git-fixes).
- smb: client: move some params to cifs_open_info_data (bsc#1231432).
- smb: client: optimise reparse point querying (git-fixes).
- smb: client: parse owner/group when creating reparse points (git-fixes).
- smb: client: parse reparse point flag in create response (bsc#1231432).
- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).
- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).
- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).
- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).
- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).
- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).
- smb: client: retry compound request without reusing lease (git-fixes).
- smb: client: return reparse type in /proc/mounts (git-fixes).
- smb: client: reuse file lease key in compound operations (git-fixes).
- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).
- smb: client: set correct file type from NFS reparse points (git-fixes).
- smb: client: stop revalidating reparse points unnecessarily (git-fixes).
- smb: use kernel_connect() and kernel_bind() (git-fixes).
- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).
- soc: imx8m: Remove global soc_uid (stable-fixes).
- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).
- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).
- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).
- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).
- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).
- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).
- soc: qcom: pdr: Fix the potential deadlock (git-fixes).
- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).
- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).
- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).
- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).
- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).
- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).
- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).
- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).
- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).
- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).
- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).
- spi: tegra114: Use value to check for invalid delays (git-fixes).
- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).
- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).
- splice: do not checksum AF_UNIX sockets (bsc#1240333).
- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).
- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).
- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).
- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).
- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).
- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).
- sunrpc: suppress warnings for unused procfs functions (git-fixes).
- supported.conf: add now-included qat_420xx (external, intel)
- tcp: Add memory barrier to tcp_push() (git-fixes).
- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).
- tcp: Annotate data-race around sk->sk_mark in tcp_v4_send_reset (git-fixes).
- tcp: Defer ts_recent changes until req is owned (git-fixes).
- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).
- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).
- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).
- tcp: Update window clamping condition (git-fixes).
- tcp: add tcp_done_with_error() helper (git-fixes).
- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).
- tcp: annotate data-races around tp->window_clamp (git-fixes).
- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).
- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).
- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).
- tcp: check space before adding MPTCP SYN options (git-fixes).
- tcp: clear tp->retrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).
- tcp: define initial scaling factor value as a macro (git-fixes).
- tcp: derive delack_max from rto_min (git-fixes).
- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).
- tcp: fix cookie_init_timestamp() overflows (git-fixes).
- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).
- tcp: fix mid stream window clamp (git-fixes).
- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).
- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).
- tcp: fix race in tcp_write_err() (git-fixes).
- tcp: fix races in tcp_abort() (git-fixes).
- tcp: fix races in tcp_v_err() (git-fixes).
- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it's safe (git-fixes).
- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).
- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).
- tcp: increase the default TCP scaling ratio (git-fixes).
- tcp: introduce tcp_clock_ms() (git-fixes).
- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).
- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).
- tcp: remove 64 KByte limit for initial tp->rcv_wnd value (git-fixes).
- tcp: replace tcp_time_stamp_raw() (git-fixes).
- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).
- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).
- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).
- thermal: int340x: Add NULL check for adev (git-fixes).
- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).
- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).
- tools/hv: update route parsing in kvp daemon (git-fixes).
- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).
- tools/power turbostat: report CoreThr per measurement interval (git-fixes).
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).
- tools: move alignment-related macros to new <linux/align.h> (git-fixes).
- topology: Set capacity_freq_ref in all cases (bsc#1238052)
- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).
- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).
- tpm: do not start chip while suspended (git-fixes).
- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).
- tpm: tis: Double the timeout B to 4s (bsc#1235870).
- tpm_tis: Move CRC check to generic send routine (bsc#1235870).
- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).
- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).
- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).
- tty: serial: 8250: Add some more device IDs (stable-fixes).
- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).
- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).
- ubi: Add a check for ubi_num (git-fixes).
- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).
- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).
- ubi: correct the calculation of fastmap size (stable-fixes).
- ubi: eba: properly rollback inside self_check_eba (git-fixes).
- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).
- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).
- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).
- ublk: set_params: properly check if parameters can be applied (git-fixes).
- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).
- udf: Fix inode_getblk() return value (bsc#1242313).
- udf: Skip parent dir link count update if corrupted (bsc#1242315).
- udf: Verify inode link counts before performing rename (bsc#1242314).
- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).
- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).
- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).
- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).
- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).
- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).
- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).
- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).
- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).
- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).
- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).
- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).
- usb: gadget: Fix setting self-powered state on suspend (git-fixes).
- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).
- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).
- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).
- usb: gadget: f_ecm: Add get_status callback (git-fixes).
- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).
- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).
- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).
- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).
- usb: host: xhci-plat: mvebu: use ->quirks instead of ->init_quirk() func (stable-fixes).
- usb: hub: lack of clearing xHC resources (git-fixes).
- usb: phy: generic: Use proper helper for property detection (stable-fixes).
- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).
- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).
- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).
- usb: renesas_usbhs: Call clk_put() (git-fixes).
- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).
- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).
- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).
- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).
- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).
- usb: typec: ucsi: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).
- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).
- usb: uhci-platform: Make the clock really optional (git-fixes).
- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).
- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).
- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).
- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).
- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).
- usb: xhci: correct debug message page size calculation (git-fixes).
- usb: xhci: remove 'retval' from xhci_pci_resume() (git-fixes).
- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).
- usbnet:fix NPE during rx_complete (git-fixes).
- vboxsf: fix building with GCC 15 (stable-fixes).
- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).
- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).
- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).
- virtchnl: make proto and filter action count unsigned (git-fixes).
- virtio_console: fix missing byte order handling for cols and rows (git-fixes).
- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).
- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).
- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).
- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).
- wifi: ath11k: add srng->lock for ath11k_hal_srng_* in monitor mode (git-fixes).
- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).
- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).
- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).
- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).
- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).
- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).
- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).
- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).
- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).
- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).
- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).
- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).
- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).
- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).
- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).
- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).
- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).
- wifi: iwlwifi: limit printed string from FW file (git-fixes).
- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).
- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).
- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).
- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).
- wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (git-fixes).
- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).
- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).
- wifi: mt76: Add check for devm_kstrdup() (git-fixes).
- wifi: mt76: disable napi on driver removal (git-fixes).
- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).
- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).
- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).
- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).
- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).
- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).
- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).
- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).
- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).
- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).
- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).
- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).
- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).
- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).
- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).
- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).
- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).
- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).
- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).
- x86/bugs: Add RSB mitigation document (git-fixes).
- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).
- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).
- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).
- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).
- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).
- x86/coco: Replace 'static const cc_mask' with the newly introduced cc_get_mask() function (git-fixes).
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).
- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).
- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).
- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).
- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).
- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).
- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).
- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).
- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).
- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).
- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).
- x86/microcode/32: Move early loading after paging enable (git-fixes).
- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).
- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).
- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).
- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).
- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).
- x86/microcode/amd: Cache builtin microcode too (git-fixes).
- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).
- x86/microcode/amd: Use cached microcode for AP load (git-fixes).
- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).
- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).
- x86/microcode/intel: Cleanup code further (git-fixes).
- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).
- x86/microcode/intel: Remove debug code (git-fixes).
- x86/microcode/intel: Remove pointless mutex (git-fixes).
- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).
- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).
- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).
- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).
- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).
- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).
- x86/microcode/intel: Set new revision only after a successful update (git-fixes).
- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).
- x86/microcode/intel: Simplify early loading (git-fixes).
- x86/microcode/intel: Simplify scan_microcode() (git-fixes).
- x86/microcode/intel: Switch to kvmalloc() (git-fixes).
- x86/microcode/intel: Unify microcode apply() functions (git-fixes).
- x86/microcode: Add per CPU control field (git-fixes).
- x86/microcode: Add per CPU result state (git-fixes).
- x86/microcode: Clarify the late load logic (git-fixes).
- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).
- x86/microcode: Get rid of the schedule work indirection (git-fixes).
- x86/microcode: Handle 'nosmt' correctly (git-fixes).
- x86/microcode: Handle 'offline' CPUs correctly (git-fixes).
- x86/microcode: Hide the config knob (git-fixes).
- x86/microcode: Include vendor headers into microcode.h (git-fixes).
- x86/microcode: Make reload_early_microcode() static (git-fixes).
- x86/microcode: Mop up early loading leftovers (git-fixes).
- x86/microcode: Move core specific defines to local header (git-fixes).
- x86/microcode: Prepare for minimal revision check (git-fixes).
- x86/microcode: Protect against instrumentation (git-fixes).
- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).
- x86/microcode: Provide new control functions (git-fixes).
- x86/microcode: Remove microcode_mutex (git-fixes).
- x86/microcode: Remove pointless apply() invocation (git-fixes).
- x86/microcode: Remove the driver announcement and version (git-fixes).
- x86/microcode: Rendezvous and load in NMI (git-fixes).
- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).
- x86/microcode: Rework early revisions reporting (git-fixes).
- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).
- x86/mm: Remove unused microcode.h include (git-fixes).
- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).
- x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes).
- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).
- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).
- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).
- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).
- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes).
- x86/xen: move xen_reserve_extra_memory() (git-fixes).
- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).
- xen: Change xen-acpi-processor dom0 dependency (git-fixes).
- xenfs/xensyms: respect hypervisor's 'next' indication (git-fixes).
- xfs: flush inodegc before swapon (git-fixes).
- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).
- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).
- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).
- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).
- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).
- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).
- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).
- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).
- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).
- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).
- xhci: dbc: Convert to use sysfs_streq() (git-fixes).
- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).
- xhci: dbc: Fix STALL transfer event handling (git-fixes).
- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).
- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).
- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).
- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).
- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).
- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).
- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).
- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).
- xhci: pci: Use standard pattern for device IDs (git-fixes).
- xhci: split free interrupter into separate remove and free parts (git-fixes).
- xsk: Add truesize to skb_add_rx_frag() (git-fixes).
- xsk: Do not assume metadata is always requested in TX completion (git-fixes).
- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).
- zram: clear IDLE flag after recompression (git-fixes).
- zram: clear IDLE flag in mark_idle() (git-fixes).
- zram: do not mark idle slots that cannot be idle (git-fixes).
- zram: fix potential UAF of zram table (git-fixes).
- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).
- zram: refuse to use zero sized block device as backing device (git-fixes).
- zram: split memory-tracking and ac-time tracking (git-fixes).
Patchnames
SUSE-2025-1919,SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-1919
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 Confidential Computing kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644).\n- CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching (bsc#1242006).\n- CVE-2024-35840: mptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect() (bsc#1224597).\n- CVE-2024-35910: tcp: properly terminate timers for kernel sockets (bsc#1224489).\n- CVE-2024-41005: netpoll: Fix race condition in netpoll_owner_active (bsc#1227858).\n- CVE-2024-43869: perf: Fix hang while freeing sigtrap event (bsc#1229491).\n- CVE-2024-46713: kabi fix for perf/aux: Fix AUX buffer serialization (bsc#1230581).\n- CVE-2024-46782: ila: call nf_unregister_net_hooks() sooner (bsc#1230769).\n- CVE-2024-47408: net/smc: check smcd_v2_ext_offset when receiving proposal msg (bsc#1235711).\n- CVE-2024-47794: kABI: bpf: Prevent tailcall infinite loop caused by freplace kABI workaround (bsc#1235712).\n- CVE-2024-49571: net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (bsc#1235733).\n- CVE-2024-49940: l2tp: prevent possible tunnel refcount underflow (bsc#1232812).\n- CVE-2024-50029: Bluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync (bsc#1231949).\n- CVE-2024-50036: net: do not delay dst_entries_add() in dst_release() (bsc#1231912).\n- CVE-2024-50038: netfilter: xtables: fix typo causing some targets not to load on IPv6 (bsc#1231910).\n- CVE-2024-50056: usb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c (bsc#1232389).\n- CVE-2024-50140: net: sched: use RCU read-side critical section in taprio_dump() (bsc#1233060).\n- CVE-2024-50162: bpf: selftests: send packet to devmap redirect XDP (bsc#1233075).\n- CVE-2024-50163: bpf: Make sure internal and UAPI bpf_redirect flags do not overlap (bsc#1233098).\n- CVE-2024-50223: sched/numa: Fix the potential null pointer dereference in (bsc#1233192).\n- CVE-2024-50294: rxrpc: Fix missing locking causing hanging calls (bsc#1233483).\n- CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551).\n- CVE-2024-53124: net: fix data-races around sk-\u003esk_forward_alloc (bsc#1234074).\n- CVE-2024-53135: KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (bsc#1234154).\n- CVE-2024-53139: sctp: fix possible UAF in sctp_v6_available() (bsc#1234157).\n- CVE-2024-53140: netlink: terminate outstanding dump on socket close (bsc#1234222).\n- CVE-2024-53176: smb: During unmount, ensure all cached dir instances drop their dentry (bsc#1234894).\n- CVE-2024-53177: smb: prevent use-after-free due to open_cached_dir error paths (bsc#1234896).\n- CVE-2024-53178: smb: Do not leak cfid when reconnect races with open_cached_dir (bsc#1234895).\n- CVE-2024-53680: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (bsc#1235715).\n- CVE-2024-54458: scsi: ufs: bsg: Set bsg_queue to NULL after removal (bsc#1238992).\n- CVE-2024-54683: netfilter: IDLETIMER: Fix for possible ABBA deadlock (bsc#1235729).\n- CVE-2024-56638: kABI fix for \u0027netfilter: nft_inner: incorrect percpu area handling under softirq\u0027 (bsc#1235524).\n- CVE-2024-56640: net/smc: fix LGR and link use-after-free issue (bsc#1235436).\n- CVE-2024-56703: ipv6: Fix soft lockups in fib6_select_path under high next hop churn (bsc#1235455).\n- CVE-2024-56718: net/smc: protect link down work from execute after lgr freed (bsc#1235589).\n- CVE-2024-56719: net: stmmac: fix TSO DMA API usage causing oops (bsc#1235591).\n- CVE-2024-56751: ipv6: release nexthop on device removal (bsc#1234936).\n- CVE-2024-56758: btrfs: check folio mapping after unlock in relocate_one_folio() (bsc#1235621).\n- CVE-2024-56770: net/sched: netem: account for backlog updates from child qdisc (bsc#1235637).\n- CVE-2024-57900: ila: serialize calls to nf_register_net_hooks() (bsc#1235973).\n- CVE-2024-57924: fs: relax assertions on failure to encode file handles (bsc#1236086).\n- CVE-2024-57947: netfilter: nf_set_pipapo: fix initial map fill (bsc#1236333).\n- CVE-2024-57974: udp: Deal with race between UDP socket address change and rehash (bsc#1238532).\n- CVE-2024-57979: kABI workaround for pps changes (bsc#1238521).\n- CVE-2024-57994: ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() (bsc#1237901).\n- CVE-2024-57996: net_sched: sch_sfq: do not allow 1 packet limit (bsc#1239076).\n- CVE-2024-58012: ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params (bsc#1239104).\n- CVE-2024-58018: nvkm: correctly calculate the available space of the GSP cmdq buffer (bsc#1238990).\n- CVE-2024-58019: nvkm/gsp: correctly advance the read pointer of GSP message queue (bsc#1238997).\n- CVE-2024-58068: OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized (bsc#1238961).\n- CVE-2024-58070: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT (bsc#1238983).\n- CVE-2024-58071: team: prevent adding a device which is already a team device lower (bsc#1238970).\n- CVE-2024-58083: KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (bsc#1239036).\n- CVE-2024-58088: bpf: Fix deadlock when freeing cgroup storage (bsc#1239510).\n- CVE-2025-21635: rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy (bsc#1236111).\n- CVE-2025-21648: netfilter: conntrack: clamp maximum hashtable size to INT_MAX (bsc#1236142).\n- CVE-2025-21659: netdev: prevent accessing NAPI instances from another namespace (bsc#1236206).\n- CVE-2025-21683: bpf: Fix bpf_sk_select_reuseport() memory leak (bsc#1236704).\n- CVE-2025-21693: mm: zswap: properly synchronize freeing resources during CPU hotunplug (bsc#1237029).\n- CVE-2025-21696: mm: clear uffd-wp PTE/PMD state on mremap() (bsc#1237111).\n- CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164).\n- CVE-2025-21702: pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0 (bsc#1237312).\n- CVE-2025-21703: netem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog() (bsc#1237313).\n- CVE-2025-21705: mptcp: handle fastopen disconnect correctly (bsc#1238525).\n- CVE-2025-21706: mptcp: pm: only set fullmesh for subflow endp (bsc#1238528).\n- CVE-2025-21707: mptcp: consolidate suboption status (bsc#1238862).\n- CVE-2025-21715: net: davicom: fix UAF in dm9000_drv_remove (bsc#1237889).\n- CVE-2025-21716: vxlan: Fix uninit-value in vxlan_vnifilter_dump() (bsc#1237891).\n- CVE-2025-21719: ipmr: do not call mr_mfc_uses_dev() for unres entries (bsc#1238860).\n- CVE-2025-21724: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() (bsc#1238863).\n- CVE-2025-21725: smb: client: fix oops due to unset link speed (bsc#1238877).\n- CVE-2025-21728: bpf: Send signals asynchronously if !preemptible (bsc#1237879).\n- CVE-2025-21729: wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion (bsc#1237874).\n- CVE-2025-21733: tracing/osnoise: Fix resetting of tracepoints (bsc#1238494).\n- CVE-2025-21739: kABI: ufshcd: add ufshcd_dealloc_host back (bsc#1238506).\n- CVE-2025-21753: btrfs: fix use-after-free when attempting to join an aborted transaction (bsc#1237875).\n- CVE-2025-21754: btrfs: fix assertion failure when splitting ordered extent after transaction abort (bsc#1238496).\n- CVE-2025-21755: vsock: Orphan socket after transport release (bsc#1237882).\n- CVE-2025-21758: ipv6: mcast: add RCU protection to mld_newpack() (bsc#1238737).\n- CVE-2025-21759: ipv6: mcast: extend RCU protection in igmp6_send() (bsc#1238738).\n- CVE-2025-21760: ndisc: extend RCU protection in ndisc_send_skb() (bsc#1238763).\n- CVE-2025-21761: openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (bsc#1238775).\n- CVE-2025-21762: arp: use RCU protection in arp_xmit() (bsc#1238780).\n- CVE-2025-21763: neighbour: use RCU protection in __neigh_notify() (bsc#1237897).\n- CVE-2025-21765: ipv6: use RCU protection in ip6_default_advmss() (bsc#1237906).\n- CVE-2025-21766: ipv4: use RCU protection in __ip_rt_update_pmtu() (bsc#1238754).\n- CVE-2025-21767: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context (bsc#1238509).\n- CVE-2025-21768: net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels (bsc#1238714).\n- CVE-2025-21787: team: better TEAM_OPTION_TYPE_STRING validation (bsc#1238774).\n- CVE-2025-21790: vxlan: check vxlan_vnigroup_init() return value (bsc#1238753).\n- CVE-2025-21791: vrf: use RCU protection in l3mdev_l3_out() (bsc#1238512).\n- CVE-2025-21792: ax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt (bsc#1238745).\n- CVE-2025-21795: NFSD: fix hang in nfsd4_shutdown_callback (bsc#1238759).\n- CVE-2025-21799: net: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns() (bsc#1238739).\n- CVE-2025-21802: net: hns3: fix oops when unload drivers paralleling (bsc#1238751).\n- CVE-2025-21806: net: let net.core.dev_weight always be non-zero (bsc#1238746).\n- CVE-2025-21808: net: xdp: Disallow attaching device-bound programs in generic mode (bsc#1238742).\n- CVE-2025-21812: ax25: rcu protect dev-\u003eax25_ptr (bsc#1238471).\n- CVE-2025-21814: ptp: Ensure info-\u003eenable callback is always set (bsc#1238473).\n- CVE-2025-21825: selftests/bpf: Add test case for the freeing of bpf_timer (bsc#1238971).\n- CVE-2025-21833: iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE (bsc#1239108).\n- CVE-2025-21836: io_uring/kbuf: reallocate buf lists on upgrade (bsc#1239066).\n- CVE-2025-21844: smb: client: Add check for next_buffer in receive_encrypted_standard() (bsc#1239512).\n- CVE-2025-21848: nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (bsc#1239479).\n- CVE-2025-21854: selftest/bpf: Add vsock test for sockmap rejecting unconnected (bsc#1239470).\n- CVE-2025-21856: s390/ism: add release function for struct device (bsc#1239486).\n- CVE-2025-21857: net/sched: cls_api: fix error handling causing NULL dereference (bsc#1239478).\n- CVE-2025-21861: mm/migrate_device: do not add folio to be freed to LRU in migrate_device_finalize() (bsc#1239483).\n- CVE-2025-21862: drop_monitor: fix incorrect initialization order (bsc#1239474).\n- CVE-2025-21863: io_uring: prevent opcode speculation (bsc#1239475).\n- CVE-2025-21864: kABI fix for tcp: drop secpath at the same time as we currently drop (bsc#1239482).\n- CVE-2025-21865: gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl() (bsc#1239481).\n- CVE-2025-21867: bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (bsc#1240181).\n- CVE-2025-21870: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers (bsc#1240191).\n- CVE-2025-21871: tee: optee: Fix supplicant wait loop (bsc#1240183).\n- CVE-2025-21873: scsi: ufs: core: bsg: Fix crash when arpmb command fails (bsc#1240184).\n- CVE-2025-21875: mptcp: always handle address removal under msk socket lock (bsc#1240168).\n- CVE-2025-21881: uprobes: Reject the shared zeropage in uprobe_write_opcode() (bsc#1240185).\n- CVE-2025-21883: ice: Fix deinitializing VF in error path (bsc#1240189).\n- CVE-2025-21884: net: better track kernel sockets lifetime (bsc#1240171).\n- CVE-2025-21887: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (bsc#1240176).\n- CVE-2025-21889: perf/core: Add RCU read lock protection to perf_iterate_ctx() (bsc#1240167).\n- CVE-2025-21890: idpf: fix checksums set in idpf_rx_rsc() (bsc#1240173).\n- CVE-2025-21891: ipvlan: ensure network headers are in skb linear part (bsc#1240186).\n- CVE-2025-21894: net: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC (bsc#1240581).\n- CVE-2025-21895: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list (bsc#1240585).\n- CVE-2025-21904: caif_virtio: fix wrong pointer check in cfv_probe() (bsc#1240576).\n- CVE-2025-21906: wifi: iwlwifi: mvm: clean up ROC on failure (bsc#1240587).\n- CVE-2025-21908: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback (bsc#1240600).\n- CVE-2025-21913: x86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range() (bsc#1240591).\n- CVE-2025-21919: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (bsc#1240593).\n- CVE-2025-21922: ppp: Fix KMSAN uninit-value warning with bpf (bsc#1240639).\n- CVE-2025-21924: net: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error (bsc#1240720).\n- CVE-2025-21925: llc: do not use skb_get() before dev_queue_xmit() (bsc#1240713).\n- CVE-2025-21926: net: gso: fix ownership in __udp_gso_segment (bsc#1240712).\n- CVE-2025-21931: hwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio (bsc#1240709).\n- CVE-2025-21957: scsi: qla1280: Fix kernel oops when debug level \u003e 2 (bsc#1240742).\n- CVE-2025-21960: eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (bsc#1240815).\n- CVE-2025-21961: eth: bnxt: fix truesize for mb-xdp-pass case (bsc#1240816).\n- CVE-2025-21962: cifs: Fix integer overflow while processing closetimeo mount option (bsc#1240655).\n- CVE-2025-21963: cifs: Fix integer overflow while processing acdirmax mount option (bsc#1240717).\n- CVE-2025-21964: cifs: Fix integer overflow while processing acregmax mount option (bsc#1240740).\n- CVE-2025-21969: kABI workaround for l2cap_conn changes (bsc#1240784).\n- CVE-2025-21970: net/mlx5: Bridge, fix the crash caused by LAG state check (bsc#1240819).\n- CVE-2025-21972: net: mctp: unshare packets when reassembling (bsc#1240813).\n- CVE-2025-21975: net/mlx5: handle errors in mlx5_chains_create_table() (bsc#1240812).\n- CVE-2025-21980: sched: address a potential NULL pointer dereference in the GRED scheduler (bsc#1240809).\n- CVE-2025-21981: ice: fix memory leak in aRFS after reset (bsc#1240612).\n- CVE-2025-21985: drm/amd/display: Fix out-of-bound accesses (bsc#1240811).\n- CVE-2025-21991: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (bsc#1240795).\n- CVE-2025-21993: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (bsc#1240797).\n- CVE-2025-21999: proc: fix UAF in proc_get_inode() (bsc#1240802).\n- CVE-2025-22004: net: atm: fix use after free in lec_send() (bsc#1240835).\n- CVE-2025-22015: mm/migrate: fix shmem xarray update during migration (bsc#1240944).\n- CVE-2025-22016: dpll: fix xa_alloc_cyclic() error handling (bsc#1240934).\n- CVE-2025-22017: devlink: fix xa_alloc_cyclic() error handling (bsc#1240936).\n- CVE-2025-22018: atm: Fix NULL pointer dereference (bsc#1241266).\n- CVE-2025-22021: netfilter: socket: Lookup orig tuple for IPv6 SNAT (bsc#1241282).\n- CVE-2025-22029: exec: fix the racy usage of fs_struct-\u003ein_exec (bsc#1241378).\n- CVE-2025-22030: mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead() (bsc#1241376).\n- CVE-2025-22036: exfat: fix random stack corruption after get_block (bsc#1241426).\n- CVE-2025-22045: x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (bsc#1241433).\n- CVE-2025-22053: net: ibmveth: make veth_pool_store stop hanging (bsc#1241373).\n- CVE-2025-22055: net: fix geneve_opt length integer overflow (bsc#1241371).\n- CVE-2025-22056: netfilter: nft_tunnel: fix geneve_opt type confusion addition (bsc#1241525).\n- CVE-2025-22057: net: decrease cached dst counters in dst_release (bsc#1241533).\n- CVE-2025-22058: udp: Fix memory accounting leak (bsc#1241332).\n- CVE-2025-22060: net: mvpp2: Prevent parser TCAM memory corruption (bsc#1241526).\n- CVE-2025-22063: netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (bsc#1241351).\n- CVE-2025-22064: netfilter: nf_tables: do not unregister hook when table is dormant (bsc#1241413).\n- CVE-2025-22070: fs/9p: fix NULL pointer dereference on mkdir (bsc#1241305).\n- CVE-2025-22080: fs/ntfs3: Prevent integer overflow in hdr_first_de() (bsc#1241416).\n- CVE-2025-22090: mm: (un)track_pfn_copy() fix + doc improvements (bsc#1241537).\n- CVE-2025-22102: Bluetooth: btnxpuart: Fix kernel panic during FW release (bsc#1241456).\n- CVE-2025-22103: net: fix NULL pointer dereference in l3mdev_l3_rcv (bsc#1241448).\n- CVE-2025-22104: ibmvnic: Use kernel helpers for hex dumps (bsc#1241550).\n- CVE-2025-22105, CVE-2025-37860: Add missing bugzilla references (bsc#1241452 bsc#1241548).\n- CVE-2025-22107: net: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry() (bsc#1241575).\n- CVE-2025-22109: ax25: Remove broken autobind (bsc#1241573).\n- CVE-2025-22115: btrfs: fix block group refcount race in btrfs_create_pending_block_groups() (bsc#1241578).\n- CVE-2025-22121: ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (bsc#1241593).\n- CVE-2025-2312: CIFS: New mount option for cifs.upcall namespace resolution (bsc#1239684).\n- CVE-2025-23133: wifi: ath11k: update channel list in reg notifier instead reg worker (bsc#1241451).\n- CVE-2025-23138: watch_queue: fix pipe accounting mismatch (bsc#1241648).\n- CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (bsc#1242763).\n- CVE-2025-23145: mptcp: fix NULL pointer in can_accept_new_subflow (bsc#1242596).\n- CVE-2025-23150: ext4: fix off-by-one error in do_split (bsc#1242513).\n- CVE-2025-23160: media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization (bsc#1242507).\n- CVE-2025-37748: iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group (bsc#1242523).\n- CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung (bsc#1242859).\n- CVE-2025-37750: smb: client: fix UAF in decryption with multichannel (bsc#1242510).\n- CVE-2025-37755: net: libwx: handle page_pool_dev_alloc_pages error (bsc#1242506).\n- CVE-2025-37773: virtiofs: add filesystem context source name check (bsc#1242502).\n- CVE-2025-37780: isofs: Prevent the use of too small fid (bsc#1242786).\n- CVE-2025-37785: ext4: fix OOB read when checking dotdot dir (bsc#1241640).\n- CVE-2025-37787: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered (bsc#1242585).\n- CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action (bsc#1242762).\n- CVE-2025-37790: net: mctp: Set SOCK_RCU_FREE (bsc#1242509).\n- CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417).\n- CVE-2025-37798: codel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog() (bsc#1242414).\n- CVE-2025-37799: vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (bsc#1242283).\n- CVE-2025-37803: udmabuf: fix a buf size overflow issue during udmabuf creation (bsc#1242852).\n- CVE-2025-37804: io_uring: always do atomic put from iowq (bsc#1242854).\n- CVE-2025-37809: usb: typec: class: Unlocked on error in typec_register_partner() (bsc#1242856).\n- CVE-2025-37820: xen-netfront: handle NULL returned by xdp_convert_buff_to_frame() (bsc#1242866).\n- CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (bsc#1242924).\n- CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (bsc#1242867).\n- CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (bsc#1242875).\n- CVE-2025-37830: cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() (bsc#1242860).\n- CVE-2025-37831: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() (bsc#1242861).\n- CVE-2025-37833: net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads (bsc#1242868).\n- CVE-2025-37842: spi: fsl-qspi: Fix double cleanup in probe error path (bsc#1242951).\n- CVE-2025-37870: drm/amd/display: prevent hang on link training fail (bsc#1243056).\n- CVE-2025-37879: 9p/net: fix improper handling of bogus negative read/write replies (bsc#1243077).\n- CVE-2025-37886: pds_core: make wait_context part of q_info (bsc#1242944).\n- CVE-2025-37887: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result (bsc#1242962).\n- CVE-2025-37949: xenbus: Use kref to track req lifetime (bsc#1243541).\n- CVE-2025-37957: KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception (bsc#1243513).\n- CVE-2025-37958: mm/huge_memory: fix dereferencing invalid pmd migration entry (bsc#1243539).\n- CVE-2025-37960: memblock: Accept allocated memory before use in memblock_double_array() (bsc#1243519).\n- CVE-2025-37974: s390/pci: Fix missing check for zpci_create_device() error return (bsc#1243547).\n- CVE-2025-38152: remoteproc: core: Clear table_sz when rproc_shutdown (bsc#1241627).\n- CVE-2025-38637: net_sched: skbprio: Remove overly strict queue assertions (bsc#1241657).\n- CVE-2025-39728: clk: samsung: Fix UBSAN panic in samsung_clk_init() (bsc#1241626).\n\nThe following non-security bugs were fixed:\n\n- ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (stable-fixes).\n- ACPI: EC: Set ec_no_wakeup for Lenovo Go S (stable-fixes).\n- ACPI: PPTT: Fix processor subtable walk (git-fixes).\n- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (bsc#1237530).\n- ACPI: resource: IRQ override for Eluktronics MECH-17 (stable-fixes).\n- ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (stable-fixes).\n- ACPI: x86: Extend Lenovo Yoga Tab 3 quirk with skip GPIO event-handlers (git-fixes).\n- ALSA: es1968: Add error handling for snd_pcm_hw_constraint_pow2() (git-fixes).\n- ALSA: hda/realtek - Enable speaker for HP platform (git-fixes).\n- ALSA: hda/realtek - Fixed ASUS platform headset Mic issue (git-fixes).\n- ALSA: hda/realtek - add supported Mic Mute LED for Lenovo platform (stable-fixes).\n- ALSA: hda/realtek: Add mute LED quirk for HP Pavilion x360 14-dy1xxx (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B3405 and B3605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS B5405 and B5605 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G614 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix G814 Laptop using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS ROG Strix GA603 Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS Zenbook UM3406KA Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various ASUS Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Always honor no_shutup_pins (git-fixes).\n- ALSA: hda/realtek: Fix Asus Z13 2025 audio (stable-fixes).\n- ALSA: hda/realtek: Fix built-in mic assignment on ASUS VivoBook X515UA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic breakage on ASUS VivoBook X515JA (git-fixes).\n- ALSA: hda/realtek: Fix built-in mic on another ASUS VivoBook model (git-fixes).\n- ALSA: hda/realtek: Fix built-mic regression on other ASUS models (git-fixes).\n- ALSA: hda/realtek: Fix microphone regression on ASUS N705UD (git-fixes).\n- ALSA: hda/realtek: Fix wrong mic setup for ASUS VivoBook 15 (git-fixes).\n- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (stable-fixes).\n- ALSA: hda/realtek: Remove (revert) duplicate Ally X config (git-fixes).\n- ALSA: hda/realtek: Support mute LED on HP Laptop 15s-du3xxx (stable-fixes).\n- ALSA: hda/realtek: update ALC222 depop optimize (stable-fixes).\n- ALSA: hda: Fix speakers on ASUS EXPERTBOOK P5405CSA 1.0 (stable-fixes).\n- ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (stable-fixes).\n- ALSA: hda: intel: Add Lenovo IdeaPad Z570 to probe denylist (stable-fixes).\n- ALSA: hda: intel: Fix Optimus when GPU has no sound (stable-fixes).\n- ALSA: hda: realtek: fix incorrect IS_REACHABLE() usage (git-fixes).\n- ALSA: pcm: Drop superfluous NULL check in snd_pcm_format_set_silence() (git-fixes).\n- ALSA: seq: Avoid module auto-load handling at event delivery (stable-fixes).\n- ALSA: seq: Fix delivery of UMP events to group ports (git-fixes).\n- ALSA: sh: SND_AICA should depend on SH_DMA_API (git-fixes).\n- ALSA: ump: Fix a typo of snd_ump_stream_msg_device_info (git-fixes).\n- ALSA: ump: Fix buffer overflow at UMP SysEx message conversion (bsc#1242044).\n- ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (stable-fixes).\n- ALSA: usb-audio: Add retry on -EPROTO from usb_set_interface() (stable-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Audioengine D1 (git-fixes).\n- ALSA: usb-audio: Add sample rate quirk for Microdia JP001 USB Camera (stable-fixes).\n- ALSA: usb-audio: Add second USB ID for Jabra Evolve 65 headset (stable-fixes).\n- ALSA: usb-audio: Avoid dropping MIDI events at closing multiple ports (git-fixes).\n- ALSA: usb-audio: Fix CME quirk for UF series keyboards (stable-fixes).\n- ALSA: usb-audio: Re-add sample rate quirk for Pioneer DJM-900NXS2 (stable-fixes).\n- ALSA: usb-audio: separate DJM-A9 cap lvl options (git-fixes).\n- ALSA: usx2y: validate nrpacks module parameter on probe (git-fixes).\n- ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() (git-fixes).\n- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (stable-fixes).\n- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (stable-fixes).\n- ASoC: SOF: ipc4-control: Use SOF_CTRL_CMD_BINARY as numid for bytes_ext (git-fixes).\n- ASoC: SOF: ipc4-pcm: Delay reporting is only supported for playback direction (git-fixes).\n- ASoC: SOF: topology: Use krealloc_array() to replace krealloc() (stable-fixes).\n- ASoC: Use of_property_read_bool() (stable-fixes).\n- ASoC: amd: Add DMI quirk for ACP6X mic support (stable-fixes).\n- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (stable-fixes).\n- ASoC: amd: yc: update quirk data for new Lenovo model (stable-fixes).\n- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays (stable-fixes).\n- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (git-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix logic of enabling vi channels (git-fixes).\n- ASoC: codecs:lpass-wsa-macro: Fix vi feedback rate (git-fixes).\n- ASoC: cs35l41: check the return value from spi_setup() (git-fixes).\n- ASoC: es8328: fix route from DAC to output (git-fixes).\n- ASoC: fsl_audmix: register card device depends on \u0027dais\u0027 property (stable-fixes).\n- ASoC: imx-card: Add NULL check in imx_card_probe() (git-fixes).\n- ASoC: ops: Consistently treat platform_max as control value (git-fixes).\n- ASoC: qcom: Fix sc7280 lpass potential buffer overflow (git-fixes).\n- ASoC: qdsp6: q6apm-dai: fix capture pipeline overruns (git-fixes).\n- ASoC: qdsp6: q6apm-dai: set 10 ms period and buffer alignment (git-fixes).\n- ASoC: qdsp6: q6asm-dai: fix q6asm_dai_compr_set_params error path (git-fixes).\n- ASoC: rt722-sdca: add missing readable registers (git-fixes).\n- ASoC: soc-core: Stop using of_property_read_bool() for non-boolean properties (stable-fixes).\n- ASoC: soc-pcm: Fix hw_params() and DAPM widget sequence (git-fixes).\n- ASoC: tas2764: Fix power control mask (stable-fixes).\n- ASoC: tas2764: Set the SDOUT polarity correctly (stable-fixes).\n- ASoC: tas2770: Fix volume scale (stable-fixes).\n- ASoC: ti: j721e-evm: Fix clock configuration for ti,j7200-cpb-audio compatible (git-fixes).\n- ASoc: SOF: topology: connect DAI to a single DAI link (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected() (git-fixes).\n- Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() (git-fixes).\n- Bluetooth: Fix error code in chan_alloc_skb_cb() (git-fixes).\n- Bluetooth: HCI: Add definition of hci_rp_remote_name_req_cancel (git-fixes).\n- Bluetooth: Improve setsockopt() handling of malformed user input (git-fixes).\n- Bluetooth: L2CAP: Fix L2CAP_ECRED_CONN_RSP response (git-fixes).\n- Bluetooth: L2CAP: Fix not checking l2cap_chan security level (git-fixes).\n- Bluetooth: MGMT: Fix MGMT_OP_ADD_DEVICE invalid device flags (git-fixes).\n- Bluetooth: btrtl: Prevent potential NULL dereference (git-fixes).\n- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (git-fixes).\n- Bluetooth: btusb: use skb_pull to avoid unsafe access in QCA dump handling (git-fixes).\n- Bluetooth: hci_event: Fix connection regression between LE and non-LE adapters (git-fixes).\n- Bluetooth: hci_event: Fix enabling passive scanning (git-fixes).\n- Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (git-fixes).\n- Bluetooth: hci_uart: Fix another race during initialization (git-fixes).\n- Bluetooth: hci_uart: fix race during initialization (stable-fixes).\n- Bluetooth: l2cap: Check encryption key size on incoming connection (git-fixes).\n- Bluetooth: l2cap: Process valid commands in too long frame (stable-fixes).\n- Bluetooth: vhci: Avoid needless snprintf() calls (git-fixes).\n- GHES: Fatal hardware error (GHES panic timeout) (bsc#1239615).\n- Documentation: qat: fix auto_reset attribute details (git-fixes).\n- Documentation: qat: fix auto_reset section (git-fixes).\n- Drivers: hv: Allow vmbus_sendpacket_mpb_desc() to create multiple ranges (git-fixes).\n- Drivers: hv: vmbus: Do not release fb_mmio resource in vmbus_free_mmio() (git-fixes).\n- PCI: Drop PCI patch that caused a regression (bsc#1241123).\n- memory: Fix memory-hotplug regression (bsc#1237504).\n- net/ipv6: Fix write to cloned skb in ipv6_hop_ioam() (git-fixes).\n- HID: Enable playstation driver independently of sony driver (git-fixes).\n- HID: apple: disable Fn key handling on the Omoton KB066 (git-fixes).\n- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (stable-fixes).\n- HID: appleir: Fix potential NULL dereference at raw event handle (git-fixes).\n- HID: google: fix unused variable warning under !CONFIG_ACPI (git-fixes).\n- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (stable-fixes).\n- HID: hid-plantronics: Add mic mute mapping and generalize quirks (stable-fixes).\n- HID: hid-steam: Fix use-after-free when detaching device (git-fixes).\n- HID: i2c-hid: Skip SET_POWER SLEEP for Cirque touchpad on system suspend (stable-fixes).\n- HID: i2c-hid: improve i2c_hid_get_report error message (stable-fixes).\n- HID: ignore non-functional sensor in HP 5MP Camera (stable-fixes).\n- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (git-fixes).\n- HID: intel-ish-hid: Send clock sync message immediately after reset (stable-fixes).\n- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (stable-fixes).\n- HID: remove superfluous (and wrong) Makefile entry for CONFIG_INTEL_ISH_FIRMWARE_DOWNLOADER (git-fixes).\n- HID: thrustmaster: fix memory leak in thrustmaster_interrupts() (git-fixes).\n- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (stable-fixes).\n- HID: uclogic: Add NULL check in uclogic_input_configured() (git-fixes).\n- IB/cm: use rwlock for MAD agent lock (git-fixes)\n- IB/mad: Check available slots before posting receive WRs (git-fixes)\n- IB/mlx5: Set and get correct qp_num for a DCT QP (git-fixes)\n- Input: ads7846 - fix gpiod allocation (git-fixes).\n- Input: cyttsp5 - ensure minimum reset pulse width (git-fixes).\n- Input: i8042 - add required quirks for missing old boardnames (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for more devices (stable-fixes).\n- Input: i8042 - swap old quirk combination with new quirk for several devices (stable-fixes).\n- Input: iqs7222 - add support for Azoteq IQS7222D (git-fixes).\n- Input: iqs7222 - add support for IQS7222D v1.1 and v1.2 (git-fixes).\n- Input: iqs7222 - preserve system status register (git-fixes).\n- Input: mtk-pmic-keys - fix possible null pointer dereference (git-fixes).\n- Input: pm8941-pwrkey - fix dev_dbg() output in pm8941_pwrkey_irq() (git-fixes).\n- Input: synaptics - enable InterTouch on Dell Precision M3800 (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30-D (stable-fixes).\n- Input: synaptics - enable InterTouch on Dynabook Portege X30L-G (stable-fixes).\n- Input: synaptics - enable InterTouch on TUXEDO InfinityBook Pro 14 v5 (stable-fixes).\n- Input: synaptics - enable SMBus for HP Elitebook 850 G1 (stable-fixes).\n- Input: synaptics - hide unused smbus_pnp_ids[] array (git-fixes).\n- Input: synaptics-rmi - fix crash with unsupported versions of F34 (git-fixes).\n- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (stable-fixes).\n- Input: xpad - add multiple supported devices (stable-fixes).\n- Input: xpad - add support for 8BitDo Ultimate 2 Wireless Controller (stable-fixes).\n- Input: xpad - add support for TECNO Pocket Go (stable-fixes).\n- Input: xpad - add support for ZOTAC Gaming Zone (stable-fixes).\n- Input: xpad - fix Share button on Xbox One controllers (stable-fixes).\n- Input: xpad - fix two controller table values (git-fixes).\n- Input: xpad - rename QH controller to Legion Go S (stable-fixes).\n- KVM: SVM: Allocate IR data using atomic allocation (git-fixes).\n- KVM: SVM: Disable AVIC on SNP-enabled system without HvInUseWrAllowed feature (bsc#1235862).\n- KVM: SVM: Do not change target vCPU state on AP Creation VMGEXIT error (git-fixes).\n- KVM: SVM: Drop DEBUGCTL[5:2] from guest\u0027s effective value (git-fixes).\n- KVM: SVM: Refuse to attempt VRMUN if an SEV-ES+ guest had an invalid VMSA (git-fixes).\n- KVM: SVM: Save host DR masks on CPUs with DebugSwap (jsc#PED-348).\n- KVM: SVM: Suppress DEBUGCTL.BTF on AMD (git-fixes).\n- KVM: SVM: Update dump_ghcb() to use the GHCB snapshot fields (git-fixes).\n- KVM: VMX: Do not modify guest XFD_ERR if CR0.TS=1 (git-fixes).\n- KVM: arm64: Change kvm_handle_mmio_return() return polarity (git-fixes).\n- KVM: arm64: Fix RAS trapping in pKVM for protected VMs (git-fixes).\n- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (git-fixes).\n- KVM: arm64: Mark some header functions as inline (git-fixes).\n- KVM: arm64: Tear down vGIC on failed vCPU creation (git-fixes).\n- KVM: arm64: timer: Always evaluate the need for a soft timer (git-fixes).\n- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (git-fixes).\n- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (git-fixes).\n- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (git-fixes).\n- KVM: arm64: vgic-v4: Fall back to software irqbypass if LPI not found (git-fixes).\n- KVM: arm64: vgic-v4: Only attempt vLPI mapping for actual MSIs (git-fixes).\n- KVM: nSVM: Pass next RIP, not current RIP, for nested VM-Exit on emulation (git-fixes).\n- KVM: nVMX: Allow emulating RDPID on behalf of L2 (git-fixes).\n- KVM: nVMX: Check PAUSE_EXITING, not BUS_LOCK_DETECTION, on PAUSE emulation (git-fixes).\n- KVM: s390: Do not use %pK through debug printing (git-fixes bsc#1243657).\n- KVM: s390: Do not use %pK through tracepoints (git-fixes bsc#1243658).\n- KVM: x86/mmu: Check and free obsolete roots in kvm_mmu_reload() (git-fixes).\n- KVM: x86/xen: Use guest\u0027s copy of pvclock when starting timer (git-fixes).\n- KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (git-fixes).\n- KVM: x86: Check that the high 32bits are clear in kvm_arch_vcpu_ioctl_run() (git-fixes).\n- KVM: x86: Do not take kvm-\u003elock when iterating over vCPUs in suspend notifier (git-fixes).\n- KVM: x86: Explicitly treat routing entry type changes as changes (git-fixes).\n- KVM: x86: Explicitly zero EAX and EBX when PERFMON_V2 isn\u0027t supported by KVM (git-fixes).\n- KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes).\n- KVM: x86: Make x2APIC ID 100% readonly (git-fixes).\n- KVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel (git-fixes).\n- KVM: x86: Reject disabling of MWAIT/HLT interception when not allowed (git-fixes).\n- KVM: x86: Remove the unreachable case for 0x80000022 leaf in __do_cpuid_func() (git-fixes).\n- KVM: x86: Wake vCPU for PIC interrupt injection iff a valid IRQ was found (git-fixes).\n- KVM: x86: block KVM_CAP_SYNC_REGS if guest state is protected (git-fixes).\n- Move upstreamed ACPI patch into sorted section\n- Move upstreamed PCI and initramfs patches into sorted section\n- Move upstreamed nfsd and sunrpc patches into sorted section\n- Move upstreamed powerpc and SCSI patches into sorted section\n- Move upstreamed smb patch into sorted section Also move other out-of-tree patches into the proper section\n- Move upstreamed sound patch into sorted section\n- Move upstreamed tpm patch into sorted section\n- NFS: O_DIRECT writes must check and adjust the file length (git-fixes).\n- NFSD: Skip sending CB_RECALL_ANY when the backchannel isn\u0027t up (git-fixes).\n- NFSv4/pnfs: Reset the layout state after a layoutreturn (git-fixes).\n- NFSv4: Do not trigger uneccessary scans for return-on-close delegations (git-fixes).\n- OPP: add index check to assert to avoid buffer overflow in _read_freq() (bsc#1238961)\n- PCI/ACS: Fix \u0027pci=config_acs=\u0027 parameter (git-fixes).\n- PCI/ASPM: Fix link state exit during switch upstream function removal (git-fixes).\n- PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1237853)\n- PCI/DOE: Support discovery version 2 (bsc#1237853)\n- PCI/MSI: Add an option to write MSIX ENTRY_DATA before any reads (git-fixes).\n- PCI/portdrv: Only disable pciehp interrupts early when needed (git-fixes).\n- PCI: Avoid reset when disabled via sysfs (git-fixes).\n- PCI: Fix BAR resizing when VF BARs are assigned (git-fixes).\n- PCI: Fix reference leak in pci_alloc_child_bus() (git-fixes).\n- PCI: Fix reference leak in pci_register_host_bridge() (git-fixes).\n- PCI: Remove stray put_device() in pci_register_host_bridge() (git-fixes).\n- PCI: brcmstb: Fix error path after a call to regulator_bulk_get() (git-fixes).\n- PCI: brcmstb: Fix missing of_node_put() in brcm_pcie_probe() (git-fixes).\n- PCI: brcmstb: Fix potential premature regulator disabling (git-fixes).\n- PCI: brcmstb: Set generation limit before PCIe link up (git-fixes).\n- PCI: brcmstb: Use internal register to change link capability (git-fixes).\n- PCI: cadence-ep: Fix the driver to send MSG TLP for INTx without data payload (git-fixes).\n- PCI: dwc: ep: Return -ENOMEM for allocation failures (git-fixes).\n- PCI: histb: Fix an error handling path in histb_pcie_probe() (git-fixes).\n- PCI: pciehp: Do not enable HPIE when resuming in poll mode (git-fixes).\n- PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type (stable-fixes).\n- PCI: xilinx-cpm: Fix IRQ domain leak in error path of probe (git-fixes).\n- PM: sleep: Adjust check before setting power.must_resume (git-fixes).\n- PM: sleep: Fix handling devices with direct_complete set on errors (git-fixes).\n- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619). Replace our patch with the upstream version.\n- RDMA/bnxt_re: Add missing paranthesis in map_qp_id_to_tbl_indx (git-fixes)\n- RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (git-fixes)\n- RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers (git-fixes)\n- RDMA/bnxt_re: Fix the statistics for Gen P7 VF (git-fixes)\n- RDMA/cma: Fix hang when cma_netevent_callback fails to queue_work (git-fixes)\n- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (git-fixes)\n- RDMA/core: Do not expose hw_counters outside of init net namespace (git-fixes)\n- RDMA/core: Fix \u0027KASAN: slab-use-after-free Read in ib_register_device\u0027 problem (git-fixes)\n- RDMA/core: Silence oversized kvmalloc() warning (git-fixes)\n- RDMA/erdma: Prevent use-after-free in erdma_accept_newconn() (git-fixes)\n- RDMA/hns: Fix a missing rollback in error path of hns_roce_create_qp_common() (git-fixes)\n- RDMA/hns: Fix mbox timing out by adding retry mechanism (git-fixes)\n- RDMA/hns: Fix missing xa_destroy() (git-fixes)\n- RDMA/hns: Fix soft lockup during bt pages loop (git-fixes)\n- RDMA/hns: Fix unmatched condition in error path of alloc_user_qp_db() (git-fixes)\n- RDMA/hns: Fix wrong maximum DMA segment size (git-fixes)\n- RDMA/hns: Fix wrong value of max_sge_rd (git-fixes)\n- RDMA/hns: Include hnae3.h in hns_roce_hw_v2.h (git-fixes)\n- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (git-fixes)\n- RDMA/mana_ib: Allocate PAGE aligned doorbell index (git-fixes).\n- RDMA/mana_ib: Ensure variable err is initialized (git-fixes).\n- RDMA/mana_ib: Prefer struct_size over open coded arithmetic (bsc#1239016).\n- RDMA/mlx5: Fix AH static rate parsing (git-fixes)\n- RDMA/mlx5: Fix MR cache initialization error flow (git-fixes)\n- RDMA/mlx5: Fix a WARN during dereg_mr for DM type (git-fixes)\n- RDMA/mlx5: Fix a race for DMABUF MR which can lead to CQE with error (git-fixes)\n- RDMA/mlx5: Fix bind QP error cleanup flow (git-fixes)\n- RDMA/mlx5: Fix cache entry update on dereg error (git-fixes)\n- RDMA/mlx5: Fix calculation of total invalidated pages (git-fixes)\n- RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction (git-fixes)\n- RDMA/mlx5: Fix implicit ODP hang on parent deregistration (git-fixes)\n- RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (git-fixes)\n- RDMA/mlx5: Fix the recovery flow of the UMR QP (git-fixes)\n- RDMA/mlx5: Handle errors returned from mlx5r_ib_rate() (git-fixes)\n- RDMA/rxe: Fix \u0027trying to register non-static key in rxe_qp_do_cleanup\u0027 bug (git-fixes)\n- RDMA/rxe: Fix slab-use-after-free Read in rxe_queue_cleanup bug (git-fixes)\n- RDMA/rxe: Fix the failure of ibv_query_device() and ibv_query_device_ex() tests (git-fixes)\n- RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (git-fixes)\n- mm: Revert patch mm-various-give-up-if-pte_offset_map-_lock-fails.patch (bsc#1241051).\n- SUNRPC: Handle -ETIMEDOUT return from tlshd (git-fixes).\n- SUNRPC: Prevent looping due to rpc_signal_task() races (git-fixes).\n- SUNRPC: convert RPC_TASK_* constants to enum (git-fixes).\n- Squashfs: check return result of sb_min_blocksize (git-fixes).\n- USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (stable-fixes).\n- USB: VLI disk crashes if LPM is used (stable-fixes).\n- USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (stable-fixes).\n- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (stable-fixes).\n- USB: serial: option: add Sierra Wireless EM9291 (stable-fixes).\n- USB: serial: option: add Telit Cinterion FE990B compositions (stable-fixes).\n- USB: serial: option: fix Telit Cinterion FE990A name (stable-fixes).\n- USB: serial: option: match on interface class for Telit FN990B (stable-fixes).\n- USB: serial: simple: add OWON HDS200 series oscilloscope support (stable-fixes).\n- USB: storage: quirk for ADATA Portable HDD CH94 (stable-fixes).\n- USB: usbtmc: use interruptible sleep in usbtmc_read (git-fixes).\n- USB: wdm: add annotation (git-fixes).\n- USB: wdm: close race between wdm_open and wdm_wwan_port_stop (git-fixes).\n- USB: wdm: handle IO errors in wdm_wwan_port_start (git-fixes).\n- USB: wdm: wdm_wwan_port_tx_complete mutex in atomic context (git-fixes).\n- RDMA: Update patch RDMA-core-Don-t-expose-hw_counters-outside-of-init-n.patch (git-fixes bsc#1239925).\n- kABI: Update patch kABI-fix-for-RDMA-core-Don-t-expose-hw_counters-outs.patch (git-fixes bsc#1239925).\n- nvme: Update patch nvme-fixup-scan-failure-for-non-ANA-multipath-contro.patch (git-fixes bsc#1235149).\n- nvme: Update patch nvme-re-read-ANA-log-page-after-ns-scan-completes.patch (git-fixes bsc#1235149).\n- s390: Update patch s390-pci-Fix-SR-IOV-for-PFs-initially-in-standby.patch (git-fixes bsc#1236752 bsc#1238368).\n- Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes).\n- accel/qaic: Fix integer overflow in qaic_validate_req() (git-fixes).\n- accel/qaic: Fix possible data corruption in BOs \u003e 2G (git-fixes).\n- acpi: nfit: fix narrowing conversion in acpi_nfit_ctl (git-fixes).\n- add bug reference for an existing hv_netvsc change (bsc#1243737).\n- af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (bsc#1237849).\n- af_unix: Annotate data-race of sk-\u003esk_state in unix_stream_read_skb() (bsc#1239435).\n- af_unix: Disable MSG_OOB handling for sockets in sockmap/sockhash (bsc#1239435).\n- af_unix: Remove put_pid()/put_cred() in copy_peercred() (bsc#1240334).\n- affs: do not write overlarge OFS data block size fields (git-fixes).\n- affs: generate OFS sequence numbers starting at 1 (git-fixes).\n- afs: Fix the server_list to unuse a displaced server rather than putting it (git-fixes).\n- afs: Make it possible to find the volumes that are using a server (git-fixes).\n- ahci: add PCI ID for Marvell 88SE9215 SATA Controller (stable-fixes).\n- amdgpu/pm/legacy: fix suspend/resume issues (git-fixes).\n- arch_topology: Make register_cpu_capacity_sysctl() tolerant to late (bsc#1238052)\n- arch_topology: init capacity_freq_ref to 0 (bsc#1238052)\n- arm64/amu: Use capacity_ref_freq() to set AMU ratio (bsc#1238052)\n- arm64: Do not call NULL in do_compat_alignment_fixup() (git-fixes)\n- arm64: Provide an AMU-based version of arch_freq_get_on_cpu (bsc#1238052)\n- arm64: Update AMU-based freq scale factor on entering idle (bsc#1238052)\n- arm64: Utilize for_each_cpu_wrap for reference lookup (bsc#1238052)\n- arm64: amu: Delay allocating cpumask for AMU FIE support (bsc#1238052)\n- arm64: bpf: Add BHB mitigation to the epilogue for cBPF programs (git-fixes)\n- arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users (git-fixes)\n- arm64: cputype: Add MIDR_CORTEX_A76AE (git-fixes)\n- arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin-dahlia: add Microphone Jack to (git-fixes)\n- arm64: dts: freescale: tqma8mpql: Fix vqmmc-supply (git-fixes)\n- arm64: dts: imx8mm-verdin: Link reg_usdhc2_vqmmc to usdhc2 (git-fixes)\n- arm64: dts: rockchip: Add avdd HDMI supplies to RockPro64 board dtsi (git-fixes)\n- arm64: dts: rockchip: Add missing PCIe supplies to RockPro64 board (git-fixes)\n- arm64: dts: rockchip: Fix PWM pinctrl names (git-fixes)\n- arm64: dts: rockchip: Remove bluetooth node from rock-3a (git-fixes)\n- arm64: dts: rockchip: Remove undocumented sdmmc property from (git-fixes)\n- arm64: dts: rockchip: add rs485 support on uart5 of (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART0 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: dts: rockchip: fix pinmux of UART5 for PX30 Ringneck on Haikou (git-fixes)\n- arm64: errata: Add KRYO 2XX/3XX/4XX silver cores to Spectre BHB safe (git-fixes)\n- arm64: errata: Add QCOM_KRYO_4XX_GOLD to the spectre_bhb_k24_list (git-fixes)\n- arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays (git-fixes)\n- arm64: errata: Add newer ARM cores to the spectre_bhb_loop_affected() (git-fixes)\n- arm64: errata: Assume that unknown CPUs _are_ vulnerable to Spectre (git-fixes)\n- arm64: hugetlb: Fix flush_hugetlb_tlb_range() invalidation level (git-fixes)\n- arm64: hugetlb: Fix huge_ptep_get_and_clear() for non-present ptes (git-fixes)\n- arm64: hugetlb: enable __HAVE_ARCH_FLUSH_HUGETLB_TLB_RANGE (git-fixes)\n- arm64: insn: Add support for encoding DSB (git-fixes)\n- arm64: mm: Correct the update of max_pfn (git-fixes)\n- arm64: mm: Populate vmemmap at the page level if not section aligned (git-fixes)\n- arm64: proton-pack: Add new CPUs \u0027k\u0027 values for branch mitigation (git-fixes)\n- arm64: proton-pack: Expose whether the branchy loop k value (git-fixes)\n- arm64: proton-pack: Expose whether the platform is mitigated by (git-fixes)\n- arm64: tegra: Remove the Orin NX/Nano suspend key (git-fixes)\n- arp: switch to dev_getbyhwaddr() in arp_req_set_public() (git-fixes).\n- asus-laptop: Fix an uninitialized variable (git-fixes).\n- ata: ahci: Add mask_port_map module parameter (git-fixes).\n- ata: libata-sata: Save all fields from sense data descriptor (git-fixes).\n- ata: libata-scsi: Check ATA_QCFLAG_RTF_FILLED before using result_tf (git-fixes).\n- ata: libata-scsi: Fix ata_mselect_control_ata_feature() return type (git-fixes).\n- ata: libata-scsi: Fix ata_msense_control_ata_feature() (git-fixes).\n- ata: libata-scsi: Improve CDL control (git-fixes).\n- ata: libata-scsi: Remove redundant sense_buffer memsets (git-fixes).\n- ata: libata: Fix NCQ Non-Data log not supported print (git-fixes).\n- ata: pata_parport: add custom version of wait_after_reset (git-fixes).\n- ata: pata_parport: fit3: implement IDE command set registers (git-fixes).\n- ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (git-fixes).\n- ata: pata_serverworks: Do not use the term blacklist (git-fixes).\n- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (git-fixes).\n- ata: sata_sil: Rename sil_blacklist to sil_quirks (git-fixes).\n- ata: sata_sx4: Add error handling in pdc20621_i2c_read() (git-fixes).\n- auxdisplay: hd44780: Convert to platform remove callback returning void (stable-fixes).\n- auxdisplay: hd44780: Fix an API misuse in hd44780.c (git-fixes).\n- auxdisplay: panel: Fix an API misuse in panel.c (git-fixes).\n- backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() (git-fixes).\n- badblocks: Fix error shitf ops (git-fixes).\n- badblocks: fix merge issue when new badblocks align with pre+1 (git-fixes).\n- badblocks: fix missing bad blocks on retry in _badblocks_check() (git-fixes).\n- badblocks: fix the using of MAX_BADBLOCKS (git-fixes).\n- badblocks: return error directly when setting badblocks exceeds 512 (git-fixes).\n- badblocks: return error if any badblock set fails (git-fixes).\n- batman-adv: Ignore own maximum aggregation size during RX (git-fixes).\n- bitmap: introduce generic optimized bitmap_size() (git-fixes).\n- blk-cgroup: Properly propagate the iostat update up the hierarchy (bsc#1225606).\n- blk-throttle: fix lower bps rate by throtl_trim_slice() (git-fixes).\n- block: change blk_mq_add_to_batch() third argument type to bool (git-fixes).\n- block: cleanup and fix batch completion adding conditions (git-fixes).\n- block: do not revert iter for -EIOCBQUEUED (git-fixes).\n- block: fix \u0027kmem_cache of name \u0027bio-108\u0027 already exists\u0027 (git-fixes).\n- block: fix conversion of GPT partition name to 7-bit (git-fixes).\n- block: fix resource leak in blk_register_queue() error path (git-fixes).\n- block: integrity: Do not call set_page_dirty_lock() (git-fixes).\n- block: make sure -\u003enr_integrity_segments is cloned in blk_rq_prep_clone (git-fixes).\n- bluetooth: btusb: Initialize .owner field of force_poll_sync_fops (git-fixes).\n- bnxt_en: Add missing skb_mark_for_recycle() in bnxt_rx_vlan() (git-fixes).\n- bnxt_en: Fix coredump logic to free allocated buffer (git-fixes).\n- bnxt_en: Fix ethtool -d byte order for 32-bit values (git-fixes).\n- bnxt_en: Fix out-of-bound memcpy() during ethtool -w (git-fixes).\n- bnxt_en: Linearize TX SKB if the fragments exceed the max (git-fixes).\n- bnxt_en: Mask the bd_cnt field in the TX BD properly (git-fixes).\n- bpf: Add missed var_off setting in coerce_subreg_to_size_sx() (git-fixes).\n- bpf: Add missed var_off setting in set_sext32_default_val() (git-fixes).\n- bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie (git-fixes).\n- bpf: Check size for BTF-based ctx access of pointer members (git-fixes).\n- bpf: Fix a verifier verbose message (git-fixes).\n- bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6 (git-fixes).\n- bpf: Fix theoretical prog_array UAF in __uprobe_perf_func() (git-fixes).\n- bpf: Replace bpf_lpm_trie_key 0-length array with flexible array (git-fixes).\n- bpf: Scrub packet on bpf_redirect_peer (git-fixes).\n- bpf: Use -Wno-error in certain tests when building with GCC (git-fixes).\n- bpf: add find_containing_subprog() utility function (bsc#1241590).\n- bpf: avoid holding freeze_mutex during mmap operation (git-fixes).\n- bpf: check changes_pkt_data property for extension programs (bsc#1241590).\n- bpf: consider that tail calls invalidate packet pointers (bsc#1241590).\n- bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs (bsc#1241590).\n- bpf: fix potential error return (git-fixes).\n- bpf: prevent r10 register from being marked as precise (git-fixes).\n- bpf: refactor bpf_helper_changes_pkt_data to use helper number (bsc#1241590).\n- bpf: track changes_pkt_data property for global functions (bsc#1241590).\n- bpf: unify VM_WRITE vs VM_MAYWRITE use in BPF map mmaping logic (git-fixes).\n- broadcom: fix supported flag check in periodic output function (git-fixes).\n- btrfs: add and use helper to verify the calling task has locked the inode (bsc#1241204).\n- btrfs: adjust subpage bit start based on sectorsize (bsc#1241492).\n- btrfs: always fallback to buffered write if the inode requires checksum (bsc#1242831 bsc#1242710).\n- btrfs: avoid NULL pointer dereference if no valid csum tree (bsc#1243342).\n- btrfs: avoid NULL pointer dereference if no valid extent tree (bsc#1236208).\n- btrfs: avoid monopolizing a core when activating a swap file (git-fixes).\n- btrfs: check delayed refs when we\u0027re checking if a ref exists (bsc#1239605).\n- btrfs: do not loop for nowait writes when checking for cross references (git-fixes).\n- btrfs: do not use btrfs_bio_ctrl for extent buffer writing (bsc#1239045).\n- btrfs: drop the backref cache during relocation if we commit (bsc#1239605).\n- btrfs: fix a leaked chunk map issue in read_one_chunk() (git-fixes).\n- btrfs: fix discard worker infinite loop after disabling discard (bsc#1242012).\n- btrfs: fix hole expansion when writing at an offset beyond EOF (bsc#1241151).\n- btrfs: fix missing snapshot drew unlock when root is dead during swap activation (bsc#1241204).\n- btrfs: fix non-empty delayed iputs list on unmount due to compressed write workers (git-fixes).\n- btrfs: fix race with memory mapped writes when activating swap file (bsc#1241204).\n- btrfs: fix swap file activation failure due to extents that used to be shared (bsc#1241204).\n- btrfs: remove the mirror_num argument to btrfs_submit_compressed_read (bsc#1239045).\n- btrfs: subpage: fix error handling in end_bio_subpage_eb_writepage (bsc#1239045).\n- btrfs: use a separate end_io handler for extent_buffer writing (bsc#1239045).\n- bus: mhi: host: Fix race between unprepare and queue_buf (git-fixes).\n- bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock (git-fixes).\n- bus: qcom-ssc-block-bus: Fix the error handling path of qcom_ssc_block_bus_probe() (git-fixes).\n- bus: qcom-ssc-block-bus: Remove some duplicated iounmap() calls (git-fixes).\n- bus: simple-pm-bus: fix forced runtime PM use (git-fixes).\n- can: bcm: add locking for bcm_op runtime updates (git-fixes).\n- can: bcm: add missing rcu read protection for procfs content (git-fixes).\n- can: flexcan: disable transceiver during system PM (git-fixes).\n- can: flexcan: only change CAN state when link up in system PM (git-fixes).\n- can: gw: fix RCU/BH usage in cgw_create_job() (git-fixes).\n- can: mcan: m_can_class_unregister(): fix order of unregistration calls (git-fixes).\n- can: mcp251xfd: fix TDC setting for low data bit rates (git-fixes).\n- can: mcp251xfd: mcp251xfd_remove(): fix order of unregistration calls (git-fixes).\n- can: rcar_canfd: Fix page entries in the AFL list (git-fixes).\n- can: slcan: allow reception of short error messages (git-fixes).\n- can: ucan: fix out of bound read in strscpy() source (git-fixes).\n- cdc_ether|r8152: ThinkPad Hybrid USB-C/A Dock quirk (stable-fixes).\n- cdx: Fix possible UAF error in driver_override_show() (git-fixes).\n- char: misc: deallocate static minor in error path (git-fixes).\n- char: misc: register chrdev region with all possible minors (git-fixes).\n- check-for-config-changes: Fix flag name typo\n- cifs: Fix integer overflow while processing actimeo mount option (git-fixes).\n- cifs: Fix parsing reparse point with native symlink in SMB1 non-UNICODE session (git-fixes).\n- cifs: Remove intermediate object of failed create reparse call (git-fixes).\n- cifs: commands that are retried should have replay flag set (bsc#1231432).\n- cifs: fix potential null pointer use in destroy_workqueue in init_cifs error path (bsc#1231432).\n- cifs: helper function to check replayable error codes (bsc#1231432).\n- cifs: new mount option called retrans (bsc#1231432).\n- cifs: open_cached_dir should not rely on primary channel (bsc#1231432).\n- cifs: open_cached_dir(): add FILE_READ_EA to desired access (git-fixes).\n- cifs: reduce warning log level for server not advertising interfaces (git-fixes).\n- cifs: update desired access while requesting for directory lease (git-fixes).\n- cifs: update the same create_guid on replay (git-fixes).\n- clockevents/drivers/i8253: Fix stop sequence for timer 0 (git-fixes).\n- coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes).\n- counter: fix privdata alignment (git-fixes).\n- counter: microchip-tcb-capture: Fix undefined counter channel state on probe (git-fixes).\n- counter: stm32-lptimer-cnt: fix error handling when enabling (git-fixes).\n- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (bsc#1237856)\n- cpufreq/amd-pstate: Fix max_perf updation with schedutil (bsc#1239707).\n- cpufreq/cppc: Do not compare desired_perf in target() (bsc#1237856)\n- cpufreq/cppc: Move and rename (bsc#1237856)\n- cpufreq/cppc: Set the frequency used for computing the capacity (bsc#1238052)\n- cpufreq: Allow arch_freq_get_on_cpu to return an error (bsc#1238052)\n- cpufreq: Introduce an optional cpuinfo_avg_freq sysfs entry (bsc#1238052)\n- cpufreq: cppc: Set fie_disabled to FIE_DISABLED if fails to create (bsc#1237856)\n- cpufreq: cppc: cppc_cpufreq_get_rate() returns zero in all error (bsc#1237856)\n- cpumask: add cpumask_weight_andnot() (bsc#1239015).\n- cpumask: define cleanup function for cpumasks (bsc#1239015).\n- crypto: algif_hash - fix double free in hash_accept (git-fixes).\n- crypto: atmel-sha204a - Set hwrng quality to lowest possible (git-fixes).\n- crypto: caam/qi - Fix drv_ctx refcount bug (git-fixes).\n- crypto: ccp - Add support for PCI device 0x1134 (stable-fixes).\n- crypto: ccp - Fix check for the primary ASP device (git-fixes).\n- crypto: ccp - Fix uAPI definitions of PSP errors (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead auth key length (git-fixes).\n- crypto: hisilicon/sec2 - fix for aead authsize alignment (git-fixes).\n- crypto: hisilicon/sec2 - fix for sec spec check (git-fixes).\n- crypto: iaa - Add global_stats file and remove individual stat files (jsc#PED-12416).\n- crypto: iaa - Change desc-\u003epriv to 0 (jsc#PED-12416).\n- crypto: iaa - Change iaa statistics to atomic64_t (jsc#PED-12416).\n- crypto: iaa - Fix comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove comp/decomp delay statistics (jsc#PED-12416).\n- crypto: iaa - Remove header table code (jsc#PED-12416).\n- crypto: iaa - Remove potential infinite loop in check_completion() (jsc#PED-12416).\n- crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (jsc#PED-12416).\n- crypto: iaa - Remove unneeded newline in update_max_adecomp_delay_ns() (jsc#PED-12416).\n- crypto: iaa - Test the correct request flag (git-fixes).\n- crypto: iaa - Use cpumask_weight() when rebalancing (jsc#PED-12416).\n- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (jsc#PED-12416).\n- crypto: iaa - fix decomp_bytes_in stats (jsc#PED-12416).\n- crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (jsc#PED-12416).\n- crypto: iaa - remove unneeded semicolon (jsc#PED-12416).\n- crypto: nx - Fix uninitialised hv_nxc on error (git-fixes).\n- crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (jsc#PED-12416).\n- crypto: qat - Constify struct pm_status_row (jsc#PED-12416).\n- crypto: qat - Fix missing destroy_workqueue in adf_init_aer() (jsc#PED-12416).\n- crypto: qat - Fix spelling mistake \u0027Invalide\u0027 -\u003e \u0027Invalid\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo \u0027accelaration\u0027 (jsc#PED-12416).\n- crypto: qat - Fix typo (jsc#PED-12416).\n- crypto: qat - Remove trailing space after \\n newline (jsc#PED-12416).\n- crypto: qat - Use static_assert() to check struct sizes (jsc#PED-12416).\n- crypto: qat - add admin msgs for telemetry (jsc#PED-12416).\n- crypto: qat - add auto reset on error (jsc#PED-12416).\n- crypto: qat - add bank save and restore flows (jsc#PED-12416).\n- crypto: qat - add fatal error notification (jsc#PED-12416).\n- crypto: qat - add fatal error notify method (jsc#PED-12416).\n- crypto: qat - add heartbeat error simulator (jsc#PED-12416).\n- crypto: qat - add interface for live migration (jsc#PED-12416).\n- crypto: qat - add support for 420xx devices (jsc#PED-12416).\n- crypto: qat - add support for device telemetry (jsc#PED-12416).\n- crypto: qat - add support for ring pair level telemetry (jsc#PED-12416).\n- crypto: qat - adf_get_etr_base() helper (jsc#PED-12416).\n- crypto: qat - allow disabling SR-IOV VFs (jsc#PED-12416).\n- crypto: qat - avoid memcpy() overflow warning (jsc#PED-12416).\n- crypto: qat - change signature of uof_get_num_objs() (jsc#PED-12416).\n- crypto: qat - disable arbitration before reset (jsc#PED-12416).\n- crypto: qat - ensure correct order in VF restarting handler (jsc#PED-12416).\n- crypto: qat - expand CSR operations for QAT GEN4 devices (jsc#PED-12416).\n- crypto: qat - fix \u0027Full Going True\u0027 macro definition (jsc#PED-12416).\n- crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (jsc#PED-12416).\n- crypto: qat - fix comment structure (jsc#PED-12416).\n- crypto: qat - fix linking errors when PCI_IOV is disabled (jsc#PED-12416).\n- crypto: qat - fix recovery flow for VFs (jsc#PED-12416).\n- crypto: qat - fix ring to service map for dcc in 420xx (jsc#PED-12416).\n- crypto: qat - generate dynamically arbiter mappings (jsc#PED-12416).\n- crypto: qat - implement dh fallback for primes \u003e 4K (jsc#PED-12416).\n- crypto: qat - implement interface for live migration (jsc#PED-12416).\n- crypto: qat - improve aer error reset handling (jsc#PED-12416).\n- crypto: qat - improve error message in adf_get_arbiter_mapping() (jsc#PED-12416).\n- crypto: qat - include pci.h for GET_DEV() (jsc#PED-12416).\n- crypto: qat - initialize user_input.lock for rate_limiting (jsc#PED-12416).\n- crypto: qat - limit heartbeat notifications (jsc#PED-12416).\n- crypto: qat - make adf_ctl_class constant (jsc#PED-12416).\n- crypto: qat - make ring to service map common for QAT GEN4 (jsc#PED-12416).\n- crypto: qat - move PFVF compat checker to a function (jsc#PED-12416).\n- crypto: qat - move fw config related structures (jsc#PED-12416).\n- crypto: qat - preserve ADF_GENERAL_SEC (jsc#PED-12416).\n- crypto: qat - re-enable sriov after pf reset (jsc#PED-12416).\n- crypto: qat - relocate CSR access code (jsc#PED-12416).\n- crypto: qat - relocate and rename 4xxx PF2VM definitions (jsc#PED-12416).\n- crypto: qat - relocate portions of qat_4xxx code (jsc#PED-12416).\n- crypto: qat - remove access to parity register for QAT GEN4 (git-fixes).\n- crypto: qat - remove unnecessary description from comment (jsc#PED-12416).\n- crypto: qat - remove unused adf_devmgr_get_first (jsc#PED-12416).\n- crypto: qat - rename get_sla_arr_of_type() (jsc#PED-12416).\n- crypto: qat - set parity error mask for qat_420xx (git-fixes).\n- crypto: qat - uninitialized variable in adf_hb_error_inject_write() (jsc#PED-12416).\n- crypto: qat - update PFVF protocol for recovery (jsc#PED-12416).\n- crypto: qat - use kcalloc_node() instead of kzalloc_node() (jsc#PED-12416).\n- crypto: qat - validate slices count returned by FW (jsc#PED-12416).\n- crypto: qat/qat_420xx - fix off by one in uof_get_name() (jsc#PED-12416).\n- cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path (git-fixes).\n- devlink: fix port new reply cmd type (git-fixes).\n- dlm: prevent NPD when writing a positive value to event_done (git-fixes).\n- dm array: fix cursor index when skipping across block boundaries (git-fixes).\n- dm array: fix unreleased btree blocks on closing a faulty array cursor (git-fixes).\n- dm init: Handle minors larger than 255 (git-fixes).\n- dm integrity: fix out-of-range warning (git-fixes).\n- dm persistent data: fix memory allocation failure (git-fixes).\n- dm resume: do not return EINVAL when signalled (git-fixes).\n- dm suspend: return -ERESTARTSYS instead of -EINTR (git-fixes).\n- dm thin: Add missing destroy_work_on_stack() (git-fixes).\n- dm-bufio: do not schedule in atomic context (git-fixes).\n- dm-crypt: do not update io-\u003esector after kcryptd_crypt_write_io_submit() (git-fixes).\n- dm-crypt: track tag_offset in convert_context (git-fixes).\n- dm-delay: fix hung task introduced by kthread mode (git-fixes).\n- dm-delay: fix max_delay calculations (git-fixes).\n- dm-delay: fix workqueue delay_timer race (git-fixes).\n- dm-ebs: do not set the flag DM_TARGET_PASSES_INTEGRITY (git-fixes).\n- dm-ebs: fix prefetch-vs-suspend race (git-fixes).\n- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (git-fixes).\n- dm-integrity: align the outgoing bio in integrity_recheck (git-fixes).\n- dm-integrity: fix a race condition when accessing recalc_sector (git-fixes).\n- dm-integrity: fix a warning on invalid table line (git-fixes).\n- dm-integrity: set ti-\u003eerror on memory allocation failure (git-fixes).\n- dm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume (git-fixes).\n- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (git-fixes).\n- dm-verity FEC: Fix RS FEC repair for roots unaligned to block size (take 2) (git-fixes).\n- dm-verity: fix prefetch-vs-suspend race (git-fixes).\n- dm: Fix typo in error message (git-fixes).\n- dm: add missing unlock on in dm_keyslot_evict() (git-fixes).\n- dm: always update the array size in realloc_argv on success (git-fixes).\n- dm: fix copying after src array boundaries (git-fixes).\n- dma-buf: insert memory barrier before updating num_fences (git-fixes).\n- dma: kmsan: export kmsan_handle_dma() for modules (git-fixes).\n- dmaengine: Revert \u0027dmaengine: dmatest: Fix dmatest waiting less when interrupted\u0027 (git-fixes).\n- dmaengine: dmatest: Fix dmatest waiting less when interrupted (stable-fixes).\n- dmaengine: idxd: Add missing cleanup for early error out in idxd_setup_internals (git-fixes).\n- dmaengine: idxd: Add missing cleanups in cleanup internals (git-fixes).\n- dmaengine: idxd: Add missing idxd cleanup to fix memory leak in remove call (git-fixes).\n- dmaengine: idxd: Fix -\u003epoll() return value (git-fixes).\n- dmaengine: idxd: Fix allowing write() from different address spaces (git-fixes).\n- dmaengine: idxd: Refactor remove call with idxd_cleanup() helper (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_alloc (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_pci_probe (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_engines (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_groups (git-fixes).\n- dmaengine: idxd: fix memory leak in error handling path of idxd_setup_wqs (git-fixes).\n- dmaengine: mediatek: Fix a possible deadlock error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: mediatek: drop unused variable (git-fixes).\n- dmaengine: ti: k3-udma: Add missing locking (git-fixes).\n- dmaengine: ti: k3-udma: Use cap_mask directly from dma_device structure instead of a local copy (git-fixes).\n- driver core: Remove needless return in void API device_remove_group() (git-fixes).\n- drivers: base: devres: Allow to release group on device release (stable-fixes).\n- drivers: core: fix device leak in __fw_devlink_relax_cycles() (git-fixes).\n- drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl (git-fixes).\n- drm/amd/display: Add scoped mutexes for amdgpu_dm_dhcp (stable-fixes).\n- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (stable-fixes).\n- drm/amd/display: Avoid flooding unnecessary info messages (git-fixes).\n- drm/amd/display: Copy AUX read reply data whenever length \u003e 0 (git-fixes).\n- drm/amd/display: Correct the reply value when AUX write incomplete (git-fixes).\n- drm/amd/display: Disable PSR-SU on eDP panels (stable-fixes).\n- drm/amd/display: Disable unneeded hpd interrupts during dm_init (stable-fixes).\n- drm/amd/display: Fix HPD after gpu reset (stable-fixes).\n- drm/amd/display: Fix gpu reset in multidisplay config (git-fixes).\n- drm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params (git-fixes).\n- drm/amd/display: Fix slab-use-after-free in hdcp (git-fixes).\n- drm/amd/display: Fix slab-use-after-free on hdcp_work (git-fixes).\n- drm/amd/display: Fix the checking condition in dmub aux handling (stable-fixes).\n- drm/amd/display: Fix wrong handling for AUX_DEFER case (git-fixes).\n- drm/amd/display: Force full update in gpu reset (stable-fixes).\n- drm/amd/display: Remove incorrect checking in dmub aux handler (git-fixes).\n- drm/amd/display: Restore correct backlight brightness after a GPU reset (stable-fixes).\n- drm/amd/display: Shift DMUB AUX reply command if necessary (git-fixes).\n- drm/amd/display: Use HW lock mgr for PSR1 when only one eDP (git-fixes).\n- drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes).\n- drm/amd/display: avoid NPD when ASIC does not support DMUB (git-fixes).\n- drm/amd/display: fix type mismatch in CalculateDynamicMetadataParameters() (git-fixes).\n- drm/amd/display: more liberal vmin/vmax update for freesync (stable-fixes).\n- drm/amd/pm/smu11: Prevent division by zero (git-fixes).\n- drm/amd/pm: Prevent division by zero (git-fixes).\n- drm/amd: Add Suspend/Hibernate notification callback support (stable-fixes).\n- drm/amd: Handle being compiled without SI or CIK support better (stable-fixes).\n- drm/amd: Keep display off while going into S4 (stable-fixes).\n- drm/amdgpu/dma_buf: fix page_link check (git-fixes).\n- drm/amdgpu/gfx11: fix num_mec (git-fixes).\n- drm/amdgpu/hdp5.2: use memcfg register to post the write for HDP flush (git-fixes).\n- drm/amdgpu/umsch: declare umsch firmware (git-fixes).\n- drm/amdgpu: Check extended configuration space register when system uses large bar (stable-fixes).\n- drm/amdgpu: Fix JPEG video caps max size for navi1x and raven (stable-fixes).\n- drm/amdgpu: Fix MPEG2, MPEG4 and VC1 video caps max size (stable-fixes).\n- drm/amdgpu: Queue KFD reset workitem in VF FED (stable-fixes).\n- drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV (git-fixes).\n- drm/amdgpu: disable BAR resize on Dell G5 SE (git-fixes).\n- drm/amdgpu: fix pm notifier handling (git-fixes).\n- drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() (stable-fixes).\n- drm/amdgpu: trigger flr_work if reading pf2vf data failed (stable-fixes).\n- drm/amdkfd: Fix Circular Locking Dependency in \u0027svm_range_cpu_invalidate_pagetables\u0027 (git-fixes).\n- drm/amdkfd: Fix mode1 reset crash issue (stable-fixes).\n- drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (stable-fixes).\n- drm/amdkfd: clamp queue size to minimum (stable-fixes).\n- drm/amdkfd: debugfs hang_hws skip GPU with MES (stable-fixes).\n- drm/atomic: Filter out redundant DPMS calls (stable-fixes).\n- drm/bridge: Fix spelling mistake \u0027gettin\u0027 -\u003e \u0027getting\u0027 (git-fixes).\n- drm/bridge: it6505: fix HDCP V match check is not performed correctly (git-fixes).\n- drm/bridge: panel: forbid initializing a panel with unknown connector type (stable-fixes).\n- drm/bridge: ti-sn65dsi86: Fix multiple instances (git-fixes).\n- drm/dp_mst: Add a helper to queue a topology probe (stable-fixes).\n- drm/dp_mst: Factor out function to queue a topology probe work (stable-fixes).\n- drm/dp_mst: Fix drm RAD print (git-fixes).\n- drm/dp_mst: Fix locking when skipping CSN before topology probing (git-fixes).\n- drm/edid: fixed the bug that hdr metadata was not reset (git-fixes).\n- drm/fdinfo: Protect against driver unbind (git-fixes).\n- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (git-fixes).\n- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (git-fixes).\n- drm/i915/cdclk: Do cdclk post plane programming later (stable-fixes).\n- drm/i915/ddi: Fix HDMI port width programming in DDI_BUF_CTL (git-fixes).\n- drm/i915/dg2: wait for HuC load completion before running selftests (stable-fixes).\n- drm/i915/dp: Fix error handling during 128b/132b link training (stable-fixes).\n- drm/i915/dsi: Use TRANS_DDI_FUNC_CTL\u0027s own port width macro (git-fixes).\n- drm/i915/gvt: fix unterminated-string-initialization warning (stable-fixes).\n- drm/i915/huc: Fix fence not released on early probe errors (git-fixes).\n- drm/i915/pxp: fix undefined reference to `intel_pxp_gsccs_is_ready_for_sessions\u0027 (git-fixes).\n- drm/i915/xe2lpd: Move D2D enable/disable (stable-fixes).\n- drm/i915/xelpg: Extend driver code of Xe_LPG to Xe_LPG+ (stable-fixes).\n- drm/i915: Disable RPG during live selftest (git-fixes).\n- drm/i915: Make sure all planes in use by the joiner have their crtc included (stable-fixes).\n- drm/mediatek: dp: drm_err =\u003e dev_err in HPD path to avoid NULL ptr (git-fixes).\n- drm/mediatek: dsi: fix error codes in mtk_dsi_host_transfer() (git-fixes).\n- drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (stable-fixes).\n- drm/mediatek: mtk_dpi: Move the input_2p_en bit to platform data (stable-fixes).\n- drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (git-fixes).\n- drm/mediatek: mtk_hdmi: Unregister audio platform device on failure (git-fixes).\n- drm/msm/a6xx: Fix a6xx indexed-regs in devcoreduump (git-fixes).\n- drm/msm/a6xx: Fix stale rpmh votes from GPU (git-fixes).\n- drm/msm/dpu: do not use active in atomic_check() (git-fixes).\n- drm/msm/dsi: Set PHY usescase (and mode) before registering DSI host (git-fixes).\n- drm/msm/dsi: Use existing per-interface slice count in DSC timing (git-fixes).\n- drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER (stable-fixes).\n- drm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit() (git-fixes).\n- drm/nouveau: Do not override forced connector status (stable-fixes).\n- drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() (git-fixes).\n- drm/nouveau: prime: fix ttm_bo_delayed_delete oops (git-fixes).\n- drm/panel: ilitek-ili9882t: fix GPIO name in error message (git-fixes).\n- drm/panel: simple: Update timings for AUO G101EVN010 (git-fixes).\n- drm/radeon/ci_dpm: Remove needless NULL checks of dpm tables (git-fixes).\n- drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (stable-fixes).\n- drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (git-fixes).\n- drm/repaper: fix integer overflows in repeat functions (git-fixes).\n- drm/sched: Fix fence reference count leak (git-fixes).\n- drm/sched: Fix preprocessor guard (git-fixes).\n- drm/ssd130x: Set SPI .id_table to prevent an SPI core warning (git-fixes).\n- drm/ssd130x: ensure ssd132x pitch is correct (git-fixes).\n- drm/ssd130x: fix ssd132x encoding (git-fixes).\n- drm/sti: remove duplicate object names (git-fixes).\n- drm/tests: Add helper to create mock crtc (stable-fixes).\n- drm/tests: Add helper to create mock plane (stable-fixes).\n- drm/tests: Build KMS helpers when DRM_KUNIT_TEST_HELPERS is enabled (git-fixes).\n- drm/tests: cmdline: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: helpers: Add atomic helpers (stable-fixes).\n- drm/tests: helpers: Add helper for drm_display_mode_from_cea_vic() (stable-fixes).\n- drm/tests: helpers: Create kunit helper to destroy a drm_display_mode (stable-fixes).\n- drm/tests: helpers: Fix compiler warning (git-fixes).\n- drm/tests: modes: Fix drm_display_mode memory leak (git-fixes).\n- drm/tests: probe-helper: Fix drm_display_mode memory leak (git-fixes).\n- drm/v3d: Add job to pending list if the reset was skipped (stable-fixes).\n- drm/v3d: Do not run jobs that have errors flagged in its fence (git-fixes).\n- drm/vkms: Fix use after free and double free on init error (git-fixes).\n- drm/vkms: Round fixp2int conversion in lerp_u16 (stable-fixes).\n- drm: Select DRM_KMS_HELPER from DRM_DEBUG_DP_MST_TOPOLOGY_REFS (git-fixes).\n- drm: allow encoder mode_set even when connectors change for crtc (stable-fixes).\n- drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for AYA NEO Slide (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for OneXPlayer Mini (Intel) (stable-fixes).\n- drm: panel-orientation-quirks: Add quirks for AYA NEO Flip DS and KB (stable-fixes).\n- drm: panel-orientation-quirks: Add support for AYANEO 2S (stable-fixes).\n- drm: xlnx: zynqmp: Fix max dma segment size (git-fixes).\n- dummycon: fix default rows/cols (git-fixes).\n- e1000e: change k1 configuration on MTP and later platforms (git-fixes).\n- eeprom: digsy_mtc: Make GPIO lookup table match the device (git-fixes).\n- efi/libstub: Bump up EFI_MMAP_NR_SLACK_SLOTS to 32 (bsc#1239349).\n- eth: bnxt: fix missing ring index trim on error path (git-fixes).\n- ethtool: Fix context creation with no parameters (git-fixes).\n- ethtool: Fix set RXNFC command with symmetric RSS hash (git-fixes).\n- ethtool: Fix wrong mod state in case of verbose and no_mask bitset (git-fixes).\n- ethtool: do not propagate EOPNOTSUPP from dumps (git-fixes).\n- ethtool: fix setting key and resetting indir at once (git-fixes).\n- ethtool: netlink: Add missing ethnl_ops_begin/complete (git-fixes).\n- ethtool: netlink: do not return SQI value if link is down (git-fixes).\n- ethtool: plca: fix plca enable data type while parsing the value (git-fixes).\n- ethtool: rss: echo the context number back (git-fixes).\n- exfat: do not fallback to buffered write (git-fixes).\n- exfat: do not zero the extended part (bsc#1237356).\n- exfat: drop -\u003ei_size_ondisk (git-fixes).\n- exfat: fix appending discontinuous clusters to empty file (bsc#1237356).\n- exfat: fix potential wrong error return from get_block (git-fixes).\n- exfat: fix soft lockup in exfat_clear_bitmap (git-fixes).\n- exfat: fix the infinite loop in exfat_find_last_cluster() (git-fixes).\n- exfat: fix timing of synchronizing bitmap and inode (bsc#1237356).\n- exfat: short-circuit zero-byte writes in exfat_file_write_iter (git-fixes).\n- ext4: add missing brelse() for bh2 in ext4_dx_add_entry() (bsc#1242342).\n- ext4: correct encrypted dentry name hash when not casefolded (bsc#1242540).\n- ext4: do not over-report free space or inodes in statvfs (bsc#1242345).\n- ext4: do not treat fhandle lookup of ea_inode as FS corruption (bsc#1242347).\n- ext4: fix FS_IOC_GETFSMAP handling (bsc#1240557).\n- ext4: goto right label \u0027out_mmap_sem\u0027 in ext4_setattr() (bsc#1242556).\n- ext4: make block validity check resistent to sb bh corruption (bsc#1242348).\n- ext4: partial zero eof block on unaligned inode size extension (bsc#1242336).\n- ext4: protect ext4_release_dquot against freezing (bsc#1242335).\n- ext4: replace the traditional ternary conditional operator with with max()/min() (bsc#1242536).\n- ext4: treat end of range as exclusive in ext4_zero_range() (bsc#1242539).\n- ext4: unify the type of flexbg_size to unsigned int (bsc#1242538).\n- fbdev: au1100fb: Move a variable assignment behind a null pointer check (git-fixes).\n- fbdev: omapfb: Add \u0027plane\u0027 value check (stable-fixes).\n- fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes).\n- fbdev: sm501fb: Add some geometry checks (git-fixes).\n- firmware: arm_ffa: Explicitly cast return value from FFA_VERSION before comparison (git-fixes).\n- firmware: arm_ffa: Skip Rx buffer ownership release if not acquired (git-fixes).\n- firmware: arm_scmi: Balance device refcount when destroying devices (git-fixes).\n- firmware: arm_scmi: use ioread64() instead of ioread64_hi_lo() (git-fixes).\n- firmware: cs_dsp: Ensure cs_dsp_load[_coeff]() returns 0 on success (git-fixes).\n- firmware: cs_dsp: Remove async regmap writes (git-fixes).\n- firmware: imx-scu: fix OF node leak in .probe() (git-fixes).\n- flow_dissector: use RCU protection to fetch dev_net() (bsc#1239994).\n- fs/jfs: Prevent integer overflow in AG size calculation (git-fixes).\n- fs/jfs: cast inactags to s64 to prevent potential overflow (git-fixes).\n- fs/ntfs3: add prefix to bitmap_size() and use BITS_TO_U64() (bsc#1241250).\n- fs: better handle deep ancestor chains in is_subdir() (bsc#1242528).\n- fs: consistently deref the files table with rcu_dereference_raw() (bsc#1242535).\n- fs: do not allow non-init s_user_ns for filesystems without FS_USERNS_MOUNT (bsc#1242526).\n- fs: support relative paths with FSCONFIG_SET_STRING (git-fixes).\n- gpio: aggregator: protect driver attr handlers against module unload (git-fixes).\n- gpio: rcar: Fix missing of_node_put() call (git-fixes).\n- gpio: rcar: Use raw_spinlock to protect register access (stable-fixes).\n- gpio: tegra186: fix resource handling in ACPI probe path (git-fixes).\n- gpio: zynq: Fix wakeup source leaks on device unbind (stable-fixes).\n- gpu: host1x: Do not assume that a NULL domain means no DMA IOMMU (git-fixes).\n- gup: make the stack expansion warning a bit more targeted (bsc#1238214).\n- gve: handle overflow when reporting TX consumed descriptors (git-fixes).\n- gve: set xdp redirect target only when it is available (git-fixes).\n- hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (git-fixes).\n- hv_netvsc: Preserve contiguous PFN grouping in the page buffer array (git-fixes).\n- hv_netvsc: Remove rmsg_pgcnt (git-fixes).\n- hv_netvsc: Use vmbus_sendpacket_mpb_desc() to send VMBus messages (git-fixes).\n- hwmon: (ad7314) Validate leading zero bits and return error (git-fixes).\n- hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (stable-fixes).\n- hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (git-fixes).\n- hwmon: (pmbus) Initialise page count in pmbus_identify() (git-fixes).\n- hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (git-fixes).\n- i2c: ali1535: Fix an error handling path in ali1535_probe() (git-fixes).\n- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (git-fixes).\n- i2c: amd-mp2: drop free_irq() of devm_request_irq() allocated irq (git-fixes).\n- i2c: cros-ec-tunnel: defer probe if parent EC is not present (git-fixes).\n- i2c: designware: Fix an error handling path in i2c_dw_pci_probe() (git-fixes).\n- i2c: imx-lpi2c: Fix clock count when probe defers (git-fixes).\n- i2c: ls2x: Fix frequency division register access (git-fixes).\n- i2c: npcm: disable interrupt enable bit before devm_request_irq (git-fixes).\n- i2c: omap: fix IRQ storms (git-fixes).\n- i2c: sis630: Fix an error handling path in sis630_probe() (git-fixes).\n- i3c: Add NULL pointer check in i3c_master_queue_ibi() (git-fixes).\n- i3c: master: svc: Fix missing the IBI rules (git-fixes).\n- i3c: master: svc: Use readsb helper for reading MDB (git-fixes).\n- ice: Add check for devm_kzalloc() (git-fixes).\n- ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr() (git-fixes).\n- ice: Remove and readd netdev during devlink reload (bsc#1230497 bsc#1239518).\n- ice: fix reservation of resources for RDMA when disabled (git-fixes).\n- ice: pass VSI pointer into ice_vc_isvalid_q_id (bsc#1237848 bsc#1230497).\n- ice: stop truncating queue ids when checking (git-fixes).\n- idpf: check error for register_netdev() on init (git-fixes).\n- idpf: fix adapter NULL pointer dereference on reboot (git-fixes).\n- idpf: fix offloads support for encapsulated packets (git-fixes).\n- idpf: fix potential memory leak on kcalloc() failure (git-fixes).\n- idpf: protect shutdown from reset (git-fixes).\n- igb: reject invalid external timestamp requests for 82580-based HW (git-fixes).\n- igc: add lock preventing multiple simultaneous PTM transactions (git-fixes).\n- igc: cleanup PTP module if probe fails (git-fixes).\n- igc: fix PTM cycle trigger logic (git-fixes).\n- igc: fix lock order in igc_ptp_reset (git-fixes).\n- igc: handle the IGC_PTP_ENABLED flag correctly (git-fixes).\n- igc: increase wait time before retrying PTM (git-fixes).\n- igc: move ktime snapshot into PTM retry loop (git-fixes).\n- iio: accel: adxl367: fix setting odr for activity time update (git-fixes).\n- iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (git-fixes).\n- iio: accel: msa311: Fix failure to release runtime pm if direct mode claim fails (git-fixes).\n- iio: adc: ad4130: Fix comparison of channel setups (git-fixes).\n- iio: adc: ad7124: Fix comparison of channel configs (git-fixes).\n- iio: adc: ad7606: fix serial register access (git-fixes).\n- iio: adc: ad7768-1: Fix conversion result sign (git-fixes).\n- iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (stable-fixes).\n- iio: adc: at91-sama5d2_adc: fix sama7g5 realbits value (git-fixes).\n- iio: adis16201: Correct inclinometer channel resolution (git-fixes).\n- iio: dac: ad3552r: clear reset status flag (git-fixes).\n- iio: filter: admv8818: Force initialization of SDO (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_fifo (git-fixes).\n- iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo (git-fixes).\n- iio: temp: maxim-thermocouple: Fix potential lack of DMA safe buffer (git-fixes).\n- include/linux/mmzone.h: clean up watermark accessors (bsc#1239600).\n- include: net: add static inline dst_dev_overhead() to dst.h (git-fixes).\n- inetpeer: remove create argument of inet_getpeer_v() (git-fixes).\n- inetpeer: update inetpeer timestamp in inet_getpeer() (git-fixes).\n- init: add initramfs_internal.h (bsc#1232848).\n- initcall_blacklist: Does not allow kernel_lockdown be blacklisted (bsc#1237521).\n- initramfs: allocate heap buffers together (bsc#1232848).\n- initramfs: fix hardlink hash leak without TRAILER (bsc#1232848).\n- intel_idle: Add ibrs_off module parameter to force-disable IBRS (git-fixes).\n- intel_idle: Use __update_spec_ctrl() in intel_idle_ibrs() (git-fixes).\n- intel_th: pci: Add Arrow Lake support (stable-fixes).\n- intel_th: pci: Add Panther Lake-H support (stable-fixes).\n- intel_th: pci: Add Panther Lake-P/U support (stable-fixes).\n- ioam6: improve checks on user data (git-fixes).\n- iommu/vt-d: Fix suspicious RCU usage (git-fixes).\n- iommu: Fix two issues in iommu_copy_struct_from_user() (git-fixes).\n- ipv4/route: avoid unused-but-set-variable warning (git-fixes).\n- ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR) (git-fixes).\n- ipv4: Convert icmp_route_lookup() to dscp_t (git-fixes).\n- ipv4: Fix incorrect source address in Record Route option (git-fixes).\n- ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family (git-fixes).\n- ipv4: add RCU protection to ip4_dst_hoplimit() (bsc#1239994).\n- ipv4: fib: annotate races around nh-\u003enh_saddr_genid and nh-\u003enh_saddr (git-fixes).\n- ipv4: fix source address selection with route leak (git-fixes).\n- ipv4: give an IPv4 dev to blackhole_netdev (git-fixes).\n- ipv4: icmp: Pass full DS field to ip_route_input() (git-fixes).\n- ipv4: ip_gre: Avoid skb_pull() failure in ipgre_xmit() (git-fixes).\n- ipv4: ip_gre: Fix drops of small packets in ipgre_xmit (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_md_tunnel_xmit() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_bind_dev() (git-fixes).\n- ipv4: ip_tunnel: Unmask upper DSCP bits in ip_tunnel_xmit() (git-fixes).\n- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (git-fixes).\n- ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels (git-fixes).\n- ipv4: use RCU protection in inet_select_addr() (bsc#1239994).\n- ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (bsc#1239994).\n- ipv4: use RCU protection in ipv4_default_advmss() (bsc#1239994).\n- ipv4: use RCU protection in rt_is_expired() (bsc#1239994).\n- ipv6: Align behavior across nexthops during path selection (git-fixes).\n- ipv6: Do not consider link down nexthops in path selection (git-fixes).\n- ipv6: Ensure natural alignment of const ipv6 loopback and router addresses (git-fixes).\n- ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw() (git-fixes).\n- ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create() (git-fixes).\n- ipv6: Start path selection from the first nexthop (git-fixes).\n- ipv6: Use RCU in ip6_input() (bsc#1239994).\n- ipv6: annotate data-races around cnf.disable_ipv6 (git-fixes).\n- ipv6: avoid atomic fragment on GSO packets (git-fixes).\n- ipv6: fib6_rules: flush route cache when rule is changed (git-fixes).\n- ipv6: fib: hide unused \u0027pn\u0027 variable (git-fixes).\n- ipv6: fix ndisc_is_useropt() handling for PIO (git-fixes).\n- ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (git-fixes).\n- ipv6: fix potential NULL deref in fib6_add() (git-fixes).\n- ipv6: icmp: convert to dev_net_rcu() (bsc#1239994).\n- ipv6: introduce dst_rt6_info() helper (git-fixes).\n- ipv6: ioam: block BH from ioam6_output() (git-fixes).\n- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (git-fixes).\n- ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- ipv6: sr: add missing seg6_local_exit (git-fixes).\n- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (git-fixes).\n- ipv6: take care of scope when choosing the src addr (git-fixes).\n- irqchip/davinci: Remove leftover header (git-fixes).\n- irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() (git-fixes).\n- irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs (git-fixes).\n- isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (bsc#1242307).\n- jbd2: add a missing data flush during file and fs synchronization (bsc#1242346).\n- jbd2: fix off-by-one while erasing journal (bsc#1242344).\n- jbd2: flush filesystem device before updating tail sequence (bsc#1242333).\n- jbd2: increase IO priority for writing revoke records (bsc#1242332).\n- jbd2: increase the journal IO\u0027s priority (bsc#1242537).\n- jbd2: remove wrong sb-\u003es_sequence check (bsc#1242343).\n- jfs: Fix uninit-value access of imap allocated in the diMount() function (git-fixes).\n- jfs: Prevent copying of nlink with value 0 from disk inode (git-fixes).\n- jfs: add check read-only before truncation in jfs_truncate_nolock() (git-fixes).\n- jfs: add check read-only before txBeginAnon() call (git-fixes).\n- jfs: add index corruption check to DT_GETPAGE() (git-fixes).\n- jfs: add sanity check for agwidth in dbMount (git-fixes).\n- jfs: fix slab-out-of-bounds read in ea_get() (git-fixes).\n- jfs: reject on-disk inodes of an unsupported type (git-fixes).\n- jiffies: Cast to unsigned long in secs_to_jiffies() conversion (bsc#1242993).\n- jiffies: Define secs_to_jiffies() (bsc#1242993).\n- kABI fix for RDMA/core: Do not expose hw_counters outside (git-fixes)\n- kABI fix for ipv6: remove hard coded limitation on ipv6_pinfo (git-fixes).\n- kABI fix for net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- kABI fix for netlink: terminate outstanding dump on socket close (git-fixes).\n- kABI fix for sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- kABI fix for tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- kABI fix for tcp: replace tcp_time_stamp_raw() (git-fixes).\n- kABI workaround for intel-ish-hid (git-fixes).\n- kABI workaround for powercap update (bsc#1241010).\n- kABI workaround for soc_mixer_control changes (git-fixes).\n- kabi: hide adding RCU head into struct netdev_name_node (bsc#1233749).\n- kbuild: hdrcheck: fix cross build with clang (git-fixes).\n- kernel-binary: Support livepatch_rt with merged RT branch\n- kernel-obs-qa: Use srchash for dependency as well\n- kernel-source: Also replace bin/env\n- ktest: Fix Test Failures Due to Missing LOG_FILE Directories (stable-fixes).\n- kunit: qemu_configs: SH: Respect kunit cmdline (git-fixes).\n- kunit: qemu_configs: sparc: use Zilog console (git-fixes).\n- l2tp: fix ICMP error handling for UDP-encap sockets (git-fixes).\n- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (git-fixes).\n- l2tp: fix lockdep splat (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix calculation of best period Hi-Res PWMs (git-fixes).\n- leds: rgb: leds-qcom-lpg: Fix pwm resolution max for Hi-Res PWMs (git-fixes).\n- lib: 842: Improve error handling in sw842_compress() (git-fixes).\n- lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (git-fixes).\n- libperf cpumap: Be tolerant of newline at the end of a cpumask (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Ensure empty cpumap is NULL from alloc (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Grow array of read CPUs in smaller increments (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__default_new() to perf_cpu_map__new_online_cpus() and prefer sysfs (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__dummy_new() to perf_cpu_map__new_any_cpu() (bsc#1234698 jsc#PED-12309).\n- libperf cpumap: Rename perf_cpu_map__empty() to perf_cpu_map__has_any_cpu_or_is_empty() (bsc#1234698 jsc#PED-12309).\n- lockdep: Do not disable interrupts on RT in disable_irq_nosync_lockdep.*() (git-fixes).\n- loop: Add sanity check for read/write_iter (git-fixes).\n- loop: LOOP_SET_FD: send uevents for partitions (git-fixes).\n- loop: aio inherit the ioprio of original request (git-fixes).\n- loop: do not require -\u003ewrite_iter for writable files in loop_configure (git-fixes).\n- loop: properly send KOBJ_CHANGED uevent for disk device (git-fixes).\n- loop: stop using vfs_iter_{read,write} for buffered I/O (git-fixes).\n- md/md-bitmap: Add missing destroy_work_on_stack() (git-fixes).\n- md/md-bitmap: add \u0027sync_size\u0027 into struct md_bitmap_stats (git-fixes).\n- md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb (bsc#1238212).\n- md/md-bitmap: replace md_bitmap_status() with a new helper md_bitmap_get_stats() (git-fixes).\n- md/md-cluster: fix spares warnings for __le64 (git-fixes).\n- md/raid0: do not free conf on raid0_run failure (git-fixes).\n- md/raid1,raid10: do not ignore IO flags (git-fixes).\n- md/raid10: fix missing discard IO accounting (git-fixes).\n- md/raid10: wait barrier before returning discard request with REQ_NOWAIT (git-fixes).\n- md/raid1: Add check for missing source disk in process_checks() (git-fixes).\n- md/raid1: do not free conf on raid0_run failure (git-fixes).\n- md/raid1: fix memory leak in raid1_run() if no active rdev (git-fixes).\n- md/raid5: Wait sync io to finish before changing group cnt (git-fixes).\n- md/raid5: implement pers-\u003ebitmap_sector() (git-fixes).\n- md: Do not flush sync_work in md_write_start() (git-fixes).\n- md: add a new callback pers-\u003ebitmap_sector() (git-fixes).\n- md: convert comma to semicolon (git-fixes).\n- md: ensure resync is prioritized over recovery (git-fixes).\n- md: fix mddev uaf while iterating all_mddevs list (git-fixes).\n- md: preserve KABI in struct md_personality v2 (git-fixes).\n- mdacon: rework dependency list (git-fixes).\n- media: i2c: adv748x: Fix test pattern selection mask (git-fixes).\n- media: i2c: ccs: Set the device\u0027s runtime PM status correctly in remove (git-fixes).\n- media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (git-fixes).\n- media: i2c: ov7251: Set enable GPIO low in probe (git-fixes).\n- media: platform: allgro-dvt: unregister v4l2_device on the error path (git-fixes).\n- media: platform: stm32: Add check for clk_enable() (git-fixes).\n- media: siano: Fix error handling in smsdvb_module_init() (git-fixes).\n- media: streamzap: fix race between device disconnection and urb callback (git-fixes).\n- media: streamzap: prevent processing IR data on URB failure (git-fixes).\n- media: uvcvideo: Add quirk for Actions UVC05 (stable-fixes).\n- media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (git-fixes).\n- media: venus: hfi: add a check to handle OOB in sfr region (git-fixes).\n- media: venus: hfi: add check to handle incorrect queue size (git-fixes).\n- media: venus: hfi_parser: add check to avoid out of bound access (git-fixes).\n- media: venus: hfi_parser: refactor hfi packet parsing logic (git-fixes).\n- media: verisilicon: HEVC: Initialize start_bit field (git-fixes).\n- media: videobuf2: Add missing doc comment for waiting_in_dqbuf (git-fixes).\n- media: vim2m: print device name after registering device (git-fixes).\n- media: visl: Fix ERANGE error when setting enum controls (git-fixes).\n- mei: me: add panther lake H DID (stable-fixes).\n- mei: me: add panther lake P DID (stable-fixes).\n- memblock tests: fix warning: \u0027__ALIGN_KERNEL\u0027 redefined (git-fixes).\n- memory: mtk-smi: Add ostd setting for mt8192 (git-fixes).\n- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (git-fixes).\n- mfd: ene-kb3930: Fix a potential NULL pointer dereference (git-fixes).\n- mfd: sm501: Switch to BIT() to mitigate integer overflows (git-fixes).\n- mfd: syscon: Add of_syscon_register_regmap() API (stable-fixes).\n- mfd: syscon: Fix race in device_node_get_regmap() (git-fixes).\n- mfd: syscon: Remove extern from function prototypes (stable-fixes).\n- mfd: syscon: Use scoped variables with memory allocators to simplify error paths (stable-fixes).\n- misc: microchip: pci1xxxx: Fix Kernel panic during IRQ handler registration (git-fixes).\n- misc: microchip: pci1xxxx: Fix incorrect IRQ status handling during ack (git-fixes).\n- mm/page_alloc: fix memory accept before watermarks gets initialized (bsc#1239600).\n- mm/readahead: fix large folio support in async readahead (bsc#1242321).\n- mm: accept to promo watermark (bsc#1239600).\n- mm: create promo_wmark_pages and clean up open-coded sites (bsc#1239600).\n- mm: fix endless reclaim on machines with unaccepted memory (bsc#1239600).\n- mm: fix error handling in __filemap_get_folio() with FGP_NOWAIT (bsc#1242326).\n- mm: fix filemap_get_folios_contig returning batches of identical folios (bsc#1242327).\n- mm: fix oops when filemap_map_pmd() without prealloc_pte (bsc#1242546).\n- mm: hugetlb: Add huge page size param to huge_ptep_get_and_clear() (git-fixes)\n- mm: zswap: move allocations during CPU init outside the lock (git-fixes).\n- mmc: atmel-mci: Add missing clk_disable_unprepare() (git-fixes).\n- mmc: dw_mmc: add a quirk for accessing 64-bit FIFOs in two halves (stable-fixes).\n- mmc: omap: Fix memory leak in mmc_omap_new_slot (git-fixes).\n- mmc: renesas_sdhi: Fix error handling in renesas_sdhi_probe (git-fixes).\n- mmc: sdhci-brcmstb: add cqhci suspend/resume to PM ops (git-fixes).\n- mmc: sdhci-omap: Disable MMC_CAP_AGGRESSIVE_PM for eMMC/SD (git-fixes).\n- mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (stable-fixes).\n- mptcp: mptcp_parse_option() fix for MPTCPOPT_MP_JOIN (git-fixes).\n- mptcp: refine opt_mp_capable determination (git-fixes).\n- mptcp: relax check on MPC passive fallback (git-fixes).\n- mptcp: strict validation before using mp_opt-\u003ehmac (git-fixes).\n- mptcp: use OPTION_MPTCP_MPJ_SYN in subflow_check_req() (git-fixes).\n- mtd: Add check for devm_kcalloc() (git-fixes).\n- mtd: Replace kcalloc() with devm_kcalloc() (git-fixes).\n- mtd: inftlcore: Add error check for inftl_read_oob() (git-fixes).\n- mtd: nand: Fix a kdoc comment (git-fixes).\n- mtd: phram: Add the kernel lock down check (bsc#1232649).\n- mtd: rawnand: Add status chack in r852_ready() (git-fixes).\n- mtd: rawnand: brcmnand: fix PM resume warning (git-fixes).\n- ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (bsc#1239994).\n- ndisc: use RCU protection in ndisc_alloc_skb() (bsc#1239994).\n- neighbour: delete redundant judgment statements (git-fixes).\n- net l2tp: drop flow hash on forward (git-fixes).\n- net/handshake: Fix handshake_req_destroy_test1 (git-fixes).\n- net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() (git-fixes).\n- net/ipv6: Fix route deleting failure when metric equals 0 (git-fixes).\n- net/ipv6: Fix the RT cache flush via sysctl using a previous delay (git-fixes).\n- net/ipv6: delete temporary address if mngtmpaddr is removed or unmanaged (git-fixes).\n- net/mlx5: E-Switch, Initialize MAC Address for Default GID (git-fixes).\n- net/mlx5: E-switch, Fix error handling for enabling roce (git-fixes).\n- net/mlx5: Fill out devlink dev info only for PFs (git-fixes).\n- net/mlx5: IRQ, Fix null string in debug print (git-fixes).\n- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (git-fixes).\n- net/mlx5: Start health poll after enable hca (git-fixes).\n- net/mlx5e: Disable MACsec offload for uplink representor profile (git-fixes).\n- net/mlx5e: Fix ethtool -N flow-type ip4 to RSS context (git-fixes).\n- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (git-fixes).\n- net/mlx5e: SHAMPO, Make reserved size independent of page size (git-fixes).\n- net/sched: act_api: deny mismatched skip_sw/skip_hw flags for actions created by classifiers (git-fixes).\n- net/sched: act_api: rely on rcu in tcf_idr_check_alloc (git-fixes).\n- net/sched: adjust device watchdog timer to detect stopped queue at right time (git-fixes).\n- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (git-fixes).\n- net/sched: cls_u32: replace int refcounts with proper refcounts (git-fixes).\n- net/sched: flower: Add lock protection when remove filter handle (git-fixes).\n- net/sched: taprio: make q-\u003epicos_per_byte available to fill_sched_entry() (git-fixes).\n- net/sched: tbf: correct backlog statistic for GSO packets (git-fixes).\n- net/tcp: refactor tcp_inet6_sk() (git-fixes).\n- net: Add non-RCU dev_getbyhwaddr() helper (git-fixes).\n- net: Clear old fragment checksum value in napi_reuse_skb (git-fixes).\n- net: Fix undefined behavior in netdev name allocation (bsc#1233749).\n- net: Handle napi_schedule() calls from non-interrupt (git-fixes).\n- net: Implement missing SO_TIMESTAMPING_NEW cmsg support (git-fixes).\n- net: Remove acked SYN flag from packet in the transmit queue correctly (git-fixes).\n- net: add dev_net_rcu() helper (bsc#1239994).\n- net: annotate data-races around sk-\u003esk_dst_pending_confirm (git-fixes).\n- net: annotate data-races around sk-\u003esk_tx_queue_mapping (git-fixes).\n- net: avoid UAF on deleted altname (bsc#1233749).\n- net: blackhole_dev: fix build warning for ethh set but not used (git-fixes).\n- net: check for altname conflicts when changing netdev\u0027s netns (bsc#1233749).\n- net: constify sk_dst_get() and __sk_dst_get() argument (git-fixes).\n- net: core: Use the bitmap API to allocate bitmaps (bsc#1233749).\n- net: do not dump stack on queue timeout (git-fixes).\n- net: do not send a MOVE event when netdev changes netns (bsc#1233749).\n- net: do not use input buffer of __dev_alloc_name() as a scratch space (bsc#1233749).\n- net: ethtool: Do not call .cleanup_data when prepare_data fails (git-fixes).\n- net: ethtool: Fix RSS setting (git-fixes).\n- net: fix ifname in netlink ntf during netns move (bsc#1233749).\n- net: fix removing a namespace with conflicting altnames (bsc#1233749).\n- net: free altname using an RCU callback (bsc#1233749).\n- net: gro: parse ipv6 ext headers without frag0 invalidation (git-fixes).\n- net: ipv6: fix UDPv6 GSO segmentation with NAT (git-fixes).\n- net: ipv6: fix dst ref loop in ila lwtunnel (git-fixes).\n- net: ipv6: fix dst ref loop on input in rpl lwt (git-fixes).\n- net: ipv6: fix dst ref loop on input in seg6 lwt (git-fixes).\n- net: ipv6: fix dst refleaks in rpl, seg6 and ioam6 lwtunnels (git-fixes).\n- net: ipv6: fix missing dst ref drop in ila lwtunnel (git-fixes).\n- net: ipv6: fix wrong start position when receive hop-by-hop fragment (git-fixes).\n- net: ipv6: ioam6: code alignment (git-fixes).\n- net: ipv6: ioam6: fix lwtunnel_output() loop (git-fixes).\n- net: ipv6: ioam6: new feature tunsrc (git-fixes).\n- net: ipv6: ioam6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: rpl_iptunnel: Fix memory leak in rpl_input (git-fixes).\n- net: ipv6: rpl_iptunnel: block BH in rpl_output() and rpl_input() (git-fixes).\n- net: ipv6: rpl_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: seg6_iptunnel: mitigate 2-realloc issue (git-fixes).\n- net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL (git-fixes).\n- net: ipv6: support reporting otherwise unknown prefix flags in RTM_NEWPREFIX (git-fixes).\n- net: loopback: Avoid sending IP packets without an Ethernet header (git-fixes).\n- net: make dev_alloc_name() call dev_prep_valid_name() (bsc#1233749).\n- net: mana: Add flex array to struct mana_cfg_rx_steer_req_v2 (bsc#1239016).\n- net: mana: Allow variable size indirection table (bsc#1239016).\n- net: mana: Assigning IRQ affinity on HT cores (bsc#1239015).\n- net: mana: Avoid open coded arithmetic (bsc#1239016).\n- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Fix memory leak in mana_gd_setup_irqs (bsc#1239015).\n- net: mana: Support holes in device list reply msg (git-fixes).\n- net: mana: Switch to page pool for jumbo frames (git-fixes).\n- net: mana: add a function to spread IRQs per CPUs (bsc#1239015).\n- net: mana: cleanup mana struct after debugfs_remove() (git-fixes).\n- net: mark racy access on sk-\u003esk_rcvbuf (git-fixes).\n- net: move altnames together with the netdevice (bsc#1233749).\n- net: phy: leds: fix memory leak (git-fixes).\n- net: phy: microchip: force IRQ polling mode for lan88xx (git-fixes).\n- net: qede: Initialize qede_ll_ops with designated initializer (git-fixes).\n- net: reduce indentation of __dev_alloc_name() (bsc#1233749).\n- net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets (git-fixes).\n- net: remove dev_valid_name() check from __dev_alloc_name() (bsc#1233749).\n- net: remove else after return in dev_prep_valid_name() (bsc#1233749).\n- net: sctp: fix skb leak in sctp_inq_free() (git-fixes).\n- net: set SOCK_RCU_FREE before inserting socket into hashtable (git-fixes).\n- net: set the minimum for net_hotdata.netdev_budget_usecs (git-fixes).\n- net: skip offload for NETIF_F_IPV6_CSUM if ipv6 header contains extension (git-fixes).\n- net: trust the bitmap in __dev_alloc_name() (bsc#1233749).\n- net: usb: asix_devices: add FiberGecko DeviceID (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FE990B composition (stable-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion FN990B composition (stable-fixes).\n- net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480).\n- net: use unrcu_pointer() helper (git-fixes).\n- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (stable-fixes).\n- net_sched: Prevent creation of classes with TC_H_ROOT (git-fixes).\n- net_sched: drr: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: ets: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (git-fixes).\n- net_sched: qfq: Fix double list add in class with netem as child qdisc (git-fixes).\n- net_sched: sch_sfq: annotate data-races around q-\u003eperturb_period (git-fixes).\n- net_sched: sch_sfq: handle bigger packets (git-fixes).\n- netdev-genl: avoid empty messages in queue dump (git-fixes).\n- netdev: fix repeated netlink messages in queue dump (git-fixes).\n- netlink: annotate data-races around sk-\u003esk_err (git-fixes).\n- netpoll: Ensure clean state on setup failures (git-fixes).\n- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (git-fixes).\n- nfs: add missing selections of CONFIG_CRC32 (git-fixes).\n- nfs: clear SB_RDONLY before getting superblock (bsc#1238565).\n- nfs: handle failure of nfs_get_lock_context in unlock path (git-fixes).\n- nfs: ignore SB_RDONLY when remounting nfs (bsc#1238565).\n- nfsd: add list_head nf_gc to struct nfsd_file (git-fixes).\n- nfsd: clear acl_access/acl_default after releasing them (git-fixes).\n- nfsd: decrease sc_count directly if fail to queue dl_recall (git-fixes).\n- nfsd: put dl_stid if fail to queue dl_recall (git-fixes).\n- nilfs2: add pointer check for nilfs_direct_propagate() (git-fixes).\n- nilfs2: do not propagate ENOENT error from nilfs_btree_propagate() (git-fixes).\n- ntb: Force physically contiguous allocation of rx ring buffers (git-fixes).\n- ntb: intel: Fix using link status DB\u0027s (git-fixes).\n- ntb: reduce stack usage in idt_scan_mws (stable-fixes).\n- ntb: use 64-bit arithmetic for the MSI doorbell mask (git-fixes).\n- ntb_hw_amd: Add NTB PCI ID for new gen CPU (stable-fixes).\n- ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (git-fixes).\n- ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (git-fixes).\n- ntb_perf: Fix printk format (git-fixes).\n- nvme-fc: do not ignore connectivity loss during connecting (git-fixes bsc#1222649).\n- nvme-fc: go straight to connecting state when initializing (git-fixes bsc#1222649).\n- nvme-fc: rely on state transitions to handle connectivity loss (git-fixes bsc#1222649).\n- nvme-fc: use ctrl state getter (git-fixes).\n- nvme-ioctl: fix leaked requests on mapping error (git-fixes).\n- nvme-pci: Add TUXEDO IBP Gen9 to Samsung sleep quirk (git-fixes).\n- nvme-pci: Add TUXEDO InfinityFlex to Samsung sleep quirk (git-fixes).\n- nvme-pci: acquire cq_poll_lock in nvme_poll_irqdisable (git-fixes bsc#1223096).\n- nvme-pci: add quirk for Samsung PM173x/PM173xa disk (bsc#1241148).\n- nvme-pci: clean up CMBMSC when registering CMB fails (git-fixes).\n- nvme-pci: fix queue unquiesce check on slot_reset (git-fixes).\n- nvme-pci: fix stuck reset on concurrent DPC and HP (git-fixes).\n- nvme-pci: make nvme_pci_npages_prp() __always_inline (git-fixes).\n- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (git-fixes).\n- nvme-pci: remove stale comment (git-fixes).\n- nvme-pci: skip CMB blocks incompatible with PCI P2P DMA (git-fixes).\n- nvme-pci: skip nvme_write_sq_db on empty rqlist (git-fixes).\n- nvme-tcp: Fix a C2HTermReq error message (git-fixes).\n- nvme-tcp: add basic support for the C2HTermReq PDU (git-fixes).\n- nvme-tcp: fix connect failure on receiving partial ICResp PDU (git-fixes).\n- nvme-tcp: fix possible UAF in nvme_tcp_poll (git-fixes).\n- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (git-fixes).\n- nvme-tcp: fix premature queue removal and I/O failover (git-fixes).\n- nvme-tcp: fix signedness bug in nvme_tcp_init_connection() (git-fixes).\n- nvme-tcp: select CONFIG_TLS from CONFIG_NVME_TCP_TLS (git-fixes).\n- nvme/ioctl: add missing space in err message (git-fixes).\n- nvme/ioctl: do not warn on vectorized uring_cmd with fixed buffer (git-fixes).\n- nvme: Add \u0027partial_nid\u0027 quirk (bsc#1241148).\n- nvme: Add warning when a partiually unique NID is detected (bsc#1241148).\n- nvme: fixup scan failure for non-ANA multipath controllers (git-fixes).\n- nvme: handle connectivity loss in nvme_set_queue_count (git-fixes).\n- nvme: introduce nvme_disk_is_ns_head helper (git-fixes).\n- nvme: make nvme_tls_attrs_group static (git-fixes).\n- nvme: move error logging from nvme_end_req() to __nvme_end_req() (git-fixes).\n- nvme: move passthrough logging attribute to head (git-fixes).\n- nvme: multipath: fix return value of nvme_available_path (git-fixes).\n- nvme: only allow entering LIVE from CONNECTING state (git-fixes bsc#1222649).\n- nvme: re-read ANA log page after ns scan completes (git-fixes).\n- nvme: requeue namespace scan on missed AENs (git-fixes).\n- nvme: tcp: Fix compilation warning with W=1 (git-fixes).\n- nvme: unblock ctrl state transition for firmware update (git-fixes).\n- nvmet-fc: Remove unused functions (git-fixes).\n- nvmet-fc: inline nvmet_fc_delete_assoc (git-fixes).\n- nvmet-fc: inline nvmet_fc_free_hostport (git-fixes).\n- nvmet-fc: put ref when assoc-\u003edel_work is already scheduled (git-fixes).\n- nvmet-fc: take tgtport reference only once (git-fixes).\n- nvmet-fc: update tgtport ref per assoc (git-fixes).\n- nvmet-fcloop: Remove remote port from list when unlinking (git-fixes).\n- nvmet-fcloop: add ref counting to lport (git-fixes).\n- nvmet-fcloop: replace kref with refcount (git-fixes).\n- nvmet-fcloop: swap list_add_tail arguments (git-fixes).\n- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (git-fixes).\n- nvmet-tcp: Fix a possible sporadic response drops in weakly ordered arch (git-fixes).\n- nvmet-tcp: select CONFIG_TLS from CONFIG_NVME_TARGET_TCP_TLS (git-fixes).\n- nvmet: Fix crash when a namespace is disabled (git-fixes).\n- nvmet: remove old function prototype (git-fixes).\n- objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (git-fixes).\n- objtool, panic: Disable SMAP in __stack_chk_fail() (bsc#1243963).\n- objtool, spi: amd: Fix out-of-bounds stack access in amd_set_spi_freq() (git-fixes).\n- objtool: Fix segfault in ignore_unreachable_insn() (git-fixes).\n- ocfs2: check dir i_size in ocfs2_find_entry (git-fixes).\n- ocfs2: fix deadlock in ocfs2_get_system_file_inode (git-fixes).\n- ocfs2: fix the issue with discontiguous allocation in the global_bitmap (git-fixes).\n- ocfs2: handle a symlink read error correctly (git-fixes).\n- ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (git-fixes).\n- ocfs2: update seq_file index in ocfs2_dlm_seq_next (git-fixes).\n- octeontx2-pf: qos: fix VF root node parent queue index (git-fixes).\n- orangefs: fix a oob in orangefs_debug_write (git-fixes).\n- packaging: Patch Makefile to pre-select gcc version (jsc#PED-12251). \n- packaging: Turn gcc version into config.sh variable Fixes: 51dacec21eb1 (\u0027Use gcc-13 for build on SLE16 (jsc#PED-10028).\u0027)\n- padata: do not leak refcount in reorder_work (git-fixes).\n- padata: fix sysfs store callback check (git-fixes).\n- partitions: mac: fix handling of bogus partition table (git-fixes).\n- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (bsc#1234698 jsc#PED-12309).\n- perf pmu: Remove use of perf_cpu_map__read() (bsc#1234698 jsc#PED-12309).\n- perf tools: annotate asm_pure_loop.S (bsc#1239906).\n- perf: Increase MAX_NR_CPUS to 4096 (bsc#1234698 jsc#PED-12309).\n- perf: arm_cspmu: nvidia: enable NVLINK-C2C port filtering (bsc#1242172)\n- perf: arm_cspmu: nvidia: fix sysfs path in the kernel doc (bsc#1242172)\n- perf: arm_cspmu: nvidia: monitor all ports by default (bsc#1242172)\n- perf: arm_cspmu: nvidia: remove unsupported SCF events (bsc#1242172)\n- phy: Fix error handling in tegra_xusb_port_init (git-fixes).\n- phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (git-fixes).\n- phy: freescale: imx8m-pcie: assert phy reset and perst in power off (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Fix role detection on unbind/bind (git-fixes).\n- phy: renesas: rcar-gen3-usb2: Set timing registers only once (git-fixes).\n- phy: rockchip: naneng-combphy: compatible reset with old DT (git-fixes).\n- phy: tegra: xusb: Use a bitmask for UTMI pad power state tracking (git-fixes).\n- phy: tegra: xusb: remove a stray unlock (git-fixes).\n- phy: tegra: xusb: reset VBUS \u0026 ID OVERRIDE (git-fixes).\n- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (git-fixes).\n- pinctrl: intel: Fix wrong bypass assignment in intel_pinctrl_probe_pwm() (git-fixes).\n- pinctrl: qcom: Clear latched interrupt status when changing IRQ type (git-fixes).\n- pinctrl: renesas: rza2: Fix missing of_node_put() call (git-fixes).\n- pinctrl: renesas: rza2: Fix potential NULL pointer dereference (stable-fixes).\n- pinctrl: renesas: rzv2m: Fix missing of_node_put() call (git-fixes).\n- pinctrl: tegra: Set SFIO mode to Mux Register (git-fixes).\n- platform/x86/amd/pmc: Declare quirk_spurious_8042 for MECHREVO Wujie 14XA (GX4HRXL) (git-fixes).\n- platform/x86/amd: pmc: Require at least 2.5 seconds between HW sleep cycles (stable-fixes).\n- platform/x86/intel-uncore-freq: Fix missing uncore sysfs during CPU hotplug (git-fixes).\n- platform/x86/intel/vsec: Add Diamond Rapids support (stable-fixes).\n- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (stable-fixes).\n- platform/x86: ISST: Correct command storage data length (git-fixes).\n- platform/x86: asus-wmi: Fix wlan_ctrl_by_user detection (git-fixes).\n- platform/x86: dell-ddv: Fix temperature calculation (git-fixes).\n- platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() (git-fixes).\n- platform/x86: intel-hid: fix volume buttons on Microsoft Surface Go 4 tablet (stable-fixes).\n- platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (stable-fixes).\n- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (stable-fixes).\n- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (stable-fixes).\n- pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes).\n- pnfs/flexfiles: retry getting layout segment for reads (git-fixes).\n- power: supply: max77693: Fix wrong conversion of charge input threshold value (git-fixes).\n- powercap: dtpm_devfreq: Fix error check against dev_pm_qos_add_request() (git-fixes).\n- powercap: intel_rapl: Fix locking in TPMI RAPL (git-fixes).\n- powercap: intel_rapl: Introduce APIs for PMU support (bsc#1241010).\n- powercap: intel_rapl_tpmi: Enable PMU support (bsc#1241010).\n- powercap: intel_rapl_tpmi: Fix System Domain probing (git-fixes).\n- powercap: intel_rapl_tpmi: Fix bogus register reading (git-fixes).\n- powercap: intel_rapl_tpmi: Ignore minor version change (git-fixes).\n- powerpc/boot: Check for ld-option support (bsc#1215199).\n- powerpc/boot: Fix dash warning (bsc#1215199).\n- powerpc/pseries/eeh: Fix pseries_eeh_err_inject (bsc#1239573).\n- powerpc/pseries/eeh: move pseries_eeh_err_inject() outside CONFIG_DEBUG_FS block (bsc#1239573).\n- powerpc/pseries/iommu: create DDW for devices with DMA mask less than 64-bits (bsc#1239691 bsc#1243044 ltc#212555).\n- powerpc/pseries/iommu: memory notifier incorrectly adds TCEs for pmemory (bsc#1239167 ltc#211055).\n- powerpc: Do not use --- in kernel logs (git-fixes).\n- powerpc: Stop using no_llseek (bsc#1239573).\n- printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (bsc#1237950).\n- pwm: fsl-ftm: Handle clk_get_rate() returning 0 (git-fixes).\n- pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (git-fixes).\n- pwm: rcar: Improve register calculation (git-fixes).\n- qibfs: fix _another_ leak (git-fixes)\n- rapidio: add check for rio_add_net() in rio_scan_alloc_net() (git-fixes).\n- rapidio: fix an API misues when rio_add_net() fails (git-fixes).\n- rcu/tasks-trace: Handle new PF_IDLE semantics (git-fixes)\n- rcu/tasks: Handle new PF_IDLE semantics (git-fixes)\n- rcu: Break rcu_node_0 --\u003e \u0026rq-\u003e__lock order (git-fixes)\n- rcu: Introduce rcu_cpu_online() (git-fixes)\n- regulator: check that dummy regulator has been probed before using it (stable-fixes).\n- regulator: core: Fix deadlock in create_regulator() (git-fixes).\n- regulator: dummy: force synchronous probing (git-fixes).\n- regulator: max20086: fix invalid memory access (git-fixes).\n- rndis_host: Flag RNDIS modems as WWAN devices (git-fixes).\n- rpm/check-for-config-changes: Add GCC_ASM_FLAG_OUTPUT_BROKEN\n- rpm/kernel-binary.spec.in: Also order against update-bootloader (boo#1228659, boo#1240785, boo#1241038).\n- rpm/kernel-binary.spec.in: Fix missing 20-kernel-default-extra.conf (bsc#1239986). \n- rpm/kernel-docs.spec.in: Workaround for reproducible builds (bsc#1238303)\n- rpm/package-descriptions: Add rt and rt_debug descriptions\n- rpm/release-projects: Update the ALP projects again (bsc#1231293).\n- rpm/split-modules: Fix optional splitting with usrmerge (bsc#1238570)\n- rtc: pcf85063: do a SW reset if POR failed (stable-fixes).\n- rtnetlink: Allocate vfinfo size for VF GUIDs when supported (bsc#1224013).\n- s390/bpf: Store backchain even for leaf progs (git-fixes bsc#1243805).\n- s390/cio: Fix CHPID \u0027configure\u0027 attribute caching (git-fixes bsc#1240979).\n- s390/pci: Fix handling of isolated VFs (git-fixes bsc#1238368).\n- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (git-fixes bsc#1240978).\n- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (git-fixes bsc#1238368).\n- s390/stackleak: Use exrl instead of ex in __stackleak_poison() (git-fixes bsc#1239594).\n- s390/traps: Fix test_monitor_call() inline assembly (git-fixes bsc#1239595).\n- sched/membarrier: Fix redundant load of membarrier_state (bsc#1232743).\n- sched/topology: Add a new arch_scale_freq_ref() method (bsc#1238052)\n- scsi: Improve CDL control (git-fixes).\n- scsi: core: Clear driver private data when retrying request (git-fixes).\n- scsi: core: Clear flags for scsi_cmnd that did not complete (git-fixes).\n- scsi: core: Do not retry I/Os during depopulation (git-fixes).\n- scsi: core: Handle depopulation and restoration in progress (git-fixes).\n- scsi: core: Use GFP_NOIO to avoid circular locking dependency (git-fixes).\n- scsi: hisi_sas: Allocate DFX memory during dump trigger (git-fixes).\n- scsi: hisi_sas: Directly call register snapshot instead of using workqueue (git-fixes).\n- scsi: hisi_sas: Enable all PHYs that are not disabled by user during controller reset (git-fixes).\n- scsi: hisi_sas: Enable force phy when SATA disk directly connected (git-fixes).\n- scsi: hisi_sas: Fix I/O errors caused by hardware port ID changes (git-fixes).\n- scsi: hisi_sas: Fix a deadlock issue related to automatic dump (git-fixes).\n- scsi: hisi_sas: Remove redundant checks for automatic debugfs dump (git-fixes).\n- scsi: iscsi: Fix missing scsi_host_put() in error path (git-fixes).\n- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (git-fixes).\n- scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1242993).\n- scsi: lpfc: Convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: lpfc: Copyright updates for 14.4.0.8 patches (bsc#1238347).\n- scsi: lpfc: Copyright updates for 14.4.0.9 patches (bsc#1242993).\n- scsi: lpfc: Create lpfc_vmid_info sysfs entry (bsc#1242993).\n- scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (bsc#1242993).\n- scsi: lpfc: Fix spelling mistake \u0027Toplogy\u0027 -\u003e \u0027Topology\u0027 (bsc#1242993).\n- scsi: lpfc: Free phba irq in lpfc_sli4_enable_msi() when pci_irq_vector() fails (bsc#1238347).\n- scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (bsc#1238347).\n- scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (bsc#1238347).\n- scsi: lpfc: Notify FC transport of rport disappearance during PCI fcn reset (bsc#1242993).\n- scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (bsc#1242993).\n- scsi: lpfc: Reduce log message generation during ELS ring clean up (bsc#1238347).\n- scsi: lpfc: Restart eratt_poll timer if HBA_SETUP flag still unset (bsc#1242993).\n- scsi: lpfc: Restore clearing of NLP_UNREG_INP in ndlp-\u003enlp_flag (git-fixes).\n- scsi: lpfc: Update lpfc version to 14.4.0.8 (bsc#1238347).\n- scsi: lpfc: Update lpfc version to 14.4.0.9 (bsc#1242993).\n- scsi: lpfc: Use memcpy() for BIOS version (bsc#1240966).\n- scsi: lpfc: convert timeouts to secs_to_jiffies() (bsc#1242993).\n- scsi: megaraid_sas: Block zero-length ATA VPD inquiry (git-fixes).\n- scsi: megaraid_sas: Fix for a potential deadlock (git-fixes).\n- scsi: mpi3mr: Fix locking in an error path (git-fixes).\n- scsi: mpi3mr: Fix possible crash when setting up bsg fails (git-fixes).\n- scsi: mpi3mr: Start controller indexing from 0 (git-fixes).\n- scsi: mpi3mr: Use ida to manage mrioc ID (git-fixes).\n- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (jsc#PED-11253).\n- scsi: mpt3sas: Fix a locking bug in an error path (git-fixes).\n- scsi: mpt3sas: Reduce log level of ignore_delay_remove message to KERN_INFO (git-fixes).\n- scsi: myrb: Remove dead code (git-fixes).\n- scsi: pm80xx: Set phy_attached to zero when device is gone (git-fixes).\n- scsi: qedi: Fix potential deadlock on \u0026qedi_percpu-\u003ep_work_lock (git-fixes).\n- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (git-fixes).\n- scsi: qla2xxx: Fix typos in a comment (bsc#1243090).\n- scsi: qla2xxx: Mark device strings as nonstring (bsc#1243090).\n- scsi: qla2xxx: Remove duplicate struct crb_addr_pair (bsc#1243090).\n- scsi: qla2xxx: Remove unused module parameters (bsc#1243090).\n- scsi: qla2xxx: Remove unused ql_log_qp (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla2x00_gpsc() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_pci_region_offset() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qla82xx_wait_for_state_change() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_83xx_iospace_config() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_fc_port_deleted() (bsc#1243090).\n- scsi: qla2xxx: Remove unused qlt_free_qfull_cmds() (bsc#1243090).\n- scsi: scsi_debug: Fix hrtimer support for ndelay (git-fixes).\n- scsi: scsi_debug: Remove a reference to in_use_bm (git-fixes).\n- scsi: sg: Enable runtime power management (git-fixes).\n- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (git-fixes).\n- scsi: st: Do not modify unknown block number in MTIOCGET (git-fixes).\n- sctp: Fix undefined behavior in left shift operation (git-fixes).\n- sctp: add mutual exclusion in proc_sctp_do_udp_port() (git-fixes).\n- sctp: detect and prevent references to a freed transport in sendmsg (git-fixes).\n- sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start (git-fixes).\n- sctp: fix association labeling in the duplicate COOKIE-ECHO case (git-fixes).\n- sctp: fix busy polling (git-fixes).\n- sctp: prefer struct_size over open coded arithmetic (git-fixes).\n- sctp: support MSG_ERRQUEUE flag in recvmsg() (git-fixes).\n- security, lsm: Introduce security_mptcp_add_subflow() (bsc#1240375).\n- selftests/bpf: Add a few tests to cover (git-fixes).\n- selftests/bpf: Add test for narrow ctx load for pointer args (git-fixes).\n- selftests/bpf: Fix flaky selftest lwt_redirect/lwt_reroute (git-fixes).\n- selftests/bpf: Fix flaky test btf_map_in_map/lookup_update (git-fixes).\n- selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh (git-fixes).\n- selftests/bpf: add fp-leaking precise subprog result tests (git-fixes).\n- selftests/bpf: extend changes_pkt_data with cases w/o subprograms (bsc#1241590).\n- selftests/bpf: freplace tests for tracking of changes_packet_data (bsc#1241590).\n- selftests/bpf: test for changing packet data from global functions (bsc#1241590).\n- selftests/bpf: validate that tail call invalidates packet pointers (bsc#1241590).\n- selftests/futex: futex_waitv wouldblock test should fail (git-fixes).\n- selftests/mm/cow: fix the incorrect error handling (git-fixes).\n- selftests/mm: fix incorrect buffer-\u003emirror size in hmm2 double_map test (bsc#1242203).\n- selftests/mm: generate a temporary mountpoint for cgroup filesystem (git-fixes).\n- selftests/x86/syscall: Fix coccinelle WARNING recommending the use of ARRAY_SIZE() (git-fixes).\n- selftests: mptcp: close fd_in before returning in main_loop (git-fixes).\n- selftests: mptcp: fix incorrect fd checks in main_loop (git-fixes).\n- selinux: Implement mptcp_add_subflow hook (bsc#1240375).\n- seq_file: add helper macro to define attribute for rw file (jsc#PED-12416).\n- serial: 8250_dma: terminate correct DMA in tx_dma_flush() (git-fixes).\n- serial: msm: Configure correct working mode before starting earlycon (git-fixes).\n- serial: sifive: lock port in startup()/shutdown() callbacks (git-fixes).\n- series.conf: temporarily disable patches.suse/md-md-bitmap-fix-writing-non-bitmap-pages-ab99.patch (bsc#1238212)\n- slimbus: messaging: Free transaction ID in delayed interrupt scenario (git-fixes).\n- smb3: fix creating FIFOs when mounting with \u0027sfu\u0027 mount option (git-fixes).\n- smb3: request handle caching when caching directories (bsc#1231432).\n- smb3: retrying on failed server close (bsc#1231432).\n- smb: cached directories can be more than root file handle (bsc#1231432).\n- smb: cilent: set reparse mount points as automounts (git-fixes).\n- smb: client: Fix a NULL vs IS_ERR() check in wsl_set_xattrs() (git-fixes).\n- smb: client: Fix minor whitespace errors and warnings (git-fixes).\n- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (git-fixes).\n- smb: client: add support for WSL reparse points (git-fixes).\n- smb: client: allow creating special files via reparse points (git-fixes).\n- smb: client: allow creating symlinks via reparse points (git-fixes).\n- smb: client: cleanup smb2_query_reparse_point() (git-fixes).\n- smb: client: destroy cfid_put_wq on module exit (git-fixes).\n- smb: client: do not query reparse points twice on symlinks (git-fixes).\n- smb: client: extend smb2_compound_op() to accept more commands (bsc#1231432).\n- smb: client: fix OOB in SMB2_query_info_init() (bsc#1231432).\n- smb: client: fix OOB in smb2_query_reparse_point() (git-fixes).\n- smb: client: fix double put of @cfile in smb2_rename_path() (git-fixes).\n- smb: client: fix double put of @cfile in smb2_set_path_size() (git-fixes).\n- smb: client: fix folio leaks and perf improvements (bsc#1239997, bsc1241265).\n- smb: client: fix hardlinking of reparse points (git-fixes).\n- smb: client: fix missing mode bits for SMB symlinks (git-fixes).\n- smb: client: fix open_cached_dir retries with \u0027hard\u0027 mount option (bsc#1240616).\n- smb: client: fix possible double free in smb2_set_ea() (git-fixes).\n- smb: client: fix potential broken compound request (git-fixes).\n- smb: client: fix renaming of reparse points (git-fixes).\n- smb: client: get rid of smb311_posix_query_path_info() (git-fixes).\n- smb: client: handle STATUS_IO_REPARSE_TAG_NOT_HANDLED (git-fixes).\n- smb: client: handle lack of FSCTL_GET_REPARSE_POINT support (git-fixes).\n- smb: client: handle path separator of created SMB symlinks (git-fixes).\n- smb: client: handle special files and symlinks in SMB3 POSIX (git-fixes).\n- smb: client: ignore unhandled reparse tags (git-fixes).\n- smb: client: implement -\u003equery_reparse_point() for SMB1 (git-fixes).\n- smb: client: instantiate when creating SFU files (git-fixes).\n- smb: client: introduce -\u003eparse_reparse_point() (git-fixes).\n- smb: client: introduce SMB2_OP_QUERY_WSL_EA (git-fixes).\n- smb: client: introduce cifs_sfu_make_node() (git-fixes).\n- smb: client: introduce reparse mount option (git-fixes).\n- smb: client: make smb2_compound_op() return resp buffer on success (bsc#1231432).\n- smb: client: move most of reparse point handling code to common file (git-fixes).\n- smb: client: move some params to cifs_open_info_data (bsc#1231432).\n- smb: client: optimise reparse point querying (git-fixes).\n- smb: client: parse owner/group when creating reparse points (git-fixes).\n- smb: client: parse reparse point flag in create response (bsc#1231432).\n- smb: client: parse uid, gid, mode and dev from WSL reparse points (git-fixes).\n- smb: client: properly close cfids on umount (bsc#1231432, bsc#1232299, bsc#1235599, bsc#1234896).\n- smb: client: reduce number of parameters in smb2_compound_op() (git-fixes).\n- smb: client: reduce stack usage in smb2_query_info_compound() (bsc#1231432).\n- smb: client: reduce stack usage in smb2_query_reparse_point() (git-fixes).\n- smb: client: reduce stack usage in smb2_set_ea() (bsc#1231432).\n- smb: client: retry compound request without reusing lease (git-fixes).\n- smb: client: return reparse type in /proc/mounts (git-fixes).\n- smb: client: reuse file lease key in compound operations (git-fixes).\n- smb: client: set correct d_type for reparse DFS/DFSR and mount point (git-fixes).\n- smb: client: set correct file type from NFS reparse points (git-fixes).\n- smb: client: stop revalidating reparse points unnecessarily (git-fixes).\n- smb: use kernel_connect() and kernel_bind() (git-fixes).\n- soc/mediatek: mtk-devapc: Convert to platform remove callback returning void (stable-fixes).\n- soc: imx8m: Remove global soc_uid (stable-fixes).\n- soc: imx8m: Unregister cpufreq and soc dev in cleanup path (git-fixes).\n- soc: imx8m: Use devm_* to simplify probe failure handling (stable-fixes).\n- soc: loongson: loongson2_guts: Add check for devm_kstrdup() (git-fixes).\n- soc: mediatek: mt8167-mmsys: Fix missing regval in all entries (git-fixes).\n- soc: mediatek: mt8365-mmsys: Fix routing table masks and values (git-fixes).\n- soc: mediatek: mtk-devapc: Fix leaking IO map on driver remove (git-fixes).\n- soc: qcom: pdr: Fix the potential deadlock (git-fixes).\n- soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() (git-fixes).\n- sound/virtio: Fix cancel_sync warnings on uninitialized work_structs (stable-fixes).\n- soundwire: slave: fix an OF node reference leak in soundwire slave device (git-fixes).\n- spi: cadence-qspi: Fix probe on AM62A LP SK (git-fixes).\n- spi: loopback-test: Do not split 1024-byte hexdumps (git-fixes).\n- spi: microchip-core: Clean up redundant dev_err_probe() (git-fixes).\n- spi: microchip-core: Use helper function devm_clk_get_enabled() (git-fixes).\n- spi: spi-fsl-dspi: Halt the module after a new message transfer (git-fixes).\n- spi: spi-fsl-dspi: Reset SR flags before sending a new message (git-fixes).\n- spi: spi-fsl-dspi: restrict register range for regmap access (git-fixes).\n- spi: tegra114: Do not fail set_cs_timing when delays are zero (git-fixes).\n- spi: tegra114: Use value to check for invalid delays (git-fixes).\n- spi: tegra210-quad: add rate limiting and simplify timeout error message (stable-fixes).\n- spi: tegra210-quad: use WARN_ON_ONCE instead of WARN_ON for timeouts (stable-fixes).\n- splice: do not checksum AF_UNIX sockets (bsc#1240333).\n- splice: remove duplicate noinline from pipe_clear_nowait (bsc#1242328).\n- staging: axis-fifo: Correct handling of tx_fifo_depth for size validation (git-fixes).\n- staging: axis-fifo: Remove hardware resets for user errors (git-fixes).\n- staging: iio: adc: ad7816: Correct conditional logic for store mode (git-fixes).\n- staging: rtl8723bs: select CONFIG_CRYPTO_LIB_AES (git-fixes).\n- string: Add load_unaligned_zeropad() code path to sized_strscpy() (git-fixes).\n- sunrpc: suppress warnings for unused procfs functions (git-fixes).\n- supported.conf: add now-included qat_420xx (external, intel)\n- tcp: Add memory barrier to tcp_push() (git-fixes).\n- tcp: Adjust clamping window for applications specifying SO_RCVBUF (git-fixes).\n- tcp: Annotate data-race around sk-\u003esk_mark in tcp_v4_send_reset (git-fixes).\n- tcp: Defer ts_recent changes until req is owned (git-fixes).\n- tcp: Do not drop SYN+ACK for simultaneous connect() (git-fixes).\n- tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() (git-fixes).\n- tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses (git-fixes).\n- tcp: Update window clamping condition (git-fixes).\n- tcp: add tcp_done_with_error() helper (git-fixes).\n- tcp: adjust rcvq_space after updating scaling ratio (git-fixes).\n- tcp: annotate data-races around tp-\u003ewindow_clamp (git-fixes).\n- tcp: avoid premature drops in tcp_add_backlog() (git-fixes).\n- tcp: avoid reusing FIN_WAIT2 when trying to find port in connect() process (git-fixes).\n- tcp: check mptcp-level constraints for backlog coalescing (git-fixes).\n- tcp: check space before adding MPTCP SYN options (git-fixes).\n- tcp: clear tp-\u003eretrans_stamp in tcp_rcv_fastopen_synack() (git-fixes).\n- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (git-fixes).\n- tcp: define initial scaling factor value as a macro (git-fixes).\n- tcp: derive delack_max from rto_min (git-fixes).\n- tcp: fix TFO SYN_RECV to not zero retrans_stamp with retransmits out (git-fixes).\n- tcp: fix cookie_init_timestamp() overflows (git-fixes).\n- tcp: fix forever orphan socket caused by tcp_abort (git-fixes).\n- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (git-fixes).\n- tcp: fix incorrect undo caused by DSACK of TLP retransmit (git-fixes).\n- tcp: fix mid stream window clamp (git-fixes).\n- tcp: fix mptcp DSS corruption due to large pmtu xmit (git-fixes).\n- tcp: fix race in tcp_v6_syn_recv_sock() (git-fixes).\n- tcp: fix race in tcp_write_err() (git-fixes).\n- tcp: fix races in tcp_abort() (git-fixes).\n- tcp: fix races in tcp_v_err() (git-fixes).\n- tcp: fix tcp_enter_recovery() to zero retrans_stamp when it\u0027s safe (git-fixes).\n- tcp: fix tcp_rcv_fastopen_synack() to enter TCP_CA_Loss for failed TFO (git-fixes).\n- tcp: fix to allow timestamp undo if no retransmits were sent (git-fixes).\n- tcp: increase the default TCP scaling ratio (git-fixes).\n- tcp: introduce tcp_clock_ms() (git-fixes).\n- tcp: process the 3rd ACK with sk_socket for TFO/MPTCP (git-fixes).\n- tcp: reduce accepted window in NEW_SYN_RECV state (git-fixes).\n- tcp: remove 64 KByte limit for initial tp-\u003ercv_wnd value (git-fixes).\n- tcp: replace tcp_time_stamp_raw() (git-fixes).\n- tcp_bpf: Charge receive socket buffer in bpf_tcp_ingress() (git-fixes).\n- tcp_cubic: fix incorrect HyStart round start detection (git-fixes).\n- thermal/drivers/rockchip: Add missing rk3328 mapping entry (git-fixes).\n- thermal: int340x: Add NULL check for adev (git-fixes).\n- thermal: intel: x86_pkg_temp_thermal: Fix bogus trip temperature (git-fixes).\n- thunderbolt: Scan retimers after device router has been enumerated (stable-fixes).\n- tools/hv: update route parsing in kvp daemon (git-fixes).\n- tools/power turbostat: Increase CPU_SUBSET_MAXCPUS to 8192 (bsc#1241175).\n- tools/power turbostat: report CoreThr per measurement interval (git-fixes).\n- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (git-fixes).\n- tools: move alignment-related macros to new \u0026lt;linux/align.h\u003e (git-fixes). \n- topology: Set capacity_freq_ref in all cases (bsc#1238052)\n- tpm, tpm_tis: Fix timeout handling when waiting for TPM status (git-fixes).\n- tpm, tpm_tis: Workaround failed command reception on Infineon devices (bsc#1235870).\n- tpm: do not start chip while suspended (git-fixes).\n- tpm: send_data: Wait longer for the TPM to become ready (bsc#1235870).\n- tpm: tis: Double the timeout B to 4s (bsc#1235870).\n- tpm_tis: Move CRC check to generic send routine (bsc#1235870).\n- tpm_tis: Use responseRetry to recover from data transfer errors (bsc#1235870).\n- tty: n_tty: use uint for space returned by tty_write_room() (git-fixes).\n- tty: serial: 8250: Add Brainboxes XC devices (stable-fixes).\n- tty: serial: 8250: Add some more device IDs (stable-fixes).\n- tty: serial: fsl_lpuart: disable transmitter before changing RS485 related registers (git-fixes).\n- tty: serial: lpuart: only disable CTS instead of overwriting the whole UARTMODIR register (git-fixes).\n- ubi: Add a check for ubi_num (git-fixes).\n- ubi: block: Fix use-after-free in ubiblock_cleanup (git-fixes).\n- ubi: block: fix null-pointer-dereference in ubiblock_create() (git-fixes).\n- ubi: correct the calculation of fastmap size (stable-fixes).\n- ubi: eba: properly rollback inside self_check_eba (git-fixes).\n- ubi: fastmap: Fix missed ec updating after erasing old fastmap data block (git-fixes).\n- ubi: fastmap: may_reserve_for_fm: Do not reserve PEB if fm_anchor exists (git-fixes).\n- ubi: fastmap: wl: Schedule fm_work if wear-leveling pool is empty (git-fixes).\n- ubi: wl: Put source PEB into correct list if trying locking LEB failed (git-fixes).\n- ublk: set_params: properly check if parameters can be applied (git-fixes).\n- ucsi_ccg: Do not show failed to get FW build information error (git-fixes).\n- udf: Fix inode_getblk() return value (bsc#1242313).\n- udf: Skip parent dir link count update if corrupted (bsc#1242315).\n- udf: Verify inode link counts before performing rename (bsc#1242314).\n- usb: atm: cxacru: fix a flaw in existing endpoint checks (git-fixes).\n- usb: cdns3: Fix deadlock when using NCM gadget (git-fixes).\n- usb: cdnsp: fix L1 resume issue for RTL_REVISION_NEW_LPM version (git-fixes).\n- usb: chipidea: ci_hdrc_imx: fix call balance of regulator routines (git-fixes).\n- usb: chipidea: ci_hdrc_imx: implement usb_phy_init() error handling (git-fixes).\n- usb: dwc3: Set SUSPENDENABLE soon after phy init (git-fixes).\n- usb: dwc3: gadget: Avoid using reserved endpoints on Intel Merrifield (stable-fixes).\n- usb: dwc3: gadget: Prevent irq storm when TH re-executes (git-fixes).\n- usb: dwc3: gadget: Refactor loop to avoid NULL endpoints (stable-fixes).\n- usb: dwc3: gadget: check that event count does not exceed event buffer length (git-fixes).\n- usb: dwc3: xilinx: Prevent spike in reset signal (git-fixes).\n- usb: gadget: Check bmAttributes only if configuration is valid (git-fixes).\n- usb: gadget: Fix setting self-powered state on suspend (git-fixes).\n- usb: gadget: Set self-powered based on MaxPower and bmAttributes (git-fixes).\n- usb: gadget: Use get_status callback to set remote wakeup capability (git-fixes).\n- usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (stable-fixes).\n- usb: gadget: f_ecm: Add get_status callback (git-fixes).\n- usb: gadget: tegra-xudc: ACK ST_RC after clearing CTRL_RUN (git-fixes).\n- usb: gadget: u_ether: Set is_suspend flag if remote wakeup fails (git-fixes).\n- usb: host: max3421-hcd: Add missing spi_device_id table (stable-fixes).\n- usb: host: tegra: Prevent host controller crash when OTG port is used (git-fixes).\n- usb: host: xhci-plat: mvebu: use -\u003equirks instead of -\u003einit_quirk() func (stable-fixes).\n- usb: hub: lack of clearing xHC resources (git-fixes).\n- usb: phy: generic: Use proper helper for property detection (stable-fixes).\n- usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (stable-fixes).\n- usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (stable-fixes).\n- usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (stable-fixes).\n- usb: renesas_usbhs: Call clk_put() (git-fixes).\n- usb: renesas_usbhs: Flush the notify_hotplug_work (git-fixes).\n- usb: renesas_usbhs: Use devm_usb_get_phy() (git-fixes).\n- usb: typec: class: Invalidate USB device pointers on partner unregistration (git-fixes).\n- usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (git-fixes).\n- usb: typec: tcpm: delay SNK_TRY_WAIT_DEBOUNCE to SRC_TRYWAIT transition (git-fixes).\n- usb: typec: ucsi: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: displayport: Fix NULL pointer access (git-fixes).\n- usb: typec: ucsi: increase timeout for PPM reset operations (git-fixes).\n- usb: uhci-platform: Make the clock really optional (git-fixes).\n- usb: usbtmc: Fix erroneous generic_read ioctl return (git-fixes).\n- usb: usbtmc: Fix erroneous get_stb ioctl error returns (git-fixes).\n- usb: usbtmc: Fix erroneous wait_srq ioctl return (git-fixes).\n- usb: xHCI: add XHCI_RESET_ON_RESUME quirk for Phytium xHCI host (git-fixes).\n- usb: xhci: Enable the TRB overfetch quirk on VIA VL805 (git-fixes).\n- usb: xhci: correct debug message page size calculation (git-fixes).\n- usb: xhci: remove \u0027retval\u0027 from xhci_pci_resume() (git-fixes).\n- usbnet: gl620a: fix endpoint checking in genelink_bind() (git-fixes).\n- usbnet:fix NPE during rx_complete (git-fixes).\n- vboxsf: fix building with GCC 15 (stable-fixes).\n- vdpa/mlx5: Fix oversized null mkey longer than 32bit (git-fixes).\n- vfs: do not mod negative dentry count when on shrinker list (bsc#1242534).\n- vhost-scsi: Fix handling of multiple calls to vhost_scsi_set_endpoint (git-fixes).\n- virtchnl: make proto and filter action count unsigned (git-fixes).\n- virtio_console: fix missing byte order handling for cols and rows (git-fixes).\n- vmxnet3: Fix tx queue race condition with XDP (bsc#1241394).\n- vmxnet3: unregister xdp rxq info in the reset path (bsc#1241394).\n- wifi: at76c50x: fix use after free access in at76_disconnect (git-fixes).\n- wifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path (git-fixes).\n- wifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode (git-fixes).\n- wifi: ath11k: choose default PM policy for hibernation (bsc#1207948).\n- wifi: ath11k: determine PM policy based on machine model (bsc#1207948).\n- wifi: ath11k: fix RCU stall while reaping monitor destination ring (git-fixes).\n- wifi: ath11k: fix memory leak in ath11k_xxx_remove() (git-fixes).\n- wifi: ath11k: fix wrong overriding for VHT Beamformee STS Capability (git-fixes).\n- wifi: ath11k: introduce ath11k_core_continue_suspend_resume() (bsc#1207948).\n- wifi: ath11k: refactor ath11k_core_suspend/_resume() (bsc#1207948).\n- wifi: ath11k: support non-WoWLAN mode suspend as well (bsc#1207948).\n- wifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path (git-fixes).\n- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (stable-fixes).\n- wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process (stable-fixes).\n- wifi: ath12k: encode max Tx power in scan channel list command (git-fixes).\n- wifi: ath9k: do not submit zero bytes to the entropy pool (git-fixes).\n- wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() (git-fixes).\n- wifi: brcmfmac: keep power during suspend if board requires it (stable-fixes).\n- wifi: cfg80211: cancel wiphy_work before freeing wiphy (git-fixes).\n- wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation (git-fixes).\n- wifi: cfg80211: init wiphy_work before allocating rfkill fails (git-fixes).\n- wifi: cfg80211: regulatory: improve invalid hints checking (git-fixes).\n- wifi: iwlwifi: fw: allocate chained SG tables for dump (stable-fixes).\n- wifi: iwlwifi: limit printed string from FW file (git-fixes).\n- wifi: iwlwifi: mvm: do not try to talk to a dead firmware (git-fixes).\n- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (git-fixes).\n- wifi: iwlwifi: mvm: use the right version of the rate API (stable-fixes).\n- wifi: mac80211: Purge vif txq in ieee80211_do_stop() (git-fixes).\n- wifi: mac80211: Set n_channels after allocating struct cfg80211_scan_request (git-fixes).\n- wifi: mac80211: Update skb\u0027s control block key in ieee80211_tx_dequeue() (git-fixes).\n- wifi: mac80211: fix integer overflow in hwmp_route_info_get() (git-fixes).\n- wifi: mac80211: flush the station before moving it to UN-AUTHORIZED state (stable-fixes).\n- wifi: mt76: Add check for devm_kstrdup() (git-fixes).\n- wifi: mt76: disable napi on driver removal (git-fixes).\n- wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (stable-fixes).\n- wifi: mt76: mt7915: fix possible integer overflows in mt7915_muru_stats_show() (git-fixes).\n- wifi: mt76: mt7925: ensure wow pattern command align fw format (git-fixes).\n- wifi: mt76: mt7925: fix country count limitation for CLC (git-fixes).\n- wifi: mt76: mt7925: remove unused acpi function for clc (git-fixes).\n- wifi: mwifiex: Fix premature release of RF calibration data (git-fixes).\n- wifi: nl80211: reject cooked mode if it is set along with other flags (git-fixes).\n- wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release (git-fixes).\n- wifi: rtl8xxxu: Perform update_beacon_work when beaconing is enabled (git-fixes).\n- wifi: rtw89: fw: correct debug message format in rtw89_build_txpwr_trk_tbl_from_elm() (git-fixes).\n- wifi: rtw89: pci: correct ISR RDU bit for 8922AE (git-fixes).\n- wifi: wl1251: fix memory leak in wl1251_tx_work (git-fixes).\n- x86/apic: Provide apic_force_nmi_on_cpu() (git-fixes).\n- x86/bhi: Do not set BHI_DIS_S in 32-bit mode (bsc#1242778).\n- x86/boot/32: De-uglify the 2/3 level paging difference in mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Disable stackprotector and tracing for mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Restructure mk_early_pgtbl_32() (git-fixes).\n- x86/boot/32: Temporarily map initrd for microcode loading (git-fixes).\n- x86/boot: Use __pa_nodebug() in mk_early_pgtbl_32() (git-fixes).\n- x86/bpf: Add IBHF call at end of classic BPF (bsc#1242778).\n- x86/bpf: Call branch history clearing sequence on exit (bsc#1242778).\n- x86/bugs: Add RSB mitigation document (git-fixes).\n- x86/bugs: Do not fill RSB on VMEXIT with eIBRS+retpoline (git-fixes).\n- x86/bugs: Do not fill RSB on context switch with eIBRS (git-fixes).\n- x86/bugs: Fix RSB clearing in indirect_branch_prediction_barrier() (git-fixes).\n- x86/bugs: Rename entry_ibpb() to write_ibpb() (git-fixes).\n- x86/bugs: Use SBPB in write_ibpb() if applicable (git-fixes).\n- x86/coco: Replace \u0027static const cc_mask\u0027 with the newly introduced cc_get_mask() function (git-fixes).\n- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (git-fixes).\n- x86/cpu: Allow reducing x86_phys_bits during early_identify_cpu() (git-fixes).\n- x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes).\n- x86/entry: Add __init to ia32_emulation_override_cmdline() (git-fixes).\n- x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes).\n- x86/fpu: Fix guest FPU state buffer allocation size (git-fixes).\n- x86/hyperv/vtl: Stop kernel from probing VTL0 low memory (git-fixes).\n- x86/hyperv: Fix check of return value from snp_set_vmsa() (git-fixes).\n- x86/hyperv: Fix output argument to hypercall that changes page visibility (git-fixes).\n- x86/idle: Disable IBRS when CPU is offline to improve single-threaded performance (git-fixes).\n- x86/its: Fix build errors when CONFIG_MODULES=n (git-fixes).\n- x86/microcode/32: Move early loading after paging enable (git-fixes).\n- x86/microcode/AMD: Fix a -Wsometimes-uninitialized clang false positive (git-fixes).\n- x86/microcode/AMD: Flush patch buffer mapping after application (git-fixes).\n- x86/microcode/AMD: Pay attention to the stepping dynamically (git-fixes).\n- x86/microcode/AMD: Split load_microcode_amd() (git-fixes).\n- x86/microcode/AMD: Use the family,model,stepping encoded in the patch ID (git-fixes).\n- x86/microcode/amd: Cache builtin microcode too (git-fixes).\n- x86/microcode/amd: Cache builtin/initrd microcode early (git-fixes).\n- x86/microcode/amd: Use cached microcode for AP load (git-fixes).\n- x86/microcode/amd: Use correct per CPU ucode_cpu_info (git-fixes).\n- x86/microcode/intel: Add a minimum required revision for late loading (git-fixes).\n- x86/microcode/intel: Cleanup code further (git-fixes).\n- x86/microcode/intel: Move microcode functions out of cpu/intel.c (git-fixes).\n- x86/microcode/intel: Remove debug code (git-fixes).\n- x86/microcode/intel: Remove pointless mutex (git-fixes).\n- x86/microcode/intel: Rename get_datasize() since its used externally (git-fixes).\n- x86/microcode/intel: Reuse intel_cpu_collect_info() git-fixes).\n- x86/microcode/intel: Rework intel_cpu_collect_info() (git-fixes).\n- x86/microcode/intel: Rework intel_find_matching_signature() (git-fixes).\n- x86/microcode/intel: Rip out mixed stepping support for Intel CPUs (git-fixes).\n- x86/microcode/intel: Save the microcode only after a successful late-load (git-fixes).\n- x86/microcode/intel: Set new revision only after a successful update (git-fixes).\n- x86/microcode/intel: Simplify and rename generic_load_microcode() (git-fixes).\n- x86/microcode/intel: Simplify early loading (git-fixes).\n- x86/microcode/intel: Simplify scan_microcode() (git-fixes).\n- x86/microcode/intel: Switch to kvmalloc() (git-fixes).\n- x86/microcode/intel: Unify microcode apply() functions (git-fixes).\n- x86/microcode: Add per CPU control field (git-fixes).\n- x86/microcode: Add per CPU result state (git-fixes).\n- x86/microcode: Clarify the late load logic (git-fixes).\n- x86/microcode: Clean up mc_cpu_down_prep() (git-fixes).\n- x86/microcode: Get rid of the schedule work indirection (git-fixes).\n- x86/microcode: Handle \u0027nosmt\u0027 correctly (git-fixes).\n- x86/microcode: Handle \u0027offline\u0027 CPUs correctly (git-fixes).\n- x86/microcode: Hide the config knob (git-fixes).\n- x86/microcode: Include vendor headers into microcode.h (git-fixes).\n- x86/microcode: Make reload_early_microcode() static (git-fixes).\n- x86/microcode: Mop up early loading leftovers (git-fixes).\n- x86/microcode: Move core specific defines to local header (git-fixes).\n- x86/microcode: Prepare for minimal revision check (git-fixes).\n- x86/microcode: Protect against instrumentation (git-fixes).\n- x86/microcode: Provide CONFIG_MICROCODE_INITRD32 (git-fixes).\n- x86/microcode: Provide new control functions (git-fixes).\n- x86/microcode: Remove microcode_mutex (git-fixes).\n- x86/microcode: Remove pointless apply() invocation (git-fixes).\n- x86/microcode: Remove the driver announcement and version (git-fixes).\n- x86/microcode: Rendezvous and load in NMI (git-fixes).\n- x86/microcode: Replace the all-in-one rendevous handler (git-fixes).\n- x86/microcode: Rework early revisions reporting (git-fixes).\n- x86/microcode: Sanitize __wait_for_cpus() (git-fixes).\n- x86/mm: Remove unused microcode.h include (git-fixes).\n- x86/paravirt: Move halt paravirt calls under CONFIG_PARAVIRT (git-fixes).\n- x86/platform/olpc: Remove unused variable \u0027len\u0027 in olpc_dt_compatible_match() (git-fixes).\n- x86/speculation: Add __update_spec_ctrl() helper (git-fixes).\n- x86/tdx: Emit warning if IRQs are enabled during HLT #VE handling (git-fixes).\n- x86/tdx: Fix arch_safe_halt() execution for TDX VMs (git-fixes).\n- x86/uaccess: Improve performance by aligning writes to 8 bytes in copy_user_generic(), on non-FSRM/ERMS CPUs (git-fixes).\n- x86/usercopy: Fix kernel-doc func param name in clean_cache_range()\u0027s description (git-fixes).\n- x86/xen: move xen_reserve_extra_memory() (git-fixes).\n- xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes).\n- xen: Change xen-acpi-processor dom0 dependency (git-fixes).\n- xenfs/xensyms: respect hypervisor\u0027s \u0027next\u0027 indication (git-fixes).\n- xfs: flush inodegc before swapon (git-fixes).\n- xhci: Add helper to set an interrupters interrupt moderation interval (git-fixes).\n- xhci: Apply XHCI_RESET_TO_DEFAULT quirk to TGL (git-fixes).\n- xhci: Clean up stale comment on ERST_SIZE macro (stable-fixes).\n- xhci: Cleanup Candence controller PCI device and vendor ID usage (git-fixes).\n- xhci: Combine two if statements for Etron xHCI host (jsc#PED-10701).\n- xhci: Do not issue Reset Device command to Etron xHCI host (jsc#PED-10701).\n- xhci: Do not perform Soft Retry for Etron xHCI host (git-fixes).\n- xhci: Fix null pointer dereference during S4 resume when resetting ep0 (bsc#1235550).\n- xhci: Reconfigure endpoint 0 max packet size only during endpoint reset (bsc#1235550).\n- xhci: dbc: Check for errors first in xhci_dbc_stop() (git-fixes).\n- xhci: dbc: Convert to use sysfs_streq() (git-fixes).\n- xhci: dbc: Drop duplicate checks for dma_free_coherent() (git-fixes).\n- xhci: dbc: Fix STALL transfer event handling (git-fixes).\n- xhci: dbc: Replace custom return value with proper Linux error code (git-fixes).\n- xhci: dbc: Use ATTRIBUTE_GROUPS() (git-fixes).\n- xhci: dbc: Use sysfs_emit() to instead of scnprintf() (git-fixes).\n- xhci: fix possible null pointer deref during xhci urb enqueue (bsc#1235550).\n- xhci: pci: Fix indentation in the PCI device ID definitions (stable-fixes).\n- xhci: pci: Group out Thunderbolt xHCI IDs (git-fixes).\n- xhci: pci: Use PCI_VENDOR_ID_RENESAS (git-fixes).\n- xhci: pci: Use full names in PCI IDs for Intel platforms (git-fixes).\n- xhci: pci: Use standard pattern for device IDs (git-fixes).\n- xhci: split free interrupter into separate remove and free parts (git-fixes).\n- xsk: Add truesize to skb_add_rx_frag() (git-fixes).\n- xsk: Do not assume metadata is always requested in TX completion (git-fixes).\n- zap_pid_ns_processes: clear TIF_NOTIFY_SIGNAL along with TIF_SIGPENDING (bsc#1241167).\n- zram: clear IDLE flag after recompression (git-fixes).\n- zram: clear IDLE flag in mark_idle() (git-fixes).\n- zram: do not mark idle slots that cannot be idle (git-fixes).\n- zram: fix potential UAF of zram table (git-fixes).\n- zram: fix uninitialized ZRAM not releasing backing device (git-fixes).\n- zram: refuse to use zero sized block device as backing device (git-fixes).\n- zram: split memory-tracking and ac-time tracking (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-1919,SUSE-SLE-Module-Confidential-Computing-15-SP6-2025-1919",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01919-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:01919-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501919-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:01919-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021477.html"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215211",
"url": "https://bugzilla.suse.com/1215211"
},
{
"category": "self",
"summary": "SUSE Bug 1218470",
"url": "https://bugzilla.suse.com/1218470"
},
{
"category": "self",
"summary": "SUSE Bug 1221651",
"url": "https://bugzilla.suse.com/1221651"
},
{
"category": "self",
"summary": "SUSE Bug 1222649",
"url": "https://bugzilla.suse.com/1222649"
},
{
"category": "self",
"summary": "SUSE Bug 1223047",
"url": "https://bugzilla.suse.com/1223047"
},
{
"category": "self",
"summary": "SUSE Bug 1223096",
"url": "https://bugzilla.suse.com/1223096"
},
{
"category": "self",
"summary": "SUSE Bug 1223809",
"url": "https://bugzilla.suse.com/1223809"
},
{
"category": "self",
"summary": "SUSE Bug 1224013",
"url": "https://bugzilla.suse.com/1224013"
},
{
"category": "self",
"summary": "SUSE Bug 1224489",
"url": "https://bugzilla.suse.com/1224489"
},
{
"category": "self",
"summary": "SUSE Bug 1224597",
"url": "https://bugzilla.suse.com/1224597"
},
{
"category": "self",
"summary": "SUSE Bug 1224610",
"url": "https://bugzilla.suse.com/1224610"
},
{
"category": "self",
"summary": "SUSE Bug 1224757",
"url": "https://bugzilla.suse.com/1224757"
},
{
"category": "self",
"summary": "SUSE Bug 1225533",
"url": "https://bugzilla.suse.com/1225533"
},
{
"category": "self",
"summary": "SUSE Bug 1225606",
"url": "https://bugzilla.suse.com/1225606"
},
{
"category": "self",
"summary": "SUSE Bug 1225742",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1226871",
"url": "https://bugzilla.suse.com/1226871"
},
{
"category": "self",
"summary": "SUSE Bug 1227858",
"url": "https://bugzilla.suse.com/1227858"
},
{
"category": "self",
"summary": "SUSE Bug 1228653",
"url": "https://bugzilla.suse.com/1228653"
},
{
"category": "self",
"summary": "SUSE Bug 1228659",
"url": "https://bugzilla.suse.com/1228659"
},
{
"category": "self",
"summary": "SUSE Bug 1229311",
"url": "https://bugzilla.suse.com/1229311"
},
{
"category": "self",
"summary": "SUSE Bug 1229361",
"url": "https://bugzilla.suse.com/1229361"
},
{
"category": "self",
"summary": "SUSE Bug 1229491",
"url": "https://bugzilla.suse.com/1229491"
},
{
"category": "self",
"summary": "SUSE Bug 1230497",
"url": "https://bugzilla.suse.com/1230497"
},
{
"category": "self",
"summary": "SUSE Bug 1230581",
"url": "https://bugzilla.suse.com/1230581"
},
{
"category": "self",
"summary": "SUSE Bug 1230728",
"url": "https://bugzilla.suse.com/1230728"
},
{
"category": "self",
"summary": "SUSE Bug 1230764",
"url": "https://bugzilla.suse.com/1230764"
},
{
"category": "self",
"summary": "SUSE Bug 1230769",
"url": "https://bugzilla.suse.com/1230769"
},
{
"category": "self",
"summary": "SUSE Bug 1230832",
"url": "https://bugzilla.suse.com/1230832"
},
{
"category": "self",
"summary": "SUSE Bug 1231016",
"url": "https://bugzilla.suse.com/1231016"
},
{
"category": "self",
"summary": "SUSE Bug 1231103",
"url": "https://bugzilla.suse.com/1231103"
},
{
"category": "self",
"summary": "SUSE Bug 1231293",
"url": "https://bugzilla.suse.com/1231293"
},
{
"category": "self",
"summary": "SUSE Bug 1231432",
"url": "https://bugzilla.suse.com/1231432"
},
{
"category": "self",
"summary": "SUSE Bug 1231910",
"url": "https://bugzilla.suse.com/1231910"
},
{
"category": "self",
"summary": "SUSE Bug 1231912",
"url": "https://bugzilla.suse.com/1231912"
},
{
"category": "self",
"summary": "SUSE Bug 1231949",
"url": "https://bugzilla.suse.com/1231949"
},
{
"category": "self",
"summary": "SUSE Bug 1232299",
"url": "https://bugzilla.suse.com/1232299"
},
{
"category": "self",
"summary": "SUSE Bug 1232364",
"url": "https://bugzilla.suse.com/1232364"
},
{
"category": "self",
"summary": "SUSE Bug 1232389",
"url": "https://bugzilla.suse.com/1232389"
},
{
"category": "self",
"summary": "SUSE Bug 1232421",
"url": "https://bugzilla.suse.com/1232421"
},
{
"category": "self",
"summary": "SUSE Bug 1232493",
"url": "https://bugzilla.suse.com/1232493"
},
{
"category": "self",
"summary": "SUSE Bug 1232649",
"url": "https://bugzilla.suse.com/1232649"
},
{
"category": "self",
"summary": "SUSE Bug 1232743",
"url": "https://bugzilla.suse.com/1232743"
},
{
"category": "self",
"summary": "SUSE Bug 1232812",
"url": "https://bugzilla.suse.com/1232812"
},
{
"category": "self",
"summary": "SUSE Bug 1232848",
"url": "https://bugzilla.suse.com/1232848"
},
{
"category": "self",
"summary": "SUSE Bug 1232882",
"url": "https://bugzilla.suse.com/1232882"
},
{
"category": "self",
"summary": "SUSE Bug 1232895",
"url": "https://bugzilla.suse.com/1232895"
},
{
"category": "self",
"summary": "SUSE Bug 1233033",
"url": "https://bugzilla.suse.com/1233033"
},
{
"category": "self",
"summary": "SUSE Bug 1233060",
"url": "https://bugzilla.suse.com/1233060"
},
{
"category": "self",
"summary": "SUSE Bug 1233075",
"url": "https://bugzilla.suse.com/1233075"
},
{
"category": "self",
"summary": "SUSE Bug 1233098",
"url": "https://bugzilla.suse.com/1233098"
},
{
"category": "self",
"summary": "SUSE Bug 1233192",
"url": "https://bugzilla.suse.com/1233192"
},
{
"category": "self",
"summary": "SUSE Bug 1233259",
"url": "https://bugzilla.suse.com/1233259"
},
{
"category": "self",
"summary": "SUSE Bug 1233260",
"url": "https://bugzilla.suse.com/1233260"
},
{
"category": "self",
"summary": "SUSE Bug 1233479",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "self",
"summary": "SUSE Bug 1233483",
"url": "https://bugzilla.suse.com/1233483"
},
{
"category": "self",
"summary": "SUSE Bug 1233551",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "self",
"summary": "SUSE Bug 1233557",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "self",
"summary": "SUSE Bug 1233749",
"url": "https://bugzilla.suse.com/1233749"
},
{
"category": "self",
"summary": "SUSE Bug 1234074",
"url": "https://bugzilla.suse.com/1234074"
},
{
"category": "self",
"summary": "SUSE Bug 1234154",
"url": "https://bugzilla.suse.com/1234154"
},
{
"category": "self",
"summary": "SUSE Bug 1234157",
"url": "https://bugzilla.suse.com/1234157"
},
{
"category": "self",
"summary": "SUSE Bug 1234222",
"url": "https://bugzilla.suse.com/1234222"
},
{
"category": "self",
"summary": "SUSE Bug 1234480",
"url": "https://bugzilla.suse.com/1234480"
},
{
"category": "self",
"summary": "SUSE Bug 1234698",
"url": "https://bugzilla.suse.com/1234698"
},
{
"category": "self",
"summary": "SUSE Bug 1234828",
"url": "https://bugzilla.suse.com/1234828"
},
{
"category": "self",
"summary": "SUSE Bug 1234894",
"url": "https://bugzilla.suse.com/1234894"
},
{
"category": "self",
"summary": "SUSE Bug 1234895",
"url": "https://bugzilla.suse.com/1234895"
},
{
"category": "self",
"summary": "SUSE Bug 1234896",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "self",
"summary": "SUSE Bug 1234936",
"url": "https://bugzilla.suse.com/1234936"
},
{
"category": "self",
"summary": "SUSE Bug 1235149",
"url": "https://bugzilla.suse.com/1235149"
},
{
"category": "self",
"summary": "SUSE Bug 1235436",
"url": "https://bugzilla.suse.com/1235436"
},
{
"category": "self",
"summary": "SUSE Bug 1235455",
"url": "https://bugzilla.suse.com/1235455"
},
{
"category": "self",
"summary": "SUSE Bug 1235501",
"url": "https://bugzilla.suse.com/1235501"
},
{
"category": "self",
"summary": "SUSE Bug 1235524",
"url": "https://bugzilla.suse.com/1235524"
},
{
"category": "self",
"summary": "SUSE Bug 1235526",
"url": "https://bugzilla.suse.com/1235526"
},
{
"category": "self",
"summary": "SUSE Bug 1235550",
"url": "https://bugzilla.suse.com/1235550"
},
{
"category": "self",
"summary": "SUSE Bug 1235589",
"url": "https://bugzilla.suse.com/1235589"
},
{
"category": "self",
"summary": "SUSE Bug 1235591",
"url": "https://bugzilla.suse.com/1235591"
},
{
"category": "self",
"summary": "SUSE Bug 1235599",
"url": "https://bugzilla.suse.com/1235599"
},
{
"category": "self",
"summary": "SUSE Bug 1235621",
"url": "https://bugzilla.suse.com/1235621"
},
{
"category": "self",
"summary": "SUSE Bug 1235637",
"url": "https://bugzilla.suse.com/1235637"
},
{
"category": "self",
"summary": "SUSE Bug 1235698",
"url": "https://bugzilla.suse.com/1235698"
},
{
"category": "self",
"summary": "SUSE Bug 1235711",
"url": "https://bugzilla.suse.com/1235711"
},
{
"category": "self",
"summary": "SUSE Bug 1235712",
"url": "https://bugzilla.suse.com/1235712"
},
{
"category": "self",
"summary": "SUSE Bug 1235715",
"url": "https://bugzilla.suse.com/1235715"
},
{
"category": "self",
"summary": "SUSE Bug 1235729",
"url": "https://bugzilla.suse.com/1235729"
},
{
"category": "self",
"summary": "SUSE Bug 1235733",
"url": "https://bugzilla.suse.com/1235733"
},
{
"category": "self",
"summary": "SUSE Bug 1235761",
"url": "https://bugzilla.suse.com/1235761"
},
{
"category": "self",
"summary": "SUSE Bug 1235862",
"url": "https://bugzilla.suse.com/1235862"
},
{
"category": "self",
"summary": "SUSE Bug 1235870",
"url": "https://bugzilla.suse.com/1235870"
},
{
"category": "self",
"summary": "SUSE Bug 1235973",
"url": "https://bugzilla.suse.com/1235973"
},
{
"category": "self",
"summary": "SUSE Bug 1236086",
"url": "https://bugzilla.suse.com/1236086"
},
{
"category": "self",
"summary": "SUSE Bug 1236099",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "self",
"summary": "SUSE Bug 1236111",
"url": "https://bugzilla.suse.com/1236111"
},
{
"category": "self",
"summary": "SUSE Bug 1236142",
"url": "https://bugzilla.suse.com/1236142"
},
{
"category": "self",
"summary": "SUSE Bug 1236206",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "self",
"summary": "SUSE Bug 1236208",
"url": "https://bugzilla.suse.com/1236208"
},
{
"category": "self",
"summary": "SUSE Bug 1236333",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "self",
"summary": "SUSE Bug 1236692",
"url": "https://bugzilla.suse.com/1236692"
},
{
"category": "self",
"summary": "SUSE Bug 1236704",
"url": "https://bugzilla.suse.com/1236704"
},
{
"category": "self",
"summary": "SUSE Bug 1236752",
"url": "https://bugzilla.suse.com/1236752"
},
{
"category": "self",
"summary": "SUSE Bug 1237029",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "self",
"summary": "SUSE Bug 1237111",
"url": "https://bugzilla.suse.com/1237111"
},
{
"category": "self",
"summary": "SUSE Bug 1237164",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "self",
"summary": "SUSE Bug 1237312",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "self",
"summary": "SUSE Bug 1237313",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "self",
"summary": "SUSE Bug 1237356",
"url": "https://bugzilla.suse.com/1237356"
},
{
"category": "self",
"summary": "SUSE Bug 1237504",
"url": "https://bugzilla.suse.com/1237504"
},
{
"category": "self",
"summary": "SUSE Bug 1237521",
"url": "https://bugzilla.suse.com/1237521"
},
{
"category": "self",
"summary": "SUSE Bug 1237530",
"url": "https://bugzilla.suse.com/1237530"
},
{
"category": "self",
"summary": "SUSE Bug 1237558",
"url": "https://bugzilla.suse.com/1237558"
},
{
"category": "self",
"summary": "SUSE Bug 1237562",
"url": "https://bugzilla.suse.com/1237562"
},
{
"category": "self",
"summary": "SUSE Bug 1237565",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "self",
"summary": "SUSE Bug 1237571",
"url": "https://bugzilla.suse.com/1237571"
},
{
"category": "self",
"summary": "SUSE Bug 1237848",
"url": "https://bugzilla.suse.com/1237848"
},
{
"category": "self",
"summary": "SUSE Bug 1237849",
"url": "https://bugzilla.suse.com/1237849"
},
{
"category": "self",
"summary": "SUSE Bug 1237853",
"url": "https://bugzilla.suse.com/1237853"
},
{
"category": "self",
"summary": "SUSE Bug 1237856",
"url": "https://bugzilla.suse.com/1237856"
},
{
"category": "self",
"summary": "SUSE Bug 1237873",
"url": "https://bugzilla.suse.com/1237873"
},
{
"category": "self",
"summary": "SUSE Bug 1237874",
"url": "https://bugzilla.suse.com/1237874"
},
{
"category": "self",
"summary": "SUSE Bug 1237875",
"url": "https://bugzilla.suse.com/1237875"
},
{
"category": "self",
"summary": "SUSE Bug 1237876",
"url": "https://bugzilla.suse.com/1237876"
},
{
"category": "self",
"summary": "SUSE Bug 1237877",
"url": "https://bugzilla.suse.com/1237877"
},
{
"category": "self",
"summary": "SUSE Bug 1237879",
"url": "https://bugzilla.suse.com/1237879"
},
{
"category": "self",
"summary": "SUSE Bug 1237881",
"url": "https://bugzilla.suse.com/1237881"
},
{
"category": "self",
"summary": "SUSE Bug 1237882",
"url": "https://bugzilla.suse.com/1237882"
},
{
"category": "self",
"summary": "SUSE Bug 1237885",
"url": "https://bugzilla.suse.com/1237885"
},
{
"category": "self",
"summary": "SUSE Bug 1237889",
"url": "https://bugzilla.suse.com/1237889"
},
{
"category": "self",
"summary": "SUSE Bug 1237890",
"url": "https://bugzilla.suse.com/1237890"
},
{
"category": "self",
"summary": "SUSE Bug 1237891",
"url": "https://bugzilla.suse.com/1237891"
},
{
"category": "self",
"summary": "SUSE Bug 1237894",
"url": "https://bugzilla.suse.com/1237894"
},
{
"category": "self",
"summary": "SUSE Bug 1237897",
"url": "https://bugzilla.suse.com/1237897"
},
{
"category": "self",
"summary": "SUSE Bug 1237900",
"url": "https://bugzilla.suse.com/1237900"
},
{
"category": "self",
"summary": "SUSE Bug 1237901",
"url": "https://bugzilla.suse.com/1237901"
},
{
"category": "self",
"summary": "SUSE Bug 1237906",
"url": "https://bugzilla.suse.com/1237906"
},
{
"category": "self",
"summary": "SUSE Bug 1237907",
"url": "https://bugzilla.suse.com/1237907"
},
{
"category": "self",
"summary": "SUSE Bug 1237911",
"url": "https://bugzilla.suse.com/1237911"
},
{
"category": "self",
"summary": "SUSE Bug 1237912",
"url": "https://bugzilla.suse.com/1237912"
},
{
"category": "self",
"summary": "SUSE Bug 1237950",
"url": "https://bugzilla.suse.com/1237950"
},
{
"category": "self",
"summary": "SUSE Bug 1238052",
"url": "https://bugzilla.suse.com/1238052"
},
{
"category": "self",
"summary": "SUSE Bug 1238212",
"url": "https://bugzilla.suse.com/1238212"
},
{
"category": "self",
"summary": "SUSE Bug 1238214",
"url": "https://bugzilla.suse.com/1238214"
},
{
"category": "self",
"summary": "SUSE Bug 1238303",
"url": "https://bugzilla.suse.com/1238303"
},
{
"category": "self",
"summary": "SUSE Bug 1238347",
"url": "https://bugzilla.suse.com/1238347"
},
{
"category": "self",
"summary": "SUSE Bug 1238368",
"url": "https://bugzilla.suse.com/1238368"
},
{
"category": "self",
"summary": "SUSE Bug 1238471",
"url": "https://bugzilla.suse.com/1238471"
},
{
"category": "self",
"summary": "SUSE Bug 1238473",
"url": "https://bugzilla.suse.com/1238473"
},
{
"category": "self",
"summary": "SUSE Bug 1238474",
"url": "https://bugzilla.suse.com/1238474"
},
{
"category": "self",
"summary": "SUSE Bug 1238475",
"url": "https://bugzilla.suse.com/1238475"
},
{
"category": "self",
"summary": "SUSE Bug 1238479",
"url": "https://bugzilla.suse.com/1238479"
},
{
"category": "self",
"summary": "SUSE Bug 1238494",
"url": "https://bugzilla.suse.com/1238494"
},
{
"category": "self",
"summary": "SUSE Bug 1238496",
"url": "https://bugzilla.suse.com/1238496"
},
{
"category": "self",
"summary": "SUSE Bug 1238497",
"url": "https://bugzilla.suse.com/1238497"
},
{
"category": "self",
"summary": "SUSE Bug 1238500",
"url": "https://bugzilla.suse.com/1238500"
},
{
"category": "self",
"summary": "SUSE Bug 1238501",
"url": "https://bugzilla.suse.com/1238501"
},
{
"category": "self",
"summary": "SUSE Bug 1238502",
"url": "https://bugzilla.suse.com/1238502"
},
{
"category": "self",
"summary": "SUSE Bug 1238503",
"url": "https://bugzilla.suse.com/1238503"
},
{
"category": "self",
"summary": "SUSE Bug 1238506",
"url": "https://bugzilla.suse.com/1238506"
},
{
"category": "self",
"summary": "SUSE Bug 1238507",
"url": "https://bugzilla.suse.com/1238507"
},
{
"category": "self",
"summary": "SUSE Bug 1238509",
"url": "https://bugzilla.suse.com/1238509"
},
{
"category": "self",
"summary": "SUSE Bug 1238510",
"url": "https://bugzilla.suse.com/1238510"
},
{
"category": "self",
"summary": "SUSE Bug 1238511",
"url": "https://bugzilla.suse.com/1238511"
},
{
"category": "self",
"summary": "SUSE Bug 1238512",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "self",
"summary": "SUSE Bug 1238521",
"url": "https://bugzilla.suse.com/1238521"
},
{
"category": "self",
"summary": "SUSE Bug 1238523",
"url": "https://bugzilla.suse.com/1238523"
},
{
"category": "self",
"summary": "SUSE Bug 1238525",
"url": "https://bugzilla.suse.com/1238525"
},
{
"category": "self",
"summary": "SUSE Bug 1238526",
"url": "https://bugzilla.suse.com/1238526"
},
{
"category": "self",
"summary": "SUSE Bug 1238527",
"url": "https://bugzilla.suse.com/1238527"
},
{
"category": "self",
"summary": "SUSE Bug 1238528",
"url": "https://bugzilla.suse.com/1238528"
},
{
"category": "self",
"summary": "SUSE Bug 1238529",
"url": "https://bugzilla.suse.com/1238529"
},
{
"category": "self",
"summary": "SUSE Bug 1238531",
"url": "https://bugzilla.suse.com/1238531"
},
{
"category": "self",
"summary": "SUSE Bug 1238532",
"url": "https://bugzilla.suse.com/1238532"
},
{
"category": "self",
"summary": "SUSE Bug 1238565",
"url": "https://bugzilla.suse.com/1238565"
},
{
"category": "self",
"summary": "SUSE Bug 1238570",
"url": "https://bugzilla.suse.com/1238570"
},
{
"category": "self",
"summary": "SUSE Bug 1238714",
"url": "https://bugzilla.suse.com/1238714"
},
{
"category": "self",
"summary": "SUSE Bug 1238715",
"url": "https://bugzilla.suse.com/1238715"
},
{
"category": "self",
"summary": "SUSE Bug 1238716",
"url": "https://bugzilla.suse.com/1238716"
},
{
"category": "self",
"summary": "SUSE Bug 1238734",
"url": "https://bugzilla.suse.com/1238734"
},
{
"category": "self",
"summary": "SUSE Bug 1238735",
"url": "https://bugzilla.suse.com/1238735"
},
{
"category": "self",
"summary": "SUSE Bug 1238736",
"url": "https://bugzilla.suse.com/1238736"
},
{
"category": "self",
"summary": "SUSE Bug 1238737",
"url": "https://bugzilla.suse.com/1238737"
},
{
"category": "self",
"summary": "SUSE Bug 1238738",
"url": "https://bugzilla.suse.com/1238738"
},
{
"category": "self",
"summary": "SUSE Bug 1238739",
"url": "https://bugzilla.suse.com/1238739"
},
{
"category": "self",
"summary": "SUSE Bug 1238742",
"url": "https://bugzilla.suse.com/1238742"
},
{
"category": "self",
"summary": "SUSE Bug 1238745",
"url": "https://bugzilla.suse.com/1238745"
},
{
"category": "self",
"summary": "SUSE Bug 1238746",
"url": "https://bugzilla.suse.com/1238746"
},
{
"category": "self",
"summary": "SUSE Bug 1238747",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "self",
"summary": "SUSE Bug 1238751",
"url": "https://bugzilla.suse.com/1238751"
},
{
"category": "self",
"summary": "SUSE Bug 1238753",
"url": "https://bugzilla.suse.com/1238753"
},
{
"category": "self",
"summary": "SUSE Bug 1238754",
"url": "https://bugzilla.suse.com/1238754"
},
{
"category": "self",
"summary": "SUSE Bug 1238757",
"url": "https://bugzilla.suse.com/1238757"
},
{
"category": "self",
"summary": "SUSE Bug 1238759",
"url": "https://bugzilla.suse.com/1238759"
},
{
"category": "self",
"summary": "SUSE Bug 1238760",
"url": "https://bugzilla.suse.com/1238760"
},
{
"category": "self",
"summary": "SUSE Bug 1238762",
"url": "https://bugzilla.suse.com/1238762"
},
{
"category": "self",
"summary": "SUSE Bug 1238763",
"url": "https://bugzilla.suse.com/1238763"
},
{
"category": "self",
"summary": "SUSE Bug 1238767",
"url": "https://bugzilla.suse.com/1238767"
},
{
"category": "self",
"summary": "SUSE Bug 1238768",
"url": "https://bugzilla.suse.com/1238768"
},
{
"category": "self",
"summary": "SUSE Bug 1238771",
"url": "https://bugzilla.suse.com/1238771"
},
{
"category": "self",
"summary": "SUSE Bug 1238772",
"url": "https://bugzilla.suse.com/1238772"
},
{
"category": "self",
"summary": "SUSE Bug 1238773",
"url": "https://bugzilla.suse.com/1238773"
},
{
"category": "self",
"summary": "SUSE Bug 1238774",
"url": "https://bugzilla.suse.com/1238774"
},
{
"category": "self",
"summary": "SUSE Bug 1238775",
"url": "https://bugzilla.suse.com/1238775"
},
{
"category": "self",
"summary": "SUSE Bug 1238780",
"url": "https://bugzilla.suse.com/1238780"
},
{
"category": "self",
"summary": "SUSE Bug 1238781",
"url": "https://bugzilla.suse.com/1238781"
},
{
"category": "self",
"summary": "SUSE Bug 1238785",
"url": "https://bugzilla.suse.com/1238785"
},
{
"category": "self",
"summary": "SUSE Bug 1238860",
"url": "https://bugzilla.suse.com/1238860"
},
{
"category": "self",
"summary": "SUSE Bug 1238862",
"url": "https://bugzilla.suse.com/1238862"
},
{
"category": "self",
"summary": "SUSE Bug 1238863",
"url": "https://bugzilla.suse.com/1238863"
},
{
"category": "self",
"summary": "SUSE Bug 1238864",
"url": "https://bugzilla.suse.com/1238864"
},
{
"category": "self",
"summary": "SUSE Bug 1238865",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "self",
"summary": "SUSE Bug 1238876",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "self",
"summary": "SUSE Bug 1238877",
"url": "https://bugzilla.suse.com/1238877"
},
{
"category": "self",
"summary": "SUSE Bug 1238903",
"url": "https://bugzilla.suse.com/1238903"
},
{
"category": "self",
"summary": "SUSE Bug 1238904",
"url": "https://bugzilla.suse.com/1238904"
},
{
"category": "self",
"summary": "SUSE Bug 1238905",
"url": "https://bugzilla.suse.com/1238905"
},
{
"category": "self",
"summary": "SUSE Bug 1238909",
"url": "https://bugzilla.suse.com/1238909"
},
{
"category": "self",
"summary": "SUSE Bug 1238911",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "self",
"summary": "SUSE Bug 1238917",
"url": "https://bugzilla.suse.com/1238917"
},
{
"category": "self",
"summary": "SUSE Bug 1238958",
"url": "https://bugzilla.suse.com/1238958"
},
{
"category": "self",
"summary": "SUSE Bug 1238959",
"url": "https://bugzilla.suse.com/1238959"
},
{
"category": "self",
"summary": "SUSE Bug 1238961",
"url": "https://bugzilla.suse.com/1238961"
},
{
"category": "self",
"summary": "SUSE Bug 1238963",
"url": "https://bugzilla.suse.com/1238963"
},
{
"category": "self",
"summary": "SUSE Bug 1238964",
"url": "https://bugzilla.suse.com/1238964"
},
{
"category": "self",
"summary": "SUSE Bug 1238969",
"url": "https://bugzilla.suse.com/1238969"
},
{
"category": "self",
"summary": "SUSE Bug 1238970",
"url": "https://bugzilla.suse.com/1238970"
},
{
"category": "self",
"summary": "SUSE Bug 1238971",
"url": "https://bugzilla.suse.com/1238971"
},
{
"category": "self",
"summary": "SUSE Bug 1238973",
"url": "https://bugzilla.suse.com/1238973"
},
{
"category": "self",
"summary": "SUSE Bug 1238975",
"url": "https://bugzilla.suse.com/1238975"
},
{
"category": "self",
"summary": "SUSE Bug 1238978",
"url": "https://bugzilla.suse.com/1238978"
},
{
"category": "self",
"summary": "SUSE Bug 1238979",
"url": "https://bugzilla.suse.com/1238979"
},
{
"category": "self",
"summary": "SUSE Bug 1238981",
"url": "https://bugzilla.suse.com/1238981"
},
{
"category": "self",
"summary": "SUSE Bug 1238983",
"url": "https://bugzilla.suse.com/1238983"
},
{
"category": "self",
"summary": "SUSE Bug 1238984",
"url": "https://bugzilla.suse.com/1238984"
},
{
"category": "self",
"summary": "SUSE Bug 1238986",
"url": "https://bugzilla.suse.com/1238986"
},
{
"category": "self",
"summary": "SUSE Bug 1238990",
"url": "https://bugzilla.suse.com/1238990"
},
{
"category": "self",
"summary": "SUSE Bug 1238992",
"url": "https://bugzilla.suse.com/1238992"
},
{
"category": "self",
"summary": "SUSE Bug 1238993",
"url": "https://bugzilla.suse.com/1238993"
},
{
"category": "self",
"summary": "SUSE Bug 1238994",
"url": "https://bugzilla.suse.com/1238994"
},
{
"category": "self",
"summary": "SUSE Bug 1238997",
"url": "https://bugzilla.suse.com/1238997"
},
{
"category": "self",
"summary": "SUSE Bug 1239015",
"url": "https://bugzilla.suse.com/1239015"
},
{
"category": "self",
"summary": "SUSE Bug 1239016",
"url": "https://bugzilla.suse.com/1239016"
},
{
"category": "self",
"summary": "SUSE Bug 1239027",
"url": "https://bugzilla.suse.com/1239027"
},
{
"category": "self",
"summary": "SUSE Bug 1239029",
"url": "https://bugzilla.suse.com/1239029"
},
{
"category": "self",
"summary": "SUSE Bug 1239030",
"url": "https://bugzilla.suse.com/1239030"
},
{
"category": "self",
"summary": "SUSE Bug 1239033",
"url": "https://bugzilla.suse.com/1239033"
},
{
"category": "self",
"summary": "SUSE Bug 1239034",
"url": "https://bugzilla.suse.com/1239034"
},
{
"category": "self",
"summary": "SUSE Bug 1239036",
"url": "https://bugzilla.suse.com/1239036"
},
{
"category": "self",
"summary": "SUSE Bug 1239037",
"url": "https://bugzilla.suse.com/1239037"
},
{
"category": "self",
"summary": "SUSE Bug 1239038",
"url": "https://bugzilla.suse.com/1239038"
},
{
"category": "self",
"summary": "SUSE Bug 1239039",
"url": "https://bugzilla.suse.com/1239039"
},
{
"category": "self",
"summary": "SUSE Bug 1239045",
"url": "https://bugzilla.suse.com/1239045"
},
{
"category": "self",
"summary": "SUSE Bug 1239065",
"url": "https://bugzilla.suse.com/1239065"
},
{
"category": "self",
"summary": "SUSE Bug 1239066",
"url": "https://bugzilla.suse.com/1239066"
},
{
"category": "self",
"summary": "SUSE Bug 1239068",
"url": "https://bugzilla.suse.com/1239068"
},
{
"category": "self",
"summary": "SUSE Bug 1239073",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "self",
"summary": "SUSE Bug 1239076",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "self",
"summary": "SUSE Bug 1239079",
"url": "https://bugzilla.suse.com/1239079"
},
{
"category": "self",
"summary": "SUSE Bug 1239080",
"url": "https://bugzilla.suse.com/1239080"
},
{
"category": "self",
"summary": "SUSE Bug 1239085",
"url": "https://bugzilla.suse.com/1239085"
},
{
"category": "self",
"summary": "SUSE Bug 1239087",
"url": "https://bugzilla.suse.com/1239087"
},
{
"category": "self",
"summary": "SUSE Bug 1239095",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "self",
"summary": "SUSE Bug 1239104",
"url": "https://bugzilla.suse.com/1239104"
},
{
"category": "self",
"summary": "SUSE Bug 1239105",
"url": "https://bugzilla.suse.com/1239105"
},
{
"category": "self",
"summary": "SUSE Bug 1239108",
"url": "https://bugzilla.suse.com/1239108"
},
{
"category": "self",
"summary": "SUSE Bug 1239109",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "self",
"summary": "SUSE Bug 1239112",
"url": "https://bugzilla.suse.com/1239112"
},
{
"category": "self",
"summary": "SUSE Bug 1239114",
"url": "https://bugzilla.suse.com/1239114"
},
{
"category": "self",
"summary": "SUSE Bug 1239115",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "self",
"summary": "SUSE Bug 1239117",
"url": "https://bugzilla.suse.com/1239117"
},
{
"category": "self",
"summary": "SUSE Bug 1239167",
"url": "https://bugzilla.suse.com/1239167"
},
{
"category": "self",
"summary": "SUSE Bug 1239174",
"url": "https://bugzilla.suse.com/1239174"
},
{
"category": "self",
"summary": "SUSE Bug 1239346",
"url": "https://bugzilla.suse.com/1239346"
},
{
"category": "self",
"summary": "SUSE Bug 1239349",
"url": "https://bugzilla.suse.com/1239349"
},
{
"category": "self",
"summary": "SUSE Bug 1239435",
"url": "https://bugzilla.suse.com/1239435"
},
{
"category": "self",
"summary": "SUSE Bug 1239467",
"url": "https://bugzilla.suse.com/1239467"
},
{
"category": "self",
"summary": "SUSE Bug 1239468",
"url": "https://bugzilla.suse.com/1239468"
},
{
"category": "self",
"summary": "SUSE Bug 1239470",
"url": "https://bugzilla.suse.com/1239470"
},
{
"category": "self",
"summary": "SUSE Bug 1239471",
"url": "https://bugzilla.suse.com/1239471"
},
{
"category": "self",
"summary": "SUSE Bug 1239473",
"url": "https://bugzilla.suse.com/1239473"
},
{
"category": "self",
"summary": "SUSE Bug 1239474",
"url": "https://bugzilla.suse.com/1239474"
},
{
"category": "self",
"summary": "SUSE Bug 1239475",
"url": "https://bugzilla.suse.com/1239475"
},
{
"category": "self",
"summary": "SUSE Bug 1239476",
"url": "https://bugzilla.suse.com/1239476"
},
{
"category": "self",
"summary": "SUSE Bug 1239477",
"url": "https://bugzilla.suse.com/1239477"
},
{
"category": "self",
"summary": "SUSE Bug 1239478",
"url": "https://bugzilla.suse.com/1239478"
},
{
"category": "self",
"summary": "SUSE Bug 1239479",
"url": "https://bugzilla.suse.com/1239479"
},
{
"category": "self",
"summary": "SUSE Bug 1239481",
"url": "https://bugzilla.suse.com/1239481"
},
{
"category": "self",
"summary": "SUSE Bug 1239482",
"url": "https://bugzilla.suse.com/1239482"
},
{
"category": "self",
"summary": "SUSE Bug 1239483",
"url": "https://bugzilla.suse.com/1239483"
},
{
"category": "self",
"summary": "SUSE Bug 1239484",
"url": "https://bugzilla.suse.com/1239484"
},
{
"category": "self",
"summary": "SUSE Bug 1239486",
"url": "https://bugzilla.suse.com/1239486"
},
{
"category": "self",
"summary": "SUSE Bug 1239487",
"url": "https://bugzilla.suse.com/1239487"
},
{
"category": "self",
"summary": "SUSE Bug 1239508",
"url": "https://bugzilla.suse.com/1239508"
},
{
"category": "self",
"summary": "SUSE Bug 1239510",
"url": "https://bugzilla.suse.com/1239510"
},
{
"category": "self",
"summary": "SUSE Bug 1239512",
"url": "https://bugzilla.suse.com/1239512"
},
{
"category": "self",
"summary": "SUSE Bug 1239518",
"url": "https://bugzilla.suse.com/1239518"
},
{
"category": "self",
"summary": "SUSE Bug 1239573",
"url": "https://bugzilla.suse.com/1239573"
},
{
"category": "self",
"summary": "SUSE Bug 1239594",
"url": "https://bugzilla.suse.com/1239594"
},
{
"category": "self",
"summary": "SUSE Bug 1239595",
"url": "https://bugzilla.suse.com/1239595"
},
{
"category": "self",
"summary": "SUSE Bug 1239600",
"url": "https://bugzilla.suse.com/1239600"
},
{
"category": "self",
"summary": "SUSE Bug 1239605",
"url": "https://bugzilla.suse.com/1239605"
},
{
"category": "self",
"summary": "SUSE Bug 1239615",
"url": "https://bugzilla.suse.com/1239615"
},
{
"category": "self",
"summary": "SUSE Bug 1239644",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "self",
"summary": "SUSE Bug 1239684",
"url": "https://bugzilla.suse.com/1239684"
},
{
"category": "self",
"summary": "SUSE Bug 1239691",
"url": "https://bugzilla.suse.com/1239691"
},
{
"category": "self",
"summary": "SUSE Bug 1239707",
"url": "https://bugzilla.suse.com/1239707"
},
{
"category": "self",
"summary": "SUSE Bug 1239906",
"url": "https://bugzilla.suse.com/1239906"
},
{
"category": "self",
"summary": "SUSE Bug 1239925",
"url": "https://bugzilla.suse.com/1239925"
},
{
"category": "self",
"summary": "SUSE Bug 1239986",
"url": "https://bugzilla.suse.com/1239986"
},
{
"category": "self",
"summary": "SUSE Bug 1239994",
"url": "https://bugzilla.suse.com/1239994"
},
{
"category": "self",
"summary": "SUSE Bug 1239997",
"url": "https://bugzilla.suse.com/1239997"
},
{
"category": "self",
"summary": "SUSE Bug 1240167",
"url": "https://bugzilla.suse.com/1240167"
},
{
"category": "self",
"summary": "SUSE Bug 1240168",
"url": "https://bugzilla.suse.com/1240168"
},
{
"category": "self",
"summary": "SUSE Bug 1240169",
"url": "https://bugzilla.suse.com/1240169"
},
{
"category": "self",
"summary": "SUSE Bug 1240171",
"url": "https://bugzilla.suse.com/1240171"
},
{
"category": "self",
"summary": "SUSE Bug 1240172",
"url": "https://bugzilla.suse.com/1240172"
},
{
"category": "self",
"summary": "SUSE Bug 1240173",
"url": "https://bugzilla.suse.com/1240173"
},
{
"category": "self",
"summary": "SUSE Bug 1240175",
"url": "https://bugzilla.suse.com/1240175"
},
{
"category": "self",
"summary": "SUSE Bug 1240176",
"url": "https://bugzilla.suse.com/1240176"
},
{
"category": "self",
"summary": "SUSE Bug 1240177",
"url": "https://bugzilla.suse.com/1240177"
},
{
"category": "self",
"summary": "SUSE Bug 1240179",
"url": "https://bugzilla.suse.com/1240179"
},
{
"category": "self",
"summary": "SUSE Bug 1240181",
"url": "https://bugzilla.suse.com/1240181"
},
{
"category": "self",
"summary": "SUSE Bug 1240182",
"url": "https://bugzilla.suse.com/1240182"
},
{
"category": "self",
"summary": "SUSE Bug 1240183",
"url": "https://bugzilla.suse.com/1240183"
},
{
"category": "self",
"summary": "SUSE Bug 1240184",
"url": "https://bugzilla.suse.com/1240184"
},
{
"category": "self",
"summary": "SUSE Bug 1240185",
"url": "https://bugzilla.suse.com/1240185"
},
{
"category": "self",
"summary": "SUSE Bug 1240186",
"url": "https://bugzilla.suse.com/1240186"
},
{
"category": "self",
"summary": "SUSE Bug 1240188",
"url": "https://bugzilla.suse.com/1240188"
},
{
"category": "self",
"summary": "SUSE Bug 1240189",
"url": "https://bugzilla.suse.com/1240189"
},
{
"category": "self",
"summary": "SUSE Bug 1240191",
"url": "https://bugzilla.suse.com/1240191"
},
{
"category": "self",
"summary": "SUSE Bug 1240192",
"url": "https://bugzilla.suse.com/1240192"
},
{
"category": "self",
"summary": "SUSE Bug 1240333",
"url": "https://bugzilla.suse.com/1240333"
},
{
"category": "self",
"summary": "SUSE Bug 1240334",
"url": "https://bugzilla.suse.com/1240334"
},
{
"category": "self",
"summary": "SUSE Bug 1240375",
"url": "https://bugzilla.suse.com/1240375"
},
{
"category": "self",
"summary": "SUSE Bug 1240557",
"url": "https://bugzilla.suse.com/1240557"
},
{
"category": "self",
"summary": "SUSE Bug 1240575",
"url": "https://bugzilla.suse.com/1240575"
},
{
"category": "self",
"summary": "SUSE Bug 1240576",
"url": "https://bugzilla.suse.com/1240576"
},
{
"category": "self",
"summary": "SUSE Bug 1240581",
"url": "https://bugzilla.suse.com/1240581"
},
{
"category": "self",
"summary": "SUSE Bug 1240582",
"url": "https://bugzilla.suse.com/1240582"
},
{
"category": "self",
"summary": "SUSE Bug 1240583",
"url": "https://bugzilla.suse.com/1240583"
},
{
"category": "self",
"summary": "SUSE Bug 1240584",
"url": "https://bugzilla.suse.com/1240584"
},
{
"category": "self",
"summary": "SUSE Bug 1240585",
"url": "https://bugzilla.suse.com/1240585"
},
{
"category": "self",
"summary": "SUSE Bug 1240587",
"url": "https://bugzilla.suse.com/1240587"
},
{
"category": "self",
"summary": "SUSE Bug 1240590",
"url": "https://bugzilla.suse.com/1240590"
},
{
"category": "self",
"summary": "SUSE Bug 1240591",
"url": "https://bugzilla.suse.com/1240591"
},
{
"category": "self",
"summary": "SUSE Bug 1240592",
"url": "https://bugzilla.suse.com/1240592"
},
{
"category": "self",
"summary": "SUSE Bug 1240593",
"url": "https://bugzilla.suse.com/1240593"
},
{
"category": "self",
"summary": "SUSE Bug 1240594",
"url": "https://bugzilla.suse.com/1240594"
},
{
"category": "self",
"summary": "SUSE Bug 1240595",
"url": "https://bugzilla.suse.com/1240595"
},
{
"category": "self",
"summary": "SUSE Bug 1240596",
"url": "https://bugzilla.suse.com/1240596"
},
{
"category": "self",
"summary": "SUSE Bug 1240600",
"url": "https://bugzilla.suse.com/1240600"
},
{
"category": "self",
"summary": "SUSE Bug 1240612",
"url": "https://bugzilla.suse.com/1240612"
},
{
"category": "self",
"summary": "SUSE Bug 1240616",
"url": "https://bugzilla.suse.com/1240616"
},
{
"category": "self",
"summary": "SUSE Bug 1240639",
"url": "https://bugzilla.suse.com/1240639"
},
{
"category": "self",
"summary": "SUSE Bug 1240643",
"url": "https://bugzilla.suse.com/1240643"
},
{
"category": "self",
"summary": "SUSE Bug 1240647",
"url": "https://bugzilla.suse.com/1240647"
},
{
"category": "self",
"summary": "SUSE Bug 1240691",
"url": "https://bugzilla.suse.com/1240691"
},
{
"category": "self",
"summary": "SUSE Bug 1240700",
"url": "https://bugzilla.suse.com/1240700"
},
{
"category": "self",
"summary": "SUSE Bug 1240701",
"url": "https://bugzilla.suse.com/1240701"
},
{
"category": "self",
"summary": "SUSE Bug 1240703",
"url": "https://bugzilla.suse.com/1240703"
},
{
"category": "self",
"summary": "SUSE Bug 1240708",
"url": "https://bugzilla.suse.com/1240708"
},
{
"category": "self",
"summary": "SUSE Bug 1240709",
"url": "https://bugzilla.suse.com/1240709"
},
{
"category": "self",
"summary": "SUSE Bug 1240712",
"url": "https://bugzilla.suse.com/1240712"
},
{
"category": "self",
"summary": "SUSE Bug 1240713",
"url": "https://bugzilla.suse.com/1240713"
},
{
"category": "self",
"summary": "SUSE Bug 1240714",
"url": "https://bugzilla.suse.com/1240714"
},
{
"category": "self",
"summary": "SUSE Bug 1240715",
"url": "https://bugzilla.suse.com/1240715"
},
{
"category": "self",
"summary": "SUSE Bug 1240716",
"url": "https://bugzilla.suse.com/1240716"
},
{
"category": "self",
"summary": "SUSE Bug 1240717",
"url": "https://bugzilla.suse.com/1240717"
},
{
"category": "self",
"summary": "SUSE Bug 1240718",
"url": "https://bugzilla.suse.com/1240718"
},
{
"category": "self",
"summary": "SUSE Bug 1240719",
"url": "https://bugzilla.suse.com/1240719"
},
{
"category": "self",
"summary": "SUSE Bug 1240720",
"url": "https://bugzilla.suse.com/1240720"
},
{
"category": "self",
"summary": "SUSE Bug 1240722",
"url": "https://bugzilla.suse.com/1240722"
},
{
"category": "self",
"summary": "SUSE Bug 1240727",
"url": "https://bugzilla.suse.com/1240727"
},
{
"category": "self",
"summary": "SUSE Bug 1240739",
"url": "https://bugzilla.suse.com/1240739"
},
{
"category": "self",
"summary": "SUSE Bug 1240740",
"url": "https://bugzilla.suse.com/1240740"
},
{
"category": "self",
"summary": "SUSE Bug 1240742",
"url": "https://bugzilla.suse.com/1240742"
},
{
"category": "self",
"summary": "SUSE Bug 1240779",
"url": "https://bugzilla.suse.com/1240779"
},
{
"category": "self",
"summary": "SUSE Bug 1240783",
"url": "https://bugzilla.suse.com/1240783"
},
{
"category": "self",
"summary": "SUSE Bug 1240784",
"url": "https://bugzilla.suse.com/1240784"
},
{
"category": "self",
"summary": "SUSE Bug 1240785",
"url": "https://bugzilla.suse.com/1240785"
},
{
"category": "self",
"summary": "SUSE Bug 1240795",
"url": "https://bugzilla.suse.com/1240795"
},
{
"category": "self",
"summary": "SUSE Bug 1240796",
"url": "https://bugzilla.suse.com/1240796"
},
{
"category": "self",
"summary": "SUSE Bug 1240797",
"url": "https://bugzilla.suse.com/1240797"
},
{
"category": "self",
"summary": "SUSE Bug 1240799",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "self",
"summary": "SUSE Bug 1240801",
"url": "https://bugzilla.suse.com/1240801"
},
{
"category": "self",
"summary": "SUSE Bug 1240802",
"url": "https://bugzilla.suse.com/1240802"
},
{
"category": "self",
"summary": "SUSE Bug 1240806",
"url": "https://bugzilla.suse.com/1240806"
},
{
"category": "self",
"summary": "SUSE Bug 1240808",
"url": "https://bugzilla.suse.com/1240808"
},
{
"category": "self",
"summary": "SUSE Bug 1240809",
"url": "https://bugzilla.suse.com/1240809"
},
{
"category": "self",
"summary": "SUSE Bug 1240811",
"url": "https://bugzilla.suse.com/1240811"
},
{
"category": "self",
"summary": "SUSE Bug 1240812",
"url": "https://bugzilla.suse.com/1240812"
},
{
"category": "self",
"summary": "SUSE Bug 1240813",
"url": "https://bugzilla.suse.com/1240813"
},
{
"category": "self",
"summary": "SUSE Bug 1240815",
"url": "https://bugzilla.suse.com/1240815"
},
{
"category": "self",
"summary": "SUSE Bug 1240816",
"url": "https://bugzilla.suse.com/1240816"
},
{
"category": "self",
"summary": "SUSE Bug 1240819",
"url": "https://bugzilla.suse.com/1240819"
},
{
"category": "self",
"summary": "SUSE Bug 1240821",
"url": "https://bugzilla.suse.com/1240821"
},
{
"category": "self",
"summary": "SUSE Bug 1240825",
"url": "https://bugzilla.suse.com/1240825"
},
{
"category": "self",
"summary": "SUSE Bug 1240829",
"url": "https://bugzilla.suse.com/1240829"
},
{
"category": "self",
"summary": "SUSE Bug 1240835",
"url": "https://bugzilla.suse.com/1240835"
},
{
"category": "self",
"summary": "SUSE Bug 1240873",
"url": "https://bugzilla.suse.com/1240873"
},
{
"category": "self",
"summary": "SUSE Bug 1240934",
"url": "https://bugzilla.suse.com/1240934"
},
{
"category": "self",
"summary": "SUSE Bug 1240936",
"url": "https://bugzilla.suse.com/1240936"
},
{
"category": "self",
"summary": "SUSE Bug 1240937",
"url": "https://bugzilla.suse.com/1240937"
},
{
"category": "self",
"summary": "SUSE Bug 1240938",
"url": "https://bugzilla.suse.com/1240938"
},
{
"category": "self",
"summary": "SUSE Bug 1240940",
"url": "https://bugzilla.suse.com/1240940"
},
{
"category": "self",
"summary": "SUSE Bug 1240942",
"url": "https://bugzilla.suse.com/1240942"
},
{
"category": "self",
"summary": "SUSE Bug 1240943",
"url": "https://bugzilla.suse.com/1240943"
},
{
"category": "self",
"summary": "SUSE Bug 1240944",
"url": "https://bugzilla.suse.com/1240944"
},
{
"category": "self",
"summary": "SUSE Bug 1240966",
"url": "https://bugzilla.suse.com/1240966"
},
{
"category": "self",
"summary": "SUSE Bug 1240978",
"url": "https://bugzilla.suse.com/1240978"
},
{
"category": "self",
"summary": "SUSE Bug 1240979",
"url": "https://bugzilla.suse.com/1240979"
},
{
"category": "self",
"summary": "SUSE Bug 1241010",
"url": "https://bugzilla.suse.com/1241010"
},
{
"category": "self",
"summary": "SUSE Bug 1241038",
"url": "https://bugzilla.suse.com/1241038"
},
{
"category": "self",
"summary": "SUSE Bug 1241051",
"url": "https://bugzilla.suse.com/1241051"
},
{
"category": "self",
"summary": "SUSE Bug 1241123",
"url": "https://bugzilla.suse.com/1241123"
},
{
"category": "self",
"summary": "SUSE Bug 1241148",
"url": "https://bugzilla.suse.com/1241148"
},
{
"category": "self",
"summary": "SUSE Bug 1241151",
"url": "https://bugzilla.suse.com/1241151"
},
{
"category": "self",
"summary": "SUSE Bug 1241167",
"url": "https://bugzilla.suse.com/1241167"
},
{
"category": "self",
"summary": "SUSE Bug 1241175",
"url": "https://bugzilla.suse.com/1241175"
},
{
"category": "self",
"summary": "SUSE Bug 1241204",
"url": "https://bugzilla.suse.com/1241204"
},
{
"category": "self",
"summary": "SUSE Bug 1241250",
"url": "https://bugzilla.suse.com/1241250"
},
{
"category": "self",
"summary": "SUSE Bug 1241265",
"url": "https://bugzilla.suse.com/1241265"
},
{
"category": "self",
"summary": "SUSE Bug 1241266",
"url": "https://bugzilla.suse.com/1241266"
},
{
"category": "self",
"summary": "SUSE Bug 1241280",
"url": "https://bugzilla.suse.com/1241280"
},
{
"category": "self",
"summary": "SUSE Bug 1241282",
"url": "https://bugzilla.suse.com/1241282"
},
{
"category": "self",
"summary": "SUSE Bug 1241305",
"url": "https://bugzilla.suse.com/1241305"
},
{
"category": "self",
"summary": "SUSE Bug 1241332",
"url": "https://bugzilla.suse.com/1241332"
},
{
"category": "self",
"summary": "SUSE Bug 1241333",
"url": "https://bugzilla.suse.com/1241333"
},
{
"category": "self",
"summary": "SUSE Bug 1241341",
"url": "https://bugzilla.suse.com/1241341"
},
{
"category": "self",
"summary": "SUSE Bug 1241343",
"url": "https://bugzilla.suse.com/1241343"
},
{
"category": "self",
"summary": "SUSE Bug 1241344",
"url": "https://bugzilla.suse.com/1241344"
},
{
"category": "self",
"summary": "SUSE Bug 1241347",
"url": "https://bugzilla.suse.com/1241347"
},
{
"category": "self",
"summary": "SUSE Bug 1241351",
"url": "https://bugzilla.suse.com/1241351"
},
{
"category": "self",
"summary": "SUSE Bug 1241357",
"url": "https://bugzilla.suse.com/1241357"
},
{
"category": "self",
"summary": "SUSE Bug 1241361",
"url": "https://bugzilla.suse.com/1241361"
},
{
"category": "self",
"summary": "SUSE Bug 1241369",
"url": "https://bugzilla.suse.com/1241369"
},
{
"category": "self",
"summary": "SUSE Bug 1241371",
"url": "https://bugzilla.suse.com/1241371"
},
{
"category": "self",
"summary": "SUSE Bug 1241373",
"url": "https://bugzilla.suse.com/1241373"
},
{
"category": "self",
"summary": "SUSE Bug 1241376",
"url": "https://bugzilla.suse.com/1241376"
},
{
"category": "self",
"summary": "SUSE Bug 1241378",
"url": "https://bugzilla.suse.com/1241378"
},
{
"category": "self",
"summary": "SUSE Bug 1241394",
"url": "https://bugzilla.suse.com/1241394"
},
{
"category": "self",
"summary": "SUSE Bug 1241402",
"url": "https://bugzilla.suse.com/1241402"
},
{
"category": "self",
"summary": "SUSE Bug 1241412",
"url": "https://bugzilla.suse.com/1241412"
},
{
"category": "self",
"summary": "SUSE Bug 1241413",
"url": "https://bugzilla.suse.com/1241413"
},
{
"category": "self",
"summary": "SUSE Bug 1241416",
"url": "https://bugzilla.suse.com/1241416"
},
{
"category": "self",
"summary": "SUSE Bug 1241424",
"url": "https://bugzilla.suse.com/1241424"
},
{
"category": "self",
"summary": "SUSE Bug 1241426",
"url": "https://bugzilla.suse.com/1241426"
},
{
"category": "self",
"summary": "SUSE Bug 1241433",
"url": "https://bugzilla.suse.com/1241433"
},
{
"category": "self",
"summary": "SUSE Bug 1241436",
"url": "https://bugzilla.suse.com/1241436"
},
{
"category": "self",
"summary": "SUSE Bug 1241441",
"url": "https://bugzilla.suse.com/1241441"
},
{
"category": "self",
"summary": "SUSE Bug 1241442",
"url": "https://bugzilla.suse.com/1241442"
},
{
"category": "self",
"summary": "SUSE Bug 1241443",
"url": "https://bugzilla.suse.com/1241443"
},
{
"category": "self",
"summary": "SUSE Bug 1241448",
"url": "https://bugzilla.suse.com/1241448"
},
{
"category": "self",
"summary": "SUSE Bug 1241451",
"url": "https://bugzilla.suse.com/1241451"
},
{
"category": "self",
"summary": "SUSE Bug 1241452",
"url": "https://bugzilla.suse.com/1241452"
},
{
"category": "self",
"summary": "SUSE Bug 1241456",
"url": "https://bugzilla.suse.com/1241456"
},
{
"category": "self",
"summary": "SUSE Bug 1241458",
"url": "https://bugzilla.suse.com/1241458"
},
{
"category": "self",
"summary": "SUSE Bug 1241459",
"url": "https://bugzilla.suse.com/1241459"
},
{
"category": "self",
"summary": "SUSE Bug 1241492",
"url": "https://bugzilla.suse.com/1241492"
},
{
"category": "self",
"summary": "SUSE Bug 1241525",
"url": "https://bugzilla.suse.com/1241525"
},
{
"category": "self",
"summary": "SUSE Bug 1241526",
"url": "https://bugzilla.suse.com/1241526"
},
{
"category": "self",
"summary": "SUSE Bug 1241528",
"url": "https://bugzilla.suse.com/1241528"
},
{
"category": "self",
"summary": "SUSE Bug 1241533",
"url": "https://bugzilla.suse.com/1241533"
},
{
"category": "self",
"summary": "SUSE Bug 1241537",
"url": "https://bugzilla.suse.com/1241537"
},
{
"category": "self",
"summary": "SUSE Bug 1241541",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "self",
"summary": "SUSE Bug 1241545",
"url": "https://bugzilla.suse.com/1241545"
},
{
"category": "self",
"summary": "SUSE Bug 1241547",
"url": "https://bugzilla.suse.com/1241547"
},
{
"category": "self",
"summary": "SUSE Bug 1241548",
"url": "https://bugzilla.suse.com/1241548"
},
{
"category": "self",
"summary": "SUSE Bug 1241550",
"url": "https://bugzilla.suse.com/1241550"
},
{
"category": "self",
"summary": "SUSE Bug 1241573",
"url": "https://bugzilla.suse.com/1241573"
},
{
"category": "self",
"summary": "SUSE Bug 1241574",
"url": "https://bugzilla.suse.com/1241574"
},
{
"category": "self",
"summary": "SUSE Bug 1241575",
"url": "https://bugzilla.suse.com/1241575"
},
{
"category": "self",
"summary": "SUSE Bug 1241578",
"url": "https://bugzilla.suse.com/1241578"
},
{
"category": "self",
"summary": "SUSE Bug 1241590",
"url": "https://bugzilla.suse.com/1241590"
},
{
"category": "self",
"summary": "SUSE Bug 1241593",
"url": "https://bugzilla.suse.com/1241593"
},
{
"category": "self",
"summary": "SUSE Bug 1241596",
"url": "https://bugzilla.suse.com/1241596"
},
{
"category": "self",
"summary": "SUSE Bug 1241597",
"url": "https://bugzilla.suse.com/1241597"
},
{
"category": "self",
"summary": "SUSE Bug 1241598",
"url": "https://bugzilla.suse.com/1241598"
},
{
"category": "self",
"summary": "SUSE Bug 1241599",
"url": "https://bugzilla.suse.com/1241599"
},
{
"category": "self",
"summary": "SUSE Bug 1241601",
"url": "https://bugzilla.suse.com/1241601"
},
{
"category": "self",
"summary": "SUSE Bug 1241626",
"url": "https://bugzilla.suse.com/1241626"
},
{
"category": "self",
"summary": "SUSE Bug 1241627",
"url": "https://bugzilla.suse.com/1241627"
},
{
"category": "self",
"summary": "SUSE Bug 1241638",
"url": "https://bugzilla.suse.com/1241638"
},
{
"category": "self",
"summary": "SUSE Bug 1241640",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "self",
"summary": "SUSE Bug 1241648",
"url": "https://bugzilla.suse.com/1241648"
},
{
"category": "self",
"summary": "SUSE Bug 1241657",
"url": "https://bugzilla.suse.com/1241657"
},
{
"category": "self",
"summary": "SUSE Bug 1242006",
"url": "https://bugzilla.suse.com/1242006"
},
{
"category": "self",
"summary": "SUSE Bug 1242012",
"url": "https://bugzilla.suse.com/1242012"
},
{
"category": "self",
"summary": "SUSE Bug 1242044",
"url": "https://bugzilla.suse.com/1242044"
},
{
"category": "self",
"summary": "SUSE Bug 1242172",
"url": "https://bugzilla.suse.com/1242172"
},
{
"category": "self",
"summary": "SUSE Bug 1242203",
"url": "https://bugzilla.suse.com/1242203"
},
{
"category": "self",
"summary": "SUSE Bug 1242283",
"url": "https://bugzilla.suse.com/1242283"
},
{
"category": "self",
"summary": "SUSE Bug 1242307",
"url": "https://bugzilla.suse.com/1242307"
},
{
"category": "self",
"summary": "SUSE Bug 1242313",
"url": "https://bugzilla.suse.com/1242313"
},
{
"category": "self",
"summary": "SUSE Bug 1242314",
"url": "https://bugzilla.suse.com/1242314"
},
{
"category": "self",
"summary": "SUSE Bug 1242315",
"url": "https://bugzilla.suse.com/1242315"
},
{
"category": "self",
"summary": "SUSE Bug 1242321",
"url": "https://bugzilla.suse.com/1242321"
},
{
"category": "self",
"summary": "SUSE Bug 1242326",
"url": "https://bugzilla.suse.com/1242326"
},
{
"category": "self",
"summary": "SUSE Bug 1242327",
"url": "https://bugzilla.suse.com/1242327"
},
{
"category": "self",
"summary": "SUSE Bug 1242328",
"url": "https://bugzilla.suse.com/1242328"
},
{
"category": "self",
"summary": "SUSE Bug 1242332",
"url": "https://bugzilla.suse.com/1242332"
},
{
"category": "self",
"summary": "SUSE Bug 1242333",
"url": "https://bugzilla.suse.com/1242333"
},
{
"category": "self",
"summary": "SUSE Bug 1242335",
"url": "https://bugzilla.suse.com/1242335"
},
{
"category": "self",
"summary": "SUSE Bug 1242336",
"url": "https://bugzilla.suse.com/1242336"
},
{
"category": "self",
"summary": "SUSE Bug 1242342",
"url": "https://bugzilla.suse.com/1242342"
},
{
"category": "self",
"summary": "SUSE Bug 1242343",
"url": "https://bugzilla.suse.com/1242343"
},
{
"category": "self",
"summary": "SUSE Bug 1242344",
"url": "https://bugzilla.suse.com/1242344"
},
{
"category": "self",
"summary": "SUSE Bug 1242345",
"url": "https://bugzilla.suse.com/1242345"
},
{
"category": "self",
"summary": "SUSE Bug 1242346",
"url": "https://bugzilla.suse.com/1242346"
},
{
"category": "self",
"summary": "SUSE Bug 1242347",
"url": "https://bugzilla.suse.com/1242347"
},
{
"category": "self",
"summary": "SUSE Bug 1242348",
"url": "https://bugzilla.suse.com/1242348"
},
{
"category": "self",
"summary": "SUSE Bug 1242414",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "self",
"summary": "SUSE Bug 1242417",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "self",
"summary": "SUSE Bug 1242502",
"url": "https://bugzilla.suse.com/1242502"
},
{
"category": "self",
"summary": "SUSE Bug 1242506",
"url": "https://bugzilla.suse.com/1242506"
},
{
"category": "self",
"summary": "SUSE Bug 1242507",
"url": "https://bugzilla.suse.com/1242507"
},
{
"category": "self",
"summary": "SUSE Bug 1242509",
"url": "https://bugzilla.suse.com/1242509"
},
{
"category": "self",
"summary": "SUSE Bug 1242510",
"url": "https://bugzilla.suse.com/1242510"
},
{
"category": "self",
"summary": "SUSE Bug 1242513",
"url": "https://bugzilla.suse.com/1242513"
},
{
"category": "self",
"summary": "SUSE Bug 1242523",
"url": "https://bugzilla.suse.com/1242523"
},
{
"category": "self",
"summary": "SUSE Bug 1242526",
"url": "https://bugzilla.suse.com/1242526"
},
{
"category": "self",
"summary": "SUSE Bug 1242528",
"url": "https://bugzilla.suse.com/1242528"
},
{
"category": "self",
"summary": "SUSE Bug 1242534",
"url": "https://bugzilla.suse.com/1242534"
},
{
"category": "self",
"summary": "SUSE Bug 1242535",
"url": "https://bugzilla.suse.com/1242535"
},
{
"category": "self",
"summary": "SUSE Bug 1242536",
"url": "https://bugzilla.suse.com/1242536"
},
{
"category": "self",
"summary": "SUSE Bug 1242537",
"url": "https://bugzilla.suse.com/1242537"
},
{
"category": "self",
"summary": "SUSE Bug 1242538",
"url": "https://bugzilla.suse.com/1242538"
},
{
"category": "self",
"summary": "SUSE Bug 1242539",
"url": "https://bugzilla.suse.com/1242539"
},
{
"category": "self",
"summary": "SUSE Bug 1242540",
"url": "https://bugzilla.suse.com/1242540"
},
{
"category": "self",
"summary": "SUSE Bug 1242546",
"url": "https://bugzilla.suse.com/1242546"
},
{
"category": "self",
"summary": "SUSE Bug 1242556",
"url": "https://bugzilla.suse.com/1242556"
},
{
"category": "self",
"summary": "SUSE Bug 1242585",
"url": "https://bugzilla.suse.com/1242585"
},
{
"category": "self",
"summary": "SUSE Bug 1242596",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "self",
"summary": "SUSE Bug 1242710",
"url": "https://bugzilla.suse.com/1242710"
},
{
"category": "self",
"summary": "SUSE Bug 1242762",
"url": "https://bugzilla.suse.com/1242762"
},
{
"category": "self",
"summary": "SUSE Bug 1242763",
"url": "https://bugzilla.suse.com/1242763"
},
{
"category": "self",
"summary": "SUSE Bug 1242778",
"url": "https://bugzilla.suse.com/1242778"
},
{
"category": "self",
"summary": "SUSE Bug 1242786",
"url": "https://bugzilla.suse.com/1242786"
},
{
"category": "self",
"summary": "SUSE Bug 1242831",
"url": "https://bugzilla.suse.com/1242831"
},
{
"category": "self",
"summary": "SUSE Bug 1242852",
"url": "https://bugzilla.suse.com/1242852"
},
{
"category": "self",
"summary": "SUSE Bug 1242854",
"url": "https://bugzilla.suse.com/1242854"
},
{
"category": "self",
"summary": "SUSE Bug 1242856",
"url": "https://bugzilla.suse.com/1242856"
},
{
"category": "self",
"summary": "SUSE Bug 1242859",
"url": "https://bugzilla.suse.com/1242859"
},
{
"category": "self",
"summary": "SUSE Bug 1242860",
"url": "https://bugzilla.suse.com/1242860"
},
{
"category": "self",
"summary": "SUSE Bug 1242861",
"url": "https://bugzilla.suse.com/1242861"
},
{
"category": "self",
"summary": "SUSE Bug 1242866",
"url": "https://bugzilla.suse.com/1242866"
},
{
"category": "self",
"summary": "SUSE Bug 1242867",
"url": "https://bugzilla.suse.com/1242867"
},
{
"category": "self",
"summary": "SUSE Bug 1242868",
"url": "https://bugzilla.suse.com/1242868"
},
{
"category": "self",
"summary": "SUSE Bug 1242875",
"url": "https://bugzilla.suse.com/1242875"
},
{
"category": "self",
"summary": "SUSE Bug 1242924",
"url": "https://bugzilla.suse.com/1242924"
},
{
"category": "self",
"summary": "SUSE Bug 1242944",
"url": "https://bugzilla.suse.com/1242944"
},
{
"category": "self",
"summary": "SUSE Bug 1242951",
"url": "https://bugzilla.suse.com/1242951"
},
{
"category": "self",
"summary": "SUSE Bug 1242962",
"url": "https://bugzilla.suse.com/1242962"
},
{
"category": "self",
"summary": "SUSE Bug 1242985",
"url": "https://bugzilla.suse.com/1242985"
},
{
"category": "self",
"summary": "SUSE Bug 1242993",
"url": "https://bugzilla.suse.com/1242993"
},
{
"category": "self",
"summary": "SUSE Bug 1243044",
"url": "https://bugzilla.suse.com/1243044"
},
{
"category": "self",
"summary": "SUSE Bug 1243056",
"url": "https://bugzilla.suse.com/1243056"
},
{
"category": "self",
"summary": "SUSE Bug 1243077",
"url": "https://bugzilla.suse.com/1243077"
},
{
"category": "self",
"summary": "SUSE Bug 1243090",
"url": "https://bugzilla.suse.com/1243090"
},
{
"category": "self",
"summary": "SUSE Bug 1243342",
"url": "https://bugzilla.suse.com/1243342"
},
{
"category": "self",
"summary": "SUSE Bug 1243519",
"url": "https://bugzilla.suse.com/1243519"
},
{
"category": "self",
"summary": "SUSE Bug 1243539",
"url": "https://bugzilla.suse.com/1243539"
},
{
"category": "self",
"summary": "SUSE Bug 1243541",
"url": "https://bugzilla.suse.com/1243541"
},
{
"category": "self",
"summary": "SUSE Bug 1243547",
"url": "https://bugzilla.suse.com/1243547"
},
{
"category": "self",
"summary": "SUSE Bug 1243657",
"url": "https://bugzilla.suse.com/1243657"
},
{
"category": "self",
"summary": "SUSE Bug 1243658",
"url": "https://bugzilla.suse.com/1243658"
},
{
"category": "self",
"summary": "SUSE Bug 1243737",
"url": "https://bugzilla.suse.com/1243737"
},
{
"category": "self",
"summary": "SUSE Bug 1243805",
"url": "https://bugzilla.suse.com/1243805"
},
{
"category": "self",
"summary": "SUSE Bug 1243963",
"url": "https://bugzilla.suse.com/1243963"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52831 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52926 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52927 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53034 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26873 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27415 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-28956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-28956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35840 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38606 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38606/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41149 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41149/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-42307 page",
"url": "https://www.suse.com/security/cve/CVE-2024-42307/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43820 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-43869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-43869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46713 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46736 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46763 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46782 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-46865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-46865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-47794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-47794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-49994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-49994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50036 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50038 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50106 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50126 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50152 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50162 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50223 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50223/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50290 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-50294 page",
"url": "https://www.suse.com/security/cve/CVE-2024-50294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-52559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-52559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53124 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53135 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53135/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53139 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53163 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53176 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53177 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53177/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53178 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53178/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53680 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54458 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-54683 page",
"url": "https://www.suse.com/security/cve/CVE-2024-54683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56640 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56702 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56703 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56718 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56719 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56751 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56770 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57980 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-57999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-57999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58001 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58034 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58034/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58055 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58058 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58061 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58063 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58069 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58069/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58070 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58071 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58079 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58083 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58086 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58093 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58094 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58095 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58095/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58096 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58097 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21631 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21635 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21648 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21671 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21683 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21693 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21696 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21704 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21706 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21706/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21707 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21708 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21714 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21715 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21715/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21716 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21716/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21719 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21719/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21723 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21723/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21724 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21726 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21727 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21729 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21731 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21733 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21734 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21735 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21736 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21739 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21741 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21742 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21743 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21743/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21745 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21745/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21758 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21759 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21760 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21761 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21762 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21763 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21765 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21767 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21768 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21772 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21775 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21776 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21779 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21781 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21784 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21791 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21792 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21793 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21796 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21802 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21806 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21808 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21810 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21814 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21815 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21819 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21821 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21828 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21832 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21836 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21844 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21846 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21847 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21848 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21850 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21852 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21853 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21854 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21855 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21856 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21858 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21859 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21861 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21862 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21863 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21864 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21867 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21871 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21873 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21875 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21877 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21878 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21883 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21884 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21888 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21888/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21889 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21891 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21892 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21894 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21895 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21904 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21905 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21906 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21908 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21909 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21910 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21912 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21915 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21916 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21917 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21918 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21919 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21922 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21923 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21924 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21925 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21926 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21927 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21928 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21930 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21935 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21936 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21941 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21943 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21950 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21951 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21953 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21956 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21961 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21962 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21963 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21964 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21966 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21971 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21975 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21979 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21980 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21980/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21991 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21992 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21993 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21999 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22001 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22003 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22004 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22007 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22008 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22009 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22014 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22015 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22016 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22017 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22021 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22027 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22029 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22030 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22033 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22033/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22036 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22045 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22050 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22050/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22053 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22055 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22055/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22057 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22062 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22063 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22063/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22064 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22065 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22070 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22075 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22086 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22086/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22090 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22093 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22097 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22102 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22102/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22103 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22103/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22104 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22104/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22105 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22106 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22107 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22107/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22108 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22108/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22109 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22115 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22115/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22116 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22116/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22121 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22121/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22125 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22125/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22126 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22126/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22128 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22128/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-2312 page",
"url": "https://www.suse.com/security/cve/CVE-2025-2312/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23129 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23129/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23131 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23136 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23136/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23138 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23145 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23150 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-23160 page",
"url": "https://www.suse.com/security/cve/CVE-2025-23160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37748 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37750 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37755 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37755/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37780 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37785 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37789 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37790 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37798 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37799 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37803 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37804 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37809 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37820 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37820/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37824 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37829 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37831 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37833 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37860 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37870 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37879 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37886 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37887 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37958 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37960 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-37974 page",
"url": "https://www.suse.com/security/cve/CVE-2025-37974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38152 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38637 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38637/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39728 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40325 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40325/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-06-12T06:29:09Z",
"generator": {
"date": "2025-06-12T06:29:09Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:01919-1",
"initial_release_date": "2025-06-12T06:29:09Z",
"revision_history": [
{
"date": "2025-06-12T06:29:09Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"product": {
"name": "kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"product_id": "kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"product": {
"name": "kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"product_id": "kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "cluster-md-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "cluster-md-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "dlm-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "dlm-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "gfs2-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "gfs2-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-extra-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-extra-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-coco-extra-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-livepatch-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-livepatch-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-coco-livepatch-devel-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-optional-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-optional-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-coco-optional-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco-vdso-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco-vdso-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-coco-vdso-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-coco_debug-vdso-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-coco_debug-vdso-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-coco_debug-vdso-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "kselftests-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "kselftests-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "ocfs2-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "ocfs2-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product": {
"name": "reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"product_id": "reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-confidential-computing:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
},
"product_reference": "kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64"
},
"product_reference": "kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64"
},
"product_reference": "kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64"
},
"product_reference": "kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch"
},
"product_reference": "kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch"
},
"product_reference": "kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
},
"product_reference": "kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64 as component of SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
},
"product_reference": "reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-52831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don\u0027t offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n rebuild_sched_domains_locked()\n ndoms = generate_sched_domains(\u0026doms, \u0026attr);\n cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52831",
"url": "https://www.suse.com/security/cve/CVE-2023-52831"
},
{
"category": "external",
"summary": "SUSE Bug 1225533 for CVE-2023-52831",
"url": "https://bugzilla.suse.com/1225533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIORING_OP_READ did not correctly consume the provided buffer list when\nread i/o returned \u003c 0 (except for -EAGAIN and -EIOCBQUEUED return).\nThis can lead to a potential use-after-free when the completion via\nio_rw_done runs at separate context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52926",
"url": "https://www.suse.com/security/cve/CVE-2023-52926"
},
{
"category": "external",
"summary": "SUSE Bug 1237565 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237565"
},
{
"category": "external",
"summary": "SUSE Bug 1237567 for CVE-2023-52926",
"url": "https://bugzilla.suse.com/1237567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: allow exp not to be removed in nf_ct_find_expectation\n\nCurrently nf_conntrack_in() calling nf_ct_find_expectation() will\nremove the exp from the hash table. However, in some scenario, we\nexpect the exp not to be removed when the created ct will not be\nconfirmed, like in OVS and TC conntrack in the following patches.\n\nThis patch allows exp not to be removed by setting IPS_CONFIRMED\nin the status of the tmpl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52927",
"url": "https://www.suse.com/security/cve/CVE-2023-52927"
},
{
"category": "external",
"summary": "SUSE Bug 1239644 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1239644"
},
{
"category": "external",
"summary": "SUSE Bug 1246016 for CVE-2023-52927",
"url": "https://bugzilla.suse.com/1246016"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2023-53034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans\n\nThere is a kernel API ntb_mw_clear_trans() would pass 0 to both addr and\nsize. This would make xlate_pos negative.\n\n[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000\n[ 23.734158] ================================================================================\n[ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntb_hw_switchtec.c:293:7\n[ 23.734418] shift exponent -1 is negative\n\nEnsuring xlate_pos is a positive or zero before BIT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53034",
"url": "https://www.suse.com/security/cve/CVE-2023-53034"
},
{
"category": "external",
"summary": "SUSE Bug 1241341 for CVE-2023-53034",
"url": "https://bugzilla.suse.com/1241341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2023-53034"
},
{
"cve": "CVE-2024-26634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix removing a namespace with conflicting altnames\n\nMark reports a BUG() when a net namespace is removed.\n\n kernel BUG at net/core/dev.c:11520!\n\nPhysical interfaces moved outside of init_net get \"refunded\"\nto init_net when that namespace disappears. The main interface\nname may get overwritten in the process if it would have\nconflicted. We need to also discard all conflicting altnames.\nRecent fixes addressed ensuring that altnames get moved\nwith the main interface, which surfaced this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26634",
"url": "https://www.suse.com/security/cve/CVE-2024-26634"
},
{
"category": "external",
"summary": "SUSE Bug 1221651 for CVE-2024-26634",
"url": "https://bugzilla.suse.com/1221651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix a deadlock issue related to automatic dump\n\nIf we issue a disabling PHY command, the device attached with it will go\noffline, if a 2 bit ECC error occurs at the same time, a hung task may be\nfound:\n\n[ 4613.652388] INFO: task kworker/u256:0:165233 blocked for more than 120 seconds.\n[ 4613.666297] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.674809] task:kworker/u256:0 state:D stack: 0 pid:165233 ppid: 2 flags:0x00000208\n[ 4613.683959] Workqueue: 0000:74:02.0_disco_q sas_revalidate_domain [libsas]\n[ 4613.691518] Call trace:\n[ 4613.694678] __switch_to+0xf8/0x17c\n[ 4613.698872] __schedule+0x660/0xee0\n[ 4613.703063] schedule+0xac/0x240\n[ 4613.706994] schedule_timeout+0x500/0x610\n[ 4613.711705] __down+0x128/0x36c\n[ 4613.715548] down+0x240/0x2d0\n[ 4613.719221] hisi_sas_internal_abort_timeout+0x1bc/0x260 [hisi_sas_main]\n[ 4613.726618] sas_execute_internal_abort+0x144/0x310 [libsas]\n[ 4613.732976] sas_execute_internal_abort_dev+0x44/0x60 [libsas]\n[ 4613.739504] hisi_sas_internal_task_abort_dev.isra.0+0xbc/0x1b0 [hisi_sas_main]\n[ 4613.747499] hisi_sas_dev_gone+0x174/0x250 [hisi_sas_main]\n[ 4613.753682] sas_notify_lldd_dev_gone+0xec/0x2e0 [libsas]\n[ 4613.759781] sas_unregister_common_dev+0x4c/0x7a0 [libsas]\n[ 4613.765962] sas_destruct_devices+0xb8/0x120 [libsas]\n[ 4613.771709] sas_do_revalidate_domain.constprop.0+0x1b8/0x31c [libsas]\n[ 4613.778930] sas_revalidate_domain+0x60/0xa4 [libsas]\n[ 4613.784716] process_one_work+0x248/0x950\n[ 4613.789424] worker_thread+0x318/0x934\n[ 4613.793878] kthread+0x190/0x200\n[ 4613.797810] ret_from_fork+0x10/0x18\n[ 4613.802121] INFO: task kworker/u256:4:316722 blocked for more than 120 seconds.\n[ 4613.816026] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.824538] task:kworker/u256:4 state:D stack: 0 pid:316722 ppid: 2 flags:0x00000208\n[ 4613.833670] Workqueue: 0000:74:02.0 hisi_sas_rst_work_handler [hisi_sas_main]\n[ 4613.841491] Call trace:\n[ 4613.844647] __switch_to+0xf8/0x17c\n[ 4613.848852] __schedule+0x660/0xee0\n[ 4613.853052] schedule+0xac/0x240\n[ 4613.856984] schedule_timeout+0x500/0x610\n[ 4613.861695] __down+0x128/0x36c\n[ 4613.865542] down+0x240/0x2d0\n[ 4613.869216] hisi_sas_controller_prereset+0x58/0x1fc [hisi_sas_main]\n[ 4613.876324] hisi_sas_rst_work_handler+0x40/0x8c [hisi_sas_main]\n[ 4613.883019] process_one_work+0x248/0x950\n[ 4613.887732] worker_thread+0x318/0x934\n[ 4613.892204] kthread+0x190/0x200\n[ 4613.896118] ret_from_fork+0x10/0x18\n[ 4613.900423] INFO: task kworker/u256:1:348985 blocked for more than 121 seconds.\n[ 4613.914341] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 4613.922852] task:kworker/u256:1 state:D stack: 0 pid:348985 ppid: 2 flags:0x00000208\n[ 4613.931984] Workqueue: 0000:74:02.0_event_q sas_port_event_worker [libsas]\n[ 4613.939549] Call trace:\n[ 4613.942702] __switch_to+0xf8/0x17c\n[ 4613.946892] __schedule+0x660/0xee0\n[ 4613.951083] schedule+0xac/0x240\n[ 4613.955015] schedule_timeout+0x500/0x610\n[ 4613.959725] wait_for_common+0x200/0x610\n[ 4613.964349] wait_for_completion+0x3c/0x5c\n[ 4613.969146] flush_workqueue+0x198/0x790\n[ 4613.973776] sas_porte_broadcast_rcvd+0x1e8/0x320 [libsas]\n[ 4613.979960] sas_port_event_worker+0x54/0xa0 [libsas]\n[ 4613.985708] process_one_work+0x248/0x950\n[ 4613.990420] worker_thread+0x318/0x934\n[ 4613.994868] kthread+0x190/0x200\n[ 4613.998800] ret_from_fork+0x10/0x18\n\nThis is because when the device goes offline, we obtain the hisi_hba\nsemaphore and send the ABORT_DEV command to the device. However, the\ninternal abort timed out due to the 2 bit ECC error and triggers automatic\ndump. In addition, since the hisi_hba semaphore has been obtained, the dump\ncannot be executed and the controller cannot be reset.\n\nTherefore, the deadlocks occur on the following circular dependencies\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26873",
"url": "https://www.suse.com/security/cve/CVE-2024-26873"
},
{
"category": "external",
"summary": "SUSE Bug 1223047 for CVE-2024-26873",
"url": "https://bugzilla.suse.com/1223047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-27018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: br_netfilter: skip conntrack input hook for promisc packets\n\nFor historical reasons, when bridge device is in promisc mode, packets\nthat are directed to the taps follow bridge input hook path. This patch\nadds a workaround to reset conntrack for these packets.\n\nJianbo Liu reports warning splats in their test infrastructure where\ncloned packets reach the br_netfilter input hook to confirm the\nconntrack object.\n\nScratch one bit from BR_INPUT_SKB_CB to annotate that this packet has\nreached the input hook because it is passed up to the bridge device to\nreach the taps.\n\n[ 57.571874] WARNING: CPU: 1 PID: 0 at net/bridge/br_netfilter_hooks.c:616 br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.572749] Modules linked in: xt_MASQUERADE nf_conntrack_netlink nfnetlink iptable_nat xt_addrtype xt_conntrack nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_isc si ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core mlx5ctl mlx5_core\n[ 57.575158] CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.8.0+ #19\n[ 57.575700] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[ 57.576662] RIP: 0010:br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.577195] Code: fe ff ff 41 bd 04 00 00 00 be 04 00 00 00 e9 4a ff ff ff be 04 00 00 00 48 89 ef e8 f3 a9 3c e1 66 83 ad b4 00 00 00 04 eb 91 \u003c0f\u003e 0b e9 f1 fe ff ff 0f 0b e9 df fe ff ff 48 89 df e8 b3 53 47 e1\n[ 57.578722] RSP: 0018:ffff88885f845a08 EFLAGS: 00010202\n[ 57.579207] RAX: 0000000000000002 RBX: ffff88812dfe8000 RCX: 0000000000000000\n[ 57.579830] RDX: ffff88885f845a60 RSI: ffff8881022dc300 RDI: 0000000000000000\n[ 57.580454] RBP: ffff88885f845a60 R08: 0000000000000001 R09: 0000000000000003\n[ 57.581076] R10: 00000000ffff1300 R11: 0000000000000002 R12: 0000000000000000\n[ 57.581695] R13: ffff8881047ffe00 R14: ffff888108dbee00 R15: ffff88814519b800\n[ 57.582313] FS: 0000000000000000(0000) GS:ffff88885f840000(0000) knlGS:0000000000000000\n[ 57.583040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 57.583564] CR2: 000000c4206aa000 CR3: 0000000103847001 CR4: 0000000000370eb0\n[ 57.584194] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ 57.584820] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ 57.585440] Call Trace:\n[ 57.585721] \u003cIRQ\u003e\n[ 57.585976] ? __warn+0x7d/0x130\n[ 57.586323] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.586811] ? report_bug+0xf1/0x1c0\n[ 57.587177] ? handle_bug+0x3f/0x70\n[ 57.587539] ? exc_invalid_op+0x13/0x60\n[ 57.587929] ? asm_exc_invalid_op+0x16/0x20\n[ 57.588336] ? br_nf_local_in+0x157/0x180 [br_netfilter]\n[ 57.588825] nf_hook_slow+0x3d/0xd0\n[ 57.589188] ? br_handle_vlan+0x4b/0x110\n[ 57.589579] br_pass_frame_up+0xfc/0x150\n[ 57.589970] ? br_port_flags_change+0x40/0x40\n[ 57.590396] br_handle_frame_finish+0x346/0x5e0\n[ 57.590837] ? ipt_do_table+0x32e/0x430\n[ 57.591221] ? br_handle_local_finish+0x20/0x20\n[ 57.591656] br_nf_hook_thresh+0x4b/0xf0 [br_netfilter]\n[ 57.592286] ? br_handle_local_finish+0x20/0x20\n[ 57.592802] br_nf_pre_routing_finish+0x178/0x480 [br_netfilter]\n[ 57.593348] ? br_handle_local_finish+0x20/0x20\n[ 57.593782] ? nf_nat_ipv4_pre_routing+0x25/0x60 [nf_nat]\n[ 57.594279] br_nf_pre_routing+0x24c/0x550 [br_netfilter]\n[ 57.594780] ? br_nf_hook_thresh+0xf0/0xf0 [br_netfilter]\n[ 57.595280] br_handle_frame+0x1f3/0x3d0\n[ 57.595676] ? br_handle_local_finish+0x20/0x20\n[ 57.596118] ? br_handle_frame_finish+0x5e0/0x5e0\n[ 57.596566] __netif_receive_skb_core+0x25b/0xfc0\n[ 57.597017] ? __napi_build_skb+0x37/0x40\n[ 57.597418] __netif_receive_skb_list_core+0xfb/0x220",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27018",
"url": "https://www.suse.com/security/cve/CVE-2024-27018"
},
{
"category": "external",
"summary": "SUSE Bug 1223809 for CVE-2024-27018",
"url": "https://bugzilla.suse.com/1223809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27018"
},
{
"cve": "CVE-2024-27415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27415"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: bridge: confirm multicast packets before passing them up the stack\n\nconntrack nf_confirm logic cannot handle cloned skbs referencing\nthe same nf_conn entry, which will happen for multicast (broadcast)\nframes on bridges.\n\n Example:\n macvlan0\n |\n br0\n / \\\n ethX ethY\n\n ethX (or Y) receives a L2 multicast or broadcast packet containing\n an IP packet, flow is not yet in conntrack table.\n\n 1. skb passes through bridge and fake-ip (br_netfilter)Prerouting.\n -\u003e skb-\u003e_nfct now references a unconfirmed entry\n 2. skb is broad/mcast packet. bridge now passes clones out on each bridge\n interface.\n 3. skb gets passed up the stack.\n 4. In macvlan case, macvlan driver retains clone(s) of the mcast skb\n and schedules a work queue to send them out on the lower devices.\n\n The clone skb-\u003e_nfct is not a copy, it is the same entry as the\n original skb. The macvlan rx handler then returns RX_HANDLER_PASS.\n 5. Normal conntrack hooks (in NF_INET_LOCAL_IN) confirm the orig skb.\n\nThe Macvlan broadcast worker and normal confirm path will race.\n\nThis race will not happen if step 2 already confirmed a clone. In that\ncase later steps perform skb_clone() with skb-\u003e_nfct already confirmed (in\nhash table). This works fine.\n\nBut such confirmation won\u0027t happen when eb/ip/nftables rules dropped the\npackets before they reached the nf_confirm step in postrouting.\n\nPablo points out that nf_conntrack_bridge doesn\u0027t allow use of stateful\nnat, so we can safely discard the nf_conn entry and let inet call\nconntrack again.\n\nThis doesn\u0027t work for bridge netfilter: skb could have a nat\ntransformation. Also bridge nf prevents re-invocation of inet prerouting\nvia \u0027sabotage_in\u0027 hook.\n\nWork around this problem by explicit confirmation of the entry at LOCAL_IN\ntime, before upper layer has a chance to clone the unconfirmed entry.\n\nThe downside is that this disables NAT and conntrack helpers.\n\nAlternative fix would be to add locking to all code parts that deal with\nunconfirmed packets, but even if that could be done in a sane way this\nopens up other problems, for example:\n\n-m physdev --physdev-out eth0 -j SNAT --snat-to 1.2.3.4\n-m physdev --physdev-out eth1 -j SNAT --snat-to 1.2.3.5\n\nFor multicast case, only one of such conflicting mappings will be\ncreated, conntrack only handles 1:1 NAT mappings.\n\nUsers should set create a setup that explicitly marks such traffic\nNOTRACK (conntrack bypass) to avoid this, but we cannot auto-bypass\nthem, ruleset might have accept rules for untracked traffic already,\nso user-visible behaviour would change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27415",
"url": "https://www.suse.com/security/cve/CVE-2024-27415"
},
{
"category": "external",
"summary": "SUSE Bug 1224757 for CVE-2024-27415",
"url": "https://bugzilla.suse.com/1224757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-27415"
},
{
"cve": "CVE-2024-28956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-28956"
}
],
"notes": [
{
"category": "general",
"text": "Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-28956",
"url": "https://www.suse.com/security/cve/CVE-2024-28956"
},
{
"category": "external",
"summary": "SUSE Bug 1242006 for CVE-2024-28956",
"url": "https://bugzilla.suse.com/1242006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-28956"
},
{
"cve": "CVE-2024-35826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix page refcounts for unaligned buffers in __bio_release_pages()\n\nFix an incorrect number of pages being released for buffers that do not\nstart at the beginning of a page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35826",
"url": "https://www.suse.com/security/cve/CVE-2024-35826"
},
{
"category": "external",
"summary": "SUSE Bug 1224610 for CVE-2024-35826",
"url": "https://bugzilla.suse.com/1224610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: use OPTION_MPTCP_MPJ_SYNACK in subflow_finish_connect()\n\nsubflow_finish_connect() uses four fields (backup, join_id, thmac, none)\nthat may contain garbage unless OPTION_MPTCP_MPJ_SYNACK has been set\nin mptcp_parse_option()",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35840",
"url": "https://www.suse.com/security/cve/CVE-2024-35840"
},
{
"category": "external",
"summary": "SUSE Bug 1224597 for CVE-2024-35840",
"url": "https://bugzilla.suse.com/1224597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-35840"
},
{
"cve": "CVE-2024-35910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: properly terminate timers for kernel sockets\n\nWe had various syzbot reports about tcp timers firing after\nthe corresponding netns has been dismantled.\n\nFortunately Josef Bacik could trigger the issue more often,\nand could test a patch I wrote two years ago.\n\nWhen TCP sockets are closed, we call inet_csk_clear_xmit_timers()\nto \u0027stop\u0027 the timers.\n\ninet_csk_clear_xmit_timers() can be called from any context,\nincluding when socket lock is held.\nThis is the reason it uses sk_stop_timer(), aka del_timer().\nThis means that ongoing timers might finish much later.\n\nFor user sockets, this is fine because each running timer\nholds a reference on the socket, and the user socket holds\na reference on the netns.\n\nFor kernel sockets, we risk that the netns is freed before\ntimer can complete, because kernel sockets do not hold\nreference on the netns.\n\nThis patch adds inet_csk_clear_xmit_timers_sync() function\nthat using sk_stop_timer_sync() to make sure all timers\nare terminated before the kernel socket is released.\nModules using kernel sockets close them in their netns exit()\nhandler.\n\nAlso add sock_not_owned_by_me() helper to get LOCKDEP\nsupport : inet_csk_clear_xmit_timers_sync() must not be called\nwhile socket lock is held.\n\nIt is very possible we can revert in the future commit\n3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\")\nwhich attempted to solve the issue in rds only.\n(net/smc/af_smc.c and net/mptcp/subflow.c have similar code)\n\nWe probably can remove the check_net() tests from\ntcp_out_of_resources() and __tcp_close() in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35910",
"url": "https://www.suse.com/security/cve/CVE-2024-35910"
},
{
"category": "external",
"summary": "SUSE Bug 1224489 for CVE-2024-35910",
"url": "https://bugzilla.suse.com/1224489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38606"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - validate slices count returned by FW\n\nThe function adf_send_admin_tl_start() enables the telemetry (TL)\nfeature on a QAT device by sending the ICP_QAT_FW_TL_START message to\nthe firmware. This triggers the FW to start writing TL data to a DMA\nbuffer in memory and returns an array containing the number of\naccelerators of each type (slices) supported by this HW.\nThe pointer to this array is stored in the adf_tl_hw_data data\nstructure called slice_cnt.\n\nThe array slice_cnt is then used in the function tl_print_dev_data()\nto report in debugfs only statistics about the supported accelerators.\nAn incorrect value of the elements in slice_cnt might lead to an out\nof bounds memory read.\nAt the moment, there isn\u0027t an implementation of FW that returns a wrong\nvalue, but for robustness validate the slice count array returned by FW.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38606",
"url": "https://www.suse.com/security/cve/CVE-2024-38606"
},
{
"category": "external",
"summary": "SUSE Bug 1226871 for CVE-2024-38606",
"url": "https://bugzilla.suse.com/1226871"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-41005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetpoll: Fix race condition in netpoll_owner_active\n\nKCSAN detected a race condition in netpoll:\n\n\tBUG: KCSAN: data-race in net_rx_action / netpoll_send_skb\n\twrite (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:\n\tnet_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)\n\u003csnip\u003e\n\tread to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:\n\tnetpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)\n\tnetpoll_send_udp (net/core/netpoll.c:?)\n\u003csnip\u003e\n\tvalue changed: 0x0000000a -\u003e 0xffffffff\n\nThis happens because netpoll_owner_active() needs to check if the\ncurrent CPU is the owner of the lock, touching napi-\u003epoll_owner\nnon atomically. The -\u003epoll_owner field contains the current CPU holding\nthe lock.\n\nUse an atomic read to check if the poll owner is the current CPU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41005",
"url": "https://www.suse.com/security/cve/CVE-2024-41005"
},
{
"category": "external",
"summary": "SUSE Bug 1227858 for CVE-2024-41005",
"url": "https://bugzilla.suse.com/1227858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix validation of block size\n\nBlock size should be between 512 and PAGE_SIZE and be a power of 2. The current\ncheck does not validate this, so update the check.\n\nWithout this patch, null_blk would Oops due to a null pointer deref when\nloaded with bs=1536 [1].\n\n\n[axboe: remove unnecessary braces and != 0 check]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41077",
"url": "https://www.suse.com/security/cve/CVE-2024-41077"
},
{
"category": "external",
"summary": "SUSE Bug 1228653 for CVE-2024-41077",
"url": "https://bugzilla.suse.com/1228653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41149"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: avoid to reuse `hctx` not removed from cpuhp callback list\n\nIf the \u0027hctx\u0027 isn\u0027t removed from cpuhp callback list, we can\u0027t reuse it,\notherwise use-after-free may be triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41149",
"url": "https://www.suse.com/security/cve/CVE-2024-41149"
},
{
"category": "external",
"summary": "SUSE Bug 1235698 for CVE-2024-41149",
"url": "https://bugzilla.suse.com/1235698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-42307"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix potential null pointer use in destroy_workqueue in init_cifs error path\n\nDan Carpenter reported a Smack static checker warning:\n fs/smb/client/cifsfs.c:1981 init_cifs()\n error: we previously assumed \u0027serverclose_wq\u0027 could be null (see line 1895)\n\nThe patch which introduced the serverclose workqueue used the wrong\noredering in error paths in init_cifs() for freeing it on errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-42307",
"url": "https://www.suse.com/security/cve/CVE-2024-42307"
},
{
"category": "external",
"summary": "SUSE Bug 1229361 for CVE-2024-42307",
"url": "https://bugzilla.suse.com/1229361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: Fix WARN_ON_ONCE check for sync_thread in raid_resume\n\nrm-raid devices will occasionally trigger the following warning when\nbeing resumed after a table load because DM_RECOVERY_RUNNING is set:\n\nWARNING: CPU: 7 PID: 5660 at drivers/md/dm-raid.c:4105 raid_resume+0xee/0x100 [dm_raid]\n\nThe failing check is:\nWARN_ON_ONCE(test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery));\n\nThis check is designed to make sure that the sync thread isn\u0027t\nregistered, but md_check_recovery can set MD_RECOVERY_RUNNING without\nthe sync_thread ever getting registered. Instead of checking if\nMD_RECOVERY_RUNNING is set, check if sync_thread is non-NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43820",
"url": "https://www.suse.com/security/cve/CVE-2024-43820"
},
{
"category": "external",
"summary": "SUSE Bug 1229311 for CVE-2024-43820",
"url": "https://bugzilla.suse.com/1229311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-43869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-43869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Fix event leak upon exec and file release\n\nThe perf pending task work is never waited upon the matching event\nrelease. In the case of a child event, released via free_event()\ndirectly, this can potentially result in a leaked event, such as in the\nfollowing scenario that doesn\u0027t even require a weak IRQ work\nimplementation to trigger:\n\nschedule()\n prepare_task_switch()\n=======\u003e \u003cNMI\u003e\n perf_event_overflow()\n event-\u003epending_sigtrap = ...\n irq_work_queue(\u0026event-\u003epending_irq)\n\u003c======= \u003c/NMI\u003e\n perf_event_task_sched_out()\n event_sched_out()\n event-\u003epending_sigtrap = 0;\n atomic_long_inc_not_zero(\u0026event-\u003erefcount)\n task_work_add(\u0026event-\u003epending_task)\n finish_lock_switch()\n=======\u003e \u003cIRQ\u003e\n perf_pending_irq()\n //do nothing, rely on pending task work\n\u003c======= \u003c/IRQ\u003e\n\nbegin_new_exec()\n perf_event_exit_task()\n perf_event_exit_event()\n // If is child event\n free_event()\n WARN(atomic_long_cmpxchg(\u0026event-\u003erefcount, 1, 0) != 1)\n // event is leaked\n\nSimilar scenarios can also happen with perf_event_remove_on_exec() or\nsimply against concurrent perf_event_release().\n\nFix this with synchonizing against the possibly remaining pending task\nwork while freeing the event, just like is done with remaining pending\nIRQ work. This means that the pending task callback neither need nor\nshould hold a reference to the event, preventing it from ever beeing\nfreed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-43869",
"url": "https://www.suse.com/security/cve/CVE-2024-43869"
},
{
"category": "external",
"summary": "SUSE Bug 1229491 for CVE-2024-43869",
"url": "https://bugzilla.suse.com/1229491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-43869"
},
{
"cve": "CVE-2024-46713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/aux: Fix AUX buffer serialization\n\nOle reported that event-\u003emmap_mutex is strictly insufficient to\nserialize the AUX buffer, add a per RB mutex to fully serialize it.\n\nNote that in the lock order comment the perf_event::mmap_mutex order\nwas already wrong, that is, it nesting under mmap_lock is not new with\nthis patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46713",
"url": "https://www.suse.com/security/cve/CVE-2024-46713"
},
{
"category": "external",
"summary": "SUSE Bug 1230581 for CVE-2024-46713",
"url": "https://bugzilla.suse.com/1230581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-46713"
},
{
"cve": "CVE-2024-46736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_rename_path()\n\nIf smb2_set_path_attr() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() again as the\nreference of @cfile was already dropped by previous smb2_compound_op()\ncall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46736",
"url": "https://www.suse.com/security/cve/CVE-2024-46736"
},
{
"category": "external",
"summary": "SUSE Bug 1230728 for CVE-2024-46736",
"url": "https://bugzilla.suse.com/1230728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: Fix null-ptr-deref in GRO.\n\nWe observed a null-ptr-deref in fou_gro_receive() while shutting down\na host. [0]\n\nThe NULL pointer is sk-\u003esk_user_data, and the offset 8 is of protocol\nin struct fou.\n\nWhen fou_release() is called due to netns dismantle or explicit tunnel\nteardown, udp_tunnel_sock_release() sets NULL to sk-\u003esk_user_data.\nThen, the tunnel socket is destroyed after a single RCU grace period.\n\nSo, in-flight udp4_gro_receive() could find the socket and execute the\nFOU GRO handler, where sk-\u003esk_user_data could be NULL.\n\nLet\u0027s use rcu_dereference_sk_user_data() in fou_from_sock() and add NULL\nchecks in FOU GRO handlers.\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 80000001032f4067 P4D 80000001032f4067 PUD 103240067 PMD 0\nSMP PTI\nCPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.10.216-204.855.amzn2.x86_64 #1\nHardware name: Amazon EC2 c5.large/, BIOS 1.0 10/16/2017\nRIP: 0010:fou_gro_receive (net/ipv4/fou.c:233) [fou]\nCode: 41 5f c3 cc cc cc cc e8 e7 2e 69 f4 0f 1f 80 00 00 00 00 0f 1f 44 00 00 49 89 f8 41 54 48 89 f7 48 89 d6 49 8b 80 88 02 00 00 \u003c0f\u003e b6 48 08 0f b7 42 4a 66 25 fd fd 80 cc 02 66 89 42 4a 0f b6 42\nRSP: 0018:ffffa330c0003d08 EFLAGS: 00010297\nRAX: 0000000000000000 RBX: ffff93d9e3a6b900 RCX: 0000000000000010\nRDX: ffff93d9e3a6b900 RSI: ffff93d9e3a6b900 RDI: ffff93dac2e24d08\nRBP: ffff93d9e3a6b900 R08: ffff93dacbce6400 R09: 0000000000000002\nR10: 0000000000000000 R11: ffffffffb5f369b0 R12: ffff93dacbce6400\nR13: ffff93dac2e24d08 R14: 0000000000000000 R15: ffffffffb4edd1c0\nFS: 0000000000000000(0000) GS:ffff93daee800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 0000000102140001 CR4: 00000000007706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? show_trace_log_lvl (arch/x86/kernel/dumpstack.c:259)\n ? __die_body.cold (arch/x86/kernel/dumpstack.c:478 arch/x86/kernel/dumpstack.c:420)\n ? no_context (arch/x86/mm/fault.c:752)\n ? exc_page_fault (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 arch/x86/mm/fault.c:1435 arch/x86/mm/fault.c:1483)\n ? asm_exc_page_fault (arch/x86/include/asm/idtentry.h:571)\n ? fou_gro_receive (net/ipv4/fou.c:233) [fou]\n udp_gro_receive (include/linux/netdevice.h:2552 net/ipv4/udp_offload.c:559)\n udp4_gro_receive (net/ipv4/udp_offload.c:604)\n inet_gro_receive (net/ipv4/af_inet.c:1549 (discriminator 7))\n dev_gro_receive (net/core/dev.c:6035 (discriminator 4))\n napi_gro_receive (net/core/dev.c:6170)\n ena_clean_rx_irq (drivers/amazon/net/ena/ena_netdev.c:1558) [ena]\n ena_io_poll (drivers/amazon/net/ena/ena_netdev.c:1742) [ena]\n napi_poll (net/core/dev.c:6847)\n net_rx_action (net/core/dev.c:6917)\n __do_softirq (arch/x86/include/asm/jump_label.h:25 include/linux/jump_label.h:200 include/trace/events/irq.h:142 kernel/softirq.c:299)\n asm_call_irq_on_stack (arch/x86/entry/entry_64.S:809)\n\u003c/IRQ\u003e\n do_softirq_own_stack (arch/x86/include/asm/irq_stack.h:27 arch/x86/include/asm/irq_stack.h:77 arch/x86/kernel/irq_64.c:77)\n irq_exit_rcu (kernel/softirq.c:393 kernel/softirq.c:423 kernel/softirq.c:435)\n common_interrupt (arch/x86/kernel/irq.c:239)\n asm_common_interrupt (arch/x86/include/asm/idtentry.h:626)\nRIP: 0010:acpi_idle_do_entry (arch/x86/include/asm/irqflags.h:49 arch/x86/include/asm/irqflags.h:89 drivers/acpi/processor_idle.c:114 drivers/acpi/processor_idle.c:575)\nCode: 8b 15 d1 3c c4 02 ed c3 cc cc cc cc 65 48 8b 04 25 40 ef 01 00 48 8b 00 a8 08 75 eb 0f 1f 44 00 00 0f 00 2d d5 09 55 00 fb f4 \u003cfa\u003e c3 cc cc cc cc e9 be fc ff ff 66 66 2e 0f 1f 84 00 00 00 00 00\nRSP: 0018:ffffffffb5603e58 EFLAGS: 00000246\nRAX: 0000000000004000 RBX: ffff93dac0929c00 RCX: ffff93daee833900\nRDX: ffff93daee800000 RSI: ffff93d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46763",
"url": "https://www.suse.com/security/cve/CVE-2024-46763"
},
{
"category": "external",
"summary": "SUSE Bug 1230764 for CVE-2024-46763",
"url": "https://bugzilla.suse.com/1230764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-46763"
},
{
"cve": "CVE-2024-46782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: call nf_unregister_net_hooks() sooner\n\nsyzbot found an use-after-free Read in ila_nf_input [1]\n\nIssue here is that ila_xlat_exit_net() frees the rhashtable,\nthen call nf_unregister_net_hooks().\n\nIt should be done in the reverse way, with a synchronize_rcu().\n\nThis is a good match for a pre_exit() method.\n\n[1]\n BUG: KASAN: use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: use-after-free in __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n BUG: KASAN: use-after-free in rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\nRead of size 4 at addr ffff888064620008 by task ksoftirqd/0/16\n\nCPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.11.0-rc4-syzkaller-00238-g2ad6d23f465a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:93 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup include/linux/rhashtable.h:604 [inline]\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast+0x77a/0x9b0 include/linux/rhashtable.h:672\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:132 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1fe/0x3c0 net/ipv6/ila/ila_xlat.c:190\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xc3/0x220 net/netfilter/core.c:626\n nf_hook include/linux/netfilter.h:269 [inline]\n NF_HOOK+0x29e/0x450 include/linux/netfilter.h:312\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\n __netif_receive_skb+0x1ea/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6108\n __napi_poll+0xcb/0x490 net/core/dev.c:6772\n napi_poll net/core/dev.c:6841 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6963\n handle_softirqs+0x2c4/0x970 kernel/softirq.c:554\n run_ksoftirqd+0xca/0x130 kernel/softirq.c:928\n smpboot_thread_fn+0x544/0xa30 kernel/smpboot.c:164\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nThe buggy address belongs to the physical page:\npage: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x64620\nflags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xbfffffff(buddy)\nraw: 00fff00000000000 ffffea0000959608 ffffea00019d9408 0000000000000000\nraw: 0000000000000000 0000000000000003 00000000bfffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as freed\npage last allocated via order 3, migratetype Unmovable, gfp_mask 0x52dc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_ZERO), pid 5242, tgid 5242 (syz-executor), ts 73611328570, free_ts 618981657187\n set_page_owner include/linux/page_owner.h:32 [inline]\n post_alloc_hook+0x1f3/0x230 mm/page_alloc.c:1493\n prep_new_page mm/page_alloc.c:1501 [inline]\n get_page_from_freelist+0x2e4c/0x2f10 mm/page_alloc.c:3439\n __alloc_pages_noprof+0x256/0x6c0 mm/page_alloc.c:4695\n __alloc_pages_node_noprof include/linux/gfp.h:269 [inline]\n alloc_pages_node_noprof include/linux/gfp.h:296 [inline]\n ___kmalloc_large_node+0x8b/0x1d0 mm/slub.c:4103\n __kmalloc_large_node_noprof+0x1a/0x80 mm/slub.c:4130\n __do_kmalloc_node mm/slub.c:4146 [inline]\n __kmalloc_node_noprof+0x2d2/0x440 mm/slub.c:4164\n __kvmalloc_node_noprof+0x72/0x190 mm/util.c:650\n bucket_table_alloc lib/rhashtable.c:186 [inline]\n rhashtable_init_noprof+0x534/0xa60 lib/rhashtable.c:1071\n ila_xlat_init_net+0xa0/0x110 net/ipv6/ila/ila_xlat.c:613\n ops_ini\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46782",
"url": "https://www.suse.com/security/cve/CVE-2024-46782"
},
{
"category": "external",
"summary": "SUSE Bug 1230769 for CVE-2024-46782",
"url": "https://bugzilla.suse.com/1230769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix double put of @cfile in smb2_set_path_size()\n\nIf smb2_compound_op() is called with a valid @cfile and returned\n-EINVAL, we need to call cifs_get_writable_path() before retrying it\nas the reference of @cfile was already dropped by previous call.\n\nThis fixes the following KASAN splat when running fstests generic/013\nagainst Windows Server 2022:\n\n CIFS: Attempting to mount //w22-fs0/scratch\n run fstests generic/013 at 2024-09-02 19:48:59\n ==================================================================\n BUG: KASAN: slab-use-after-free in detach_if_pending+0xab/0x200\n Write of size 8 at addr ffff88811f1a3730 by task kworker/3:2/176\n\n CPU: 3 UID: 0 PID: 176 Comm: kworker/3:2 Not tainted 6.11.0-rc6 #2\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40\n 04/01/2014\n Workqueue: cifsoplockd cifs_oplock_break [cifs]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? detach_if_pending+0xab/0x200\n print_report+0x156/0x4d9\n ? detach_if_pending+0xab/0x200\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? detach_if_pending+0xab/0x200\n kasan_report+0xda/0x110\n ? detach_if_pending+0xab/0x200\n detach_if_pending+0xab/0x200\n timer_delete+0x96/0xe0\n ? __pfx_timer_delete+0x10/0x10\n ? rcu_is_watching+0x20/0x50\n try_to_grab_pending+0x46/0x3b0\n __cancel_work+0x89/0x1b0\n ? __pfx___cancel_work+0x10/0x10\n ? kasan_save_track+0x14/0x30\n cifs_close_deferred_file+0x110/0x2c0 [cifs]\n ? __pfx_cifs_close_deferred_file+0x10/0x10 [cifs]\n ? __pfx_down_read+0x10/0x10\n cifs_oplock_break+0x4c1/0xa50 [cifs]\n ? __pfx_cifs_oplock_break+0x10/0x10 [cifs]\n ? lock_is_held_type+0x85/0xf0\n ? mark_held_locks+0x1a/0x90\n process_one_work+0x4c6/0x9f0\n ? find_held_lock+0x8a/0xa0\n ? __pfx_process_one_work+0x10/0x10\n ? lock_acquired+0x220/0x550\n ? __list_add_valid_or_report+0x37/0x100\n worker_thread+0x2e4/0x570\n ? __kthread_parkme+0xd1/0xf0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x17f/0x1c0\n ? kthread+0xda/0x1c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n Allocated by task 1118:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n cifs_new_fileinfo+0xc8/0x9d0 [cifs]\n cifs_atomic_open+0x467/0x770 [cifs]\n lookup_open.isra.0+0x665/0x8b0\n path_openat+0x4c3/0x1380\n do_filp_open+0x167/0x270\n do_sys_openat2+0x129/0x160\n __x64_sys_creat+0xad/0xe0\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 83:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x70\n poison_slab_object+0xe9/0x160\n __kasan_slab_free+0x32/0x50\n kfree+0xf2/0x300\n process_one_work+0x4c6/0x9f0\n worker_thread+0x2e4/0x570\n kthread+0x17f/0x1c0\n ret_from_fork+0x31/0x60\n ret_from_fork_asm+0x1a/0x30\n\n Last potentially related work creation:\n kasan_save_stack+0x30/0x50\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x29/0xe0\n __queue_work+0x5ea/0x760\n queue_work_on+0x6d/0x90\n _cifsFileInfo_put+0x3f6/0x770 [cifs]\n smb2_compound_op+0x911/0x3940 [cifs]\n smb2_set_path_size+0x228/0x270 [cifs]\n cifs_set_file_size+0x197/0x460 [cifs]\n cifs_setattr+0xd9c/0x14b0 [cifs]\n notify_change+0x4e3/0x740\n do_truncate+0xfa/0x180\n vfs_truncate+0x195/0x200\n __x64_sys_truncate+0x109/0x150\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46796",
"url": "https://www.suse.com/security/cve/CVE-2024-46796"
},
{
"category": "external",
"summary": "SUSE Bug 1230832 for CVE-2024-46796",
"url": "https://bugzilla.suse.com/1230832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-46865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-46865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfou: fix initialization of grc\n\nThe grc must be initialize first. There can be a condition where if\nfou is NULL, goto out will be executed and grc would be used\nuninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-46865",
"url": "https://www.suse.com/security/cve/CVE-2024-46865"
},
{
"category": "external",
"summary": "SUSE Bug 1231103 for CVE-2024-46865",
"url": "https://bugzilla.suse.com/1231103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-46865"
},
{
"cve": "CVE-2024-47408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check smcd_v2_ext_offset when receiving proposal msg\n\nWhen receiving proposal msg in server, the field smcd_v2_ext_offset in\nproposal msg is from the remote client and can not be fully trusted.\nOnce the value of smcd_v2_ext_offset exceed the max value, there has\nthe chance to access wrong address, and crash may happen.\n\nThis patch checks the value of smcd_v2_ext_offset before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47408",
"url": "https://www.suse.com/security/cve/CVE-2024-47408"
},
{
"category": "external",
"summary": "SUSE Bug 1235711 for CVE-2024-47408",
"url": "https://bugzilla.suse.com/1235711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-47794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Prevent tailcall infinite loop caused by freplace\n\nThere is a potential infinite loop issue that can occur when using a\ncombination of tail calls and freplace.\n\nIn an upcoming selftest, the attach target for entry_freplace of\ntailcall_freplace.c is subprog_tc of tc_bpf2bpf.c, while the tail call in\nentry_freplace leads to entry_tc. This results in an infinite loop:\n\nentry_tc -\u003e subprog_tc -\u003e entry_freplace --tailcall-\u003e entry_tc.\n\nThe problem arises because the tail_call_cnt in entry_freplace resets to\nzero each time entry_freplace is executed, causing the tail call mechanism\nto never terminate, eventually leading to a kernel panic.\n\nTo fix this issue, the solution is twofold:\n\n1. Prevent updating a program extended by an freplace program to a\n prog_array map.\n2. Prevent extending a program that is already part of a prog_array map\n with an freplace program.\n\nThis ensures that:\n\n* If a program or its subprogram has been extended by an freplace program,\n it can no longer be updated to a prog_array map.\n* If a program has been added to a prog_array map, neither it nor its\n subprograms can be extended by an freplace program.\n\nMoreover, an extension program should not be tailcalled. As such, return\n-EINVAL if the program has a type of BPF_PROG_TYPE_EXT when adding it to a\nprog_array map.\n\nAdditionally, fix a minor code style issue by replacing eight spaces with a\ntab for proper formatting.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-47794",
"url": "https://www.suse.com/security/cve/CVE-2024-47794"
},
{
"category": "external",
"summary": "SUSE Bug 1235712 for CVE-2024-47794",
"url": "https://bugzilla.suse.com/1235712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg\n\nWhen receiving proposal msg in server, the field iparea_offset\nand the field ipv6_prefixes_cnt in proposal msg are from the\nremote client and can not be fully trusted. Especially the\nfield iparea_offset, once exceed the max value, there has the\nchance to access wrong address, and crash may happen.\n\nThis patch checks iparea_offset and ipv6_prefixes_cnt before using them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49571",
"url": "https://www.suse.com/security/cve/CVE-2024-49571"
},
{
"category": "external",
"summary": "SUSE Bug 1235733 for CVE-2024-49571",
"url": "https://bugzilla.suse.com/1235733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: pxafb: Fix possible use after free in pxafb_task()\n\nIn the pxafb_probe function, it calls the pxafb_init_fbinfo function,\nafter which \u0026fbi-\u003etask is associated with pxafb_task. Moreover,\nwithin this pxafb_init_fbinfo function, the pxafb_blank function\nwithin the \u0026pxafb_ops struct is capable of scheduling work.\n\nIf we remove the module which will call pxafb_remove to make cleanup,\nit will call unregister_framebuffer function which can call\ndo_unregister_framebuffer to free fbi-\u003efb through\nput_fb_info(fb_info), while the work mentioned above will be used.\nThe sequence of operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | pxafb_task\npxafb_remove |\nunregister_framebuffer(info) |\ndo_unregister_framebuffer(fb_info) |\nput_fb_info(fb_info) |\n// free fbi-\u003efb | set_ctrlr_state(fbi, state)\n | __pxafb_lcd_power(fbi, 0)\n | fbi-\u003elcd_power(on, \u0026fbi-\u003efb.var)\n | //use fbi-\u003efb\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in pxafb_remove.\n\nNote that only root user can remove the driver at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49924",
"url": "https://www.suse.com/security/cve/CVE-2024-49924"
},
{
"category": "external",
"summary": "SUSE Bug 1232364 for CVE-2024-49924",
"url": "https://bugzilla.suse.com/1232364"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: prevent possible tunnel refcount underflow\n\nWhen a session is created, it sets a backpointer to its tunnel. When\nthe session refcount drops to 0, l2tp_session_free drops the tunnel\nrefcount if session-\u003etunnel is non-NULL. However, session-\u003etunnel is\nset in l2tp_session_create, before the tunnel refcount is incremented\nby l2tp_session_register, which leaves a small window where\nsession-\u003etunnel is non-NULL when the tunnel refcount hasn\u0027t been\nbumped.\n\nMoving the assignment to l2tp_session_register is trivial but\nl2tp_session_create calls l2tp_session_set_header_len which uses\nsession-\u003etunnel to get the tunnel\u0027s encap. Add an encap arg to\nl2tp_session_set_header_len to avoid using session-\u003etunnel.\n\nIf l2tpv3 sessions have colliding IDs, it is possible for\nl2tp_v3_session_get to race with l2tp_session_register and fetch a\nsession which doesn\u0027t yet have session-\u003etunnel set. Add a check for\nthis case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49940",
"url": "https://www.suse.com/security/cve/CVE-2024-49940"
},
{
"category": "external",
"summary": "SUSE Bug 1232812 for CVE-2024-49940",
"url": "https://bugzilla.suse.com/1232812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-49994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix integer overflow in BLKSECDISCARD\n\nI independently rediscovered\n\n\tcommit 22d24a544b0d49bbcbd61c8c0eaf77d3c9297155\n\tblock: fix overflow in blk_ioctl_discard()\n\nbut for secure erase.\n\nSame problem:\n\n\tuint64_t r[2] = {512, 18446744073709551104ULL};\n\tioctl(fd, BLKSECDISCARD, r);\n\nwill enter near infinite loop inside blkdev_issue_secure_erase():\n\n\ta.out: attempt to access beyond end of device\n\tloop0: rw=5, sector=3399043073, nr_sectors = 1024 limit=2048\n\tbio_check_eod: 3286214 callbacks suppressed",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-49994",
"url": "https://www.suse.com/security/cve/CVE-2024-49994"
},
{
"category": "external",
"summary": "SUSE Bug 1237757 for CVE-2024-49994",
"url": "https://bugzilla.suse.com/1237757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: Fix UAF in hci_enhanced_setup_sync\n\nThis checks if the ACL connection remains valid as it could be destroyed\nwhile hci_enhanced_setup_sync is pending on cmd_sync leading to the\nfollowing trace:\n\nBUG: KASAN: slab-use-after-free in hci_enhanced_setup_sync+0x91b/0xa60\nRead of size 1 at addr ffff888002328ffd by task kworker/u5:2/37\n\nCPU: 0 UID: 0 PID: 37 Comm: kworker/u5:2 Not tainted 6.11.0-rc6-01300-g810be445d8d6 #7099\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ? hci_enhanced_setup_sync+0x91b/0xa60\n print_report+0x152/0x4c0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n ? __virt_addr_valid+0x1fa/0x420\n ? hci_enhanced_setup_sync+0x91b/0xa60\n kasan_report+0xda/0x1b0\n ? hci_enhanced_setup_sync+0x91b/0xa60\n hci_enhanced_setup_sync+0x91b/0xa60\n ? __pfx_hci_enhanced_setup_sync+0x10/0x10\n ? __pfx___mutex_lock+0x10/0x10\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n ? __pfx_lock_acquire+0x10/0x10\n ? __pfx_process_one_work+0x10/0x10\n ? assign_work+0x167/0x240\n worker_thread+0x5b7/0xf60\n ? __kthread_parkme+0xac/0x1c0\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x293/0x360\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 34:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __hci_conn_add+0x187/0x17d0\n hci_connect_sco+0x2e1/0xb90\n sco_sock_connect+0x2a2/0xb80\n __sys_connect+0x227/0x2a0\n __x64_sys_connect+0x6d/0xb0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 37:\n kasan_save_stack+0x30/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x101/0x160\n kfree+0xd0/0x250\n device_release+0x9a/0x210\n kobject_put+0x151/0x280\n hci_conn_del+0x448/0xbf0\n hci_abort_conn_sync+0x46f/0x980\n hci_cmd_sync_work+0x1c2/0x330\n process_one_work+0x7d9/0x1360\n worker_thread+0x5b7/0xf60\n kthread+0x293/0x360\n ret_from_fork+0x2f/0x70\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50029",
"url": "https://www.suse.com/security/cve/CVE-2024-50029"
},
{
"category": "external",
"summary": "SUSE Bug 1231949 for CVE-2024-50029",
"url": "https://bugzilla.suse.com/1231949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50029"
},
{
"cve": "CVE-2024-50036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: do not delay dst_entries_add() in dst_release()\n\ndst_entries_add() uses per-cpu data that might be freed at netns\ndismantle from ip6_route_net_exit() calling dst_entries_destroy()\n\nBefore ip6_route_net_exit() can be called, we release all\nthe dsts associated with this netns, via calls to dst_release(),\nwhich waits an rcu grace period before calling dst_destroy()\n\ndst_entries_add() use in dst_destroy() is racy, because\ndst_entries_destroy() could have been called already.\n\nDecrementing the number of dsts must happen sooner.\n\nNotes:\n\n1) in CONFIG_XFRM case, dst_destroy() can call\n dst_release_immediate(child), this might also cause UAF\n if the child does not have DST_NOCOUNT set.\n IPSEC maintainers might take a look and see how to address this.\n\n2) There is also discussion about removing this count of dst,\n which might happen in future kernels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50036",
"url": "https://www.suse.com/security/cve/CVE-2024-50036"
},
{
"category": "external",
"summary": "SUSE Bug 1231912 for CVE-2024-50036",
"url": "https://bugzilla.suse.com/1231912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50036"
},
{
"cve": "CVE-2024-50038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xtables: avoid NFPROTO_UNSPEC where needed\n\nsyzbot managed to call xt_cluster match via ebtables:\n\n WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780\n [..]\n ebt_do_table+0x174b/0x2a40\n\nModule registers to NFPROTO_UNSPEC, but it assumes ipv4/ipv6 packet\nprocessing. As this is only useful to restrict locally terminating\nTCP/UDP traffic, register this for ipv4 and ipv6 family only.\n\nPablo points out that this is a general issue, direct users of the\nset/getsockopt interface can call into targets/matches that were only\nintended for use with ip(6)tables.\n\nCheck all UNSPEC matches and targets for similar issues:\n\n- matches and targets are fine except if they assume skb_network_header()\n is valid -- this is only true when called from inet layer: ip(6) stack\n pulls the ip/ipv6 header into linear data area.\n- targets that return XT_CONTINUE or other xtables verdicts must be\n restricted too, they are incompatbile with the ebtables traverser, e.g.\n EBT_CONTINUE is a completely different value than XT_CONTINUE.\n\nMost matches/targets are changed to register for NFPROTO_IPV4/IPV6, as\nthey are provided for use by ip(6)tables.\n\nThe MARK target is also used by arptables, so register for NFPROTO_ARP too.\n\nWhile at it, bail out if connbytes fails to enable the corresponding\nconntrack family.\n\nThis change passes the selftests in iptables.git.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50038",
"url": "https://www.suse.com/security/cve/CVE-2024-50038"
},
{
"category": "external",
"summary": "SUSE Bug 1231910 for CVE-2024-50038",
"url": "https://bugzilla.suse.com/1231910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50038"
},
{
"cve": "CVE-2024-50056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: Fix ERR_PTR dereference in uvc_v4l2.c\n\nFix potential dereferencing of ERR_PTR() in find_format_by_pix()\nand uvc_v4l2_enum_format().\n\nFix the following smatch errors:\n\ndrivers/usb/gadget/function/uvc_v4l2.c:124 find_format_by_pix()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\ndrivers/usb/gadget/function/uvc_v4l2.c:392 uvc_v4l2_enum_format()\nerror: \u0027fmtdesc\u0027 dereferencing possible ERR_PTR()\n\nAlso, fix similar issue in uvc_v4l2_try_format() for potential\ndereferencing of ERR_PTR().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50056",
"url": "https://www.suse.com/security/cve/CVE-2024-50056"
},
{
"category": "external",
"summary": "SUSE Bug 1232389 for CVE-2024-50056",
"url": "https://bugzilla.suse.com/1232389"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix mptcp DSS corruption due to large pmtu xmit\n\nSyzkaller was able to trigger a DSS corruption:\n\n TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 5227 at net/mptcp/protocol.c:695 __mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Modules linked in:\n CPU: 0 UID: 0 PID: 5227 Comm: syz-executor350 Not tainted 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\n RIP: 0010:__mptcp_move_skbs_from_subflow+0x20a9/0x21f0 net/mptcp/protocol.c:695\n Code: 0f b6 dc 31 ff 89 de e8 b5 dd ea f5 89 d8 48 81 c4 50 01 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 98 da ea f5 90 \u003c0f\u003e 0b 90 e9 47 ff ff ff e8 8a da ea f5 90 0f 0b 90 e9 99 e0 ff ff\n RSP: 0018:ffffc90000006db8 EFLAGS: 00010246\n RAX: ffffffff8ba9df18 RBX: 00000000000055f0 RCX: ffff888030023c00\n RDX: 0000000000000100 RSI: 00000000000081e5 RDI: 00000000000055f0\n RBP: 1ffff110062bf1ae R08: ffffffff8ba9cf12 R09: 1ffff110062bf1b8\n R10: dffffc0000000000 R11: ffffed10062bf1b9 R12: 0000000000000000\n R13: dffffc0000000000 R14: 00000000700cec61 R15: 00000000000081e5\n FS: 000055556679c380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020287000 CR3: 0000000077892000 CR4: 00000000003506f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n move_skbs_to_msk net/mptcp/protocol.c:811 [inline]\n mptcp_data_ready+0x29c/0xa90 net/mptcp/protocol.c:854\n subflow_data_ready+0x34a/0x920 net/mptcp/subflow.c:1490\n tcp_data_queue+0x20fd/0x76c0 net/ipv4/tcp_input.c:5283\n tcp_rcv_established+0xfba/0x2020 net/ipv4/tcp_input.c:6237\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n tcp_v4_rcv+0x2dc0/0x37f0 net/ipv4/tcp_ipv4.c:2350\n ip_protocol_deliver_rcu+0x22e/0x440 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x341/0x5f0 net/ipv4/ip_input.c:233\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n NF_HOOK+0x3a4/0x450 include/linux/netfilter.h:314\n __netif_receive_skb_one_core net/core/dev.c:5662 [inline]\n __netif_receive_skb+0x2bf/0x650 net/core/dev.c:5775\n process_backlog+0x662/0x15b0 net/core/dev.c:6107\n __napi_poll+0xcb/0x490 net/core/dev.c:6771\n napi_poll net/core/dev.c:6840 [inline]\n net_rx_action+0x89b/0x1240 net/core/dev.c:6962\n handle_softirqs+0x2c5/0x980 kernel/softirq.c:554\n do_softirq+0x11b/0x1e0 kernel/softirq.c:455\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n __local_bh_enable_ip+0x1bb/0x200 kernel/softirq.c:382\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x1764/0x3e80 net/core/dev.c:4451\n dev_queue_xmit include/linux/netdevice.h:3094 [inline]\n neigh_hh_output include/net/neighbour.h:526 [inline]\n neigh_output include/net/neighbour.h:540 [inline]\n ip_finish_output2+0xd41/0x1390 net/ipv4/ip_output.c:236\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x118c/0x1b80 net/ipv4/ip_output.c:536\n __tcp_transmit_skb+0x2544/0x3b30 net/ipv4/tcp_output.c:1466\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\n tcp_mtu_probe net/ipv4/tcp_output.c:2547 [inline]\n tcp_write_xmit+0x641d/0x6bf0 net/ipv4/tcp_output.c:2752\n __tcp_push_pending_frames+0x9b/0x360 net/ipv4/tcp_output.c:3015\n tcp_push_pending_frames include/net/tcp.h:2107 [inline]\n tcp_data_snd_check net/ipv4/tcp_input.c:5714 [inline]\n tcp_rcv_established+0x1026/0x2020 net/ipv4/tcp_input.c:6239\n tcp_v4_do_rcv+0x96d/0xc70 net/ipv4/tcp_ipv4.c:1915\n sk_backlog_rcv include/net/sock.h:1113 [inline]\n __release_sock+0x214/0x350 net/core/sock.c:3072\n release_sock+0x61/0x1f0 net/core/sock.c:3626\n mptcp_push_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50083",
"url": "https://www.suse.com/security/cve/CVE-2024-50083"
},
{
"category": "external",
"summary": "SUSE Bug 1232493 for CVE-2024-50083",
"url": "https://bugzilla.suse.com/1232493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50083"
},
{
"cve": "CVE-2024-50106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix race between laundromat and free_stateid\n\nThere is a race between laundromat handling of revoked delegations\nand a client sending free_stateid operation. Laundromat thread\nfinds that delegation has expired and needs to be revoked so it\nmarks the delegation stid revoked and it puts it on a reaper list\nbut then it unlock the state lock and the actual delegation revocation\nhappens without the lock. Once the stid is marked revoked a racing\nfree_stateid processing thread does the following (1) it calls\nlist_del_init() which removes it from the reaper list and (2) frees\nthe delegation stid structure. The laundromat thread ends up not\ncalling the revoke_delegation() function for this particular delegation\nbut that means it will no release the lock lease that exists on\nthe file.\n\nNow, a new open for this file comes in and ends up finding that\nlease list isn\u0027t empty and calls nfsd_breaker_owns_lease() which ends\nup trying to derefence a freed delegation stateid. Leading to the\nfollowint use-after-free KASAN warning:\n\nkernel: ==================================================================\nkernel: BUG: KASAN: slab-use-after-free in nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: Read of size 8 at addr ffff0000e73cd0c8 by task nfsd/6205\nkernel:\nkernel: CPU: 2 UID: 0 PID: 6205 Comm: nfsd Kdump: loaded Not tainted 6.11.0-rc7+ #9\nkernel: Hardware name: Apple Inc. Apple Virtualization Generic Platform, BIOS 2069.0.0.0.0 08/03/2024\nkernel: Call trace:\nkernel: dump_backtrace+0x98/0x120\nkernel: show_stack+0x1c/0x30\nkernel: dump_stack_lvl+0x80/0xe8\nkernel: print_address_description.constprop.0+0x84/0x390\nkernel: print_report+0xa4/0x268\nkernel: kasan_report+0xb4/0xf8\nkernel: __asan_report_load8_noabort+0x1c/0x28\nkernel: nfsd_breaker_owns_lease+0x140/0x160 [nfsd]\nkernel: nfsd_file_do_acquire+0xb3c/0x11d0 [nfsd]\nkernel: nfsd_file_acquire_opened+0x84/0x110 [nfsd]\nkernel: nfs4_get_vfs_file+0x634/0x958 [nfsd]\nkernel: nfsd4_process_open2+0xa40/0x1a40 [nfsd]\nkernel: nfsd4_open+0xa08/0xe80 [nfsd]\nkernel: nfsd4_proc_compound+0xb8c/0x2130 [nfsd]\nkernel: nfsd_dispatch+0x22c/0x718 [nfsd]\nkernel: svc_process_common+0x8e8/0x1960 [sunrpc]\nkernel: svc_process+0x3d4/0x7e0 [sunrpc]\nkernel: svc_handle_xprt+0x828/0xe10 [sunrpc]\nkernel: svc_recv+0x2cc/0x6a8 [sunrpc]\nkernel: nfsd+0x270/0x400 [nfsd]\nkernel: kthread+0x288/0x310\nkernel: ret_from_fork+0x10/0x20\n\nThis patch proposes a fixed that\u0027s based on adding 2 new additional\nstid\u0027s sc_status values that help coordinate between the laundromat\nand other operations (nfsd4_free_stateid() and nfsd4_delegreturn()).\n\nFirst to make sure, that once the stid is marked revoked, it is not\nremoved by the nfsd4_free_stateid(), the laundromat take a reference\non the stateid. Then, coordinating whether the stid has been put\non the cl_revoked list or we are processing FREE_STATEID and need to\nmake sure to remove it from the list, each check that state and act\naccordingly. If laundromat has added to the cl_revoke list before\nthe arrival of FREE_STATEID, then nfsd4_free_stateid() knows to remove\nit from the list. If nfsd4_free_stateid() finds that operations arrived\nbefore laundromat has placed it on cl_revoke list, it marks the state\nfreed and then laundromat will no longer add it to the list.\n\nAlso, for nfsd4_delegreturn() when looking for the specified stid,\nwe need to access stid that are marked removed or freeable, it means\nthe laundromat has started processing it but hasn\u0027t finished and this\ndelegreturn needs to return nfserr_deleg_revoked and not\nnfserr_bad_stateid. The latter will not trigger a FREE_STATEID and the\nlack of it will leave this stid on the cl_revoked list indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50106",
"url": "https://www.suse.com/security/cve/CVE-2024-50106"
},
{
"category": "external",
"summary": "SUSE Bug 1232882 for CVE-2024-50106",
"url": "https://bugzilla.suse.com/1232882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50106"
},
{
"cve": "CVE-2024-50126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: use RCU read-side critical section in taprio_dump()\n\nFix possible use-after-free in \u0027taprio_dump()\u0027 by adding RCU\nread-side critical section there. Never seen on x86 but\nfound on a KASAN-enabled arm64 system when investigating\nhttps://syzkaller.appspot.com/bug?extid=b65e0af58423fc8a73aa:\n\n[T15862] BUG: KASAN: slab-use-after-free in taprio_dump+0xa0c/0xbb0\n[T15862] Read of size 4 at addr ffff0000d4bb88f8 by task repro/15862\n[T15862]\n[T15862] CPU: 0 UID: 0 PID: 15862 Comm: repro Not tainted 6.11.0-rc1-00293-gdefaf1a2113a-dirty #2\n[T15862] Hardware name: QEMU QEMU Virtual Machine, BIOS edk2-20240524-5.fc40 05/24/2024\n[T15862] Call trace:\n[T15862] dump_backtrace+0x20c/0x220\n[T15862] show_stack+0x2c/0x40\n[T15862] dump_stack_lvl+0xf8/0x174\n[T15862] print_report+0x170/0x4d8\n[T15862] kasan_report+0xb8/0x1d4\n[T15862] __asan_report_load4_noabort+0x20/0x2c\n[T15862] taprio_dump+0xa0c/0xbb0\n[T15862] tc_fill_qdisc+0x540/0x1020\n[T15862] qdisc_notify.isra.0+0x330/0x3a0\n[T15862] tc_modify_qdisc+0x7b8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Allocated by task 15857:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_alloc_info+0x40/0x60\n[T15862] __kasan_kmalloc+0xd4/0xe0\n[T15862] __kmalloc_cache_noprof+0x194/0x334\n[T15862] taprio_change+0x45c/0x2fe0\n[T15862] tc_modify_qdisc+0x6a8/0x1838\n[T15862] rtnetlink_rcv_msg+0x3c8/0xc20\n[T15862] netlink_rcv_skb+0x1f8/0x3d4\n[T15862] rtnetlink_rcv+0x28/0x40\n[T15862] netlink_unicast+0x51c/0x790\n[T15862] netlink_sendmsg+0x79c/0xc20\n[T15862] __sock_sendmsg+0xe0/0x1a0\n[T15862] ____sys_sendmsg+0x6c0/0x840\n[T15862] ___sys_sendmsg+0x1ac/0x1f0\n[T15862] __sys_sendmsg+0x110/0x1d0\n[T15862] __arm64_sys_sendmsg+0x74/0xb0\n[T15862] invoke_syscall+0x88/0x2e0\n[T15862] el0_svc_common.constprop.0+0xe4/0x2a0\n[T15862] do_el0_svc+0x44/0x60\n[T15862] el0_svc+0x50/0x184\n[T15862] el0t_64_sync_handler+0x120/0x12c\n[T15862] el0t_64_sync+0x190/0x194\n[T15862]\n[T15862] Freed by task 6192:\n[T15862] kasan_save_stack+0x3c/0x70\n[T15862] kasan_save_track+0x20/0x3c\n[T15862] kasan_save_free_info+0x4c/0x80\n[T15862] poison_slab_object+0x110/0x160\n[T15862] __kasan_slab_free+0x3c/0x74\n[T15862] kfree+0x134/0x3c0\n[T15862] taprio_free_sched_cb+0x18c/0x220\n[T15862] rcu_core+0x920/0x1b7c\n[T15862] rcu_core_si+0x10/0x1c\n[T15862] handle_softirqs+0x2e8/0xd64\n[T15862] __do_softirq+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50126",
"url": "https://www.suse.com/security/cve/CVE-2024-50126"
},
{
"category": "external",
"summary": "SUSE Bug 1232895 for CVE-2024-50126",
"url": "https://bugzilla.suse.com/1232895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Disable page allocation in task_tick_mm_cid()\n\nWith KASAN and PREEMPT_RT enabled, calling task_work_add() in\ntask_tick_mm_cid() may cause the following splat.\n\n[ 63.696416] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 63.696416] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 610, name: modprobe\n[ 63.696416] preempt_count: 10001, expected: 0\n[ 63.696416] RCU nest depth: 1, expected: 1\n\nThis problem is caused by the following call trace.\n\n sched_tick() [ acquire rq-\u003e__lock ]\n -\u003e task_tick_mm_cid()\n -\u003e task_work_add()\n -\u003e __kasan_record_aux_stack()\n -\u003e kasan_save_stack()\n -\u003e stack_depot_save_flags()\n -\u003e alloc_pages_mpol_noprof()\n -\u003e __alloc_pages_noprof()\n\t -\u003e get_page_from_freelist()\n\t -\u003e rmqueue()\n\t -\u003e rmqueue_pcplist()\n\t -\u003e __rmqueue_pcplist()\n\t -\u003e rmqueue_bulk()\n\t -\u003e rt_spin_lock()\n\nThe rq lock is a raw_spinlock_t. We can\u0027t sleep while holding\nit. IOW, we can\u0027t call alloc_pages() in stack_depot_save_flags().\n\nThe task_tick_mm_cid() function with its task_work_add() call was\nintroduced by commit 223baf9d17f2 (\"sched: Fix performance regression\nintroduced by mm_cid\") in v6.4 kernel.\n\nFortunately, there is a kasan_record_aux_stack_noalloc() variant that\ncalls stack_depot_save_flags() while not allowing it to allocate\nnew pages. To allow task_tick_mm_cid() to use task_work without\npage allocation, a new TWAF_NO_ALLOC flag is added to enable calling\nkasan_record_aux_stack_noalloc() instead of kasan_record_aux_stack()\nif set. The task_tick_mm_cid() function is modified to add this new flag.\n\nThe possible downside is the missing stack trace in a KASAN report due\nto new page allocation required when task_work_add_noallloc() is called\nwhich should be rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50140",
"url": "https://www.suse.com/security/cve/CVE-2024-50140"
},
{
"category": "external",
"summary": "SUSE Bug 1233060 for CVE-2024-50140",
"url": "https://bugzilla.suse.com/1233060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix possible double free in smb2_set_ea()\n\nClang static checker(scan-build) warning:\nfs/smb/client/smb2ops.c:1304:2: Attempt to free released memory.\n 1304 | kfree(ea);\n | ^~~~~~~~~\n\nThere is a double free in such case:\n\u0027ea is initialized to NULL\u0027 -\u003e \u0027first successful memory allocation for\nea\u0027 -\u003e \u0027something failed, goto sea_exit\u0027 -\u003e \u0027first memory release for ea\u0027\n-\u003e \u0027goto replay_again\u0027 -\u003e \u0027second goto sea_exit before allocate memory\nfor ea\u0027 -\u003e \u0027second memory release for ea resulted in double free\u0027.\n\nRe-initialie \u0027ea\u0027 to NULL near to the replay_again label, it can fix this\ndouble free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50152",
"url": "https://www.suse.com/security/cve/CVE-2024-50152"
},
{
"category": "external",
"summary": "SUSE Bug 1233033 for CVE-2024-50152",
"url": "https://bugzilla.suse.com/1233033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50162"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: devmap: provide rxq after redirect\n\nrxq contains a pointer to the device from where\nthe redirect happened. Currently, the BPF program\nthat was executed after a redirect via BPF_MAP_TYPE_DEVMAP*\ndoes not have it set.\n\nThis is particularly bad since accessing ingress_ifindex, e.g.\n\nSEC(\"xdp\")\nint prog(struct xdp_md *pkt)\n{\n return bpf_redirect_map(\u0026dev_redirect_map, 0, 0);\n}\n\nSEC(\"xdp/devmap\")\nint prog_after_redirect(struct xdp_md *pkt)\n{\n bpf_printk(\"ifindex %i\", pkt-\u003eingress_ifindex);\n return XDP_PASS;\n}\n\ndepends on access to rxq, so a NULL pointer gets dereferenced:\n\n\u003c1\u003e[ 574.475170] BUG: kernel NULL pointer dereference, address: 0000000000000000\n\u003c1\u003e[ 574.475188] #PF: supervisor read access in kernel mode\n\u003c1\u003e[ 574.475194] #PF: error_code(0x0000) - not-present page\n\u003c6\u003e[ 574.475199] PGD 0 P4D 0\n\u003c4\u003e[ 574.475207] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n\u003c4\u003e[ 574.475217] CPU: 4 UID: 0 PID: 217 Comm: kworker/4:1 Not tainted 6.11.0-rc5-reduced-00859-g780801200300 #23\n\u003c4\u003e[ 574.475226] Hardware name: Intel(R) Client Systems NUC13ANHi7/NUC13ANBi7, BIOS ANRPL357.0026.2023.0314.1458 03/14/2023\n\u003c4\u003e[ 574.475231] Workqueue: mld mld_ifc_work\n\u003c4\u003e[ 574.475247] RIP: 0010:bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c\n\u003c4\u003e[ 574.475257] Code: cc cc cc cc cc cc cc 80 00 00 00 cc cc cc cc cc cc cc cc f3 0f 1e fa 0f 1f 44 00 00 66 90 55 48 89 e5 f3 0f 1e fa 48 8b 57 20 \u003c48\u003e 8b 52 00 8b 92 e0 00 00 00 48 bf f8 a6 d5 c4 5d a0 ff ff be 0b\n\u003c4\u003e[ 574.475263] RSP: 0018:ffffa62440280c98 EFLAGS: 00010206\n\u003c4\u003e[ 574.475269] RAX: ffffa62440280cd8 RBX: 0000000000000001 RCX: 0000000000000000\n\u003c4\u003e[ 574.475274] RDX: 0000000000000000 RSI: ffffa62440549048 RDI: ffffa62440280ce0\n\u003c4\u003e[ 574.475278] RBP: ffffa62440280c98 R08: 0000000000000002 R09: 0000000000000001\n\u003c4\u003e[ 574.475281] R10: ffffa05dc8b98000 R11: ffffa05f577fca40 R12: ffffa05dcab24000\n\u003c4\u003e[ 574.475285] R13: ffffa62440280ce0 R14: ffffa62440549048 R15: ffffa62440549000\n\u003c4\u003e[ 574.475289] FS: 0000000000000000(0000) GS:ffffa05f4f700000(0000) knlGS:0000000000000000\n\u003c4\u003e[ 574.475294] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\u003c4\u003e[ 574.475298] CR2: 0000000000000000 CR3: 000000025522e000 CR4: 0000000000f50ef0\n\u003c4\u003e[ 574.475303] PKRU: 55555554\n\u003c4\u003e[ 574.475306] Call Trace:\n\u003c4\u003e[ 574.475313] \u003cIRQ\u003e\n\u003c4\u003e[ 574.475318] ? __die+0x23/0x70\n\u003c4\u003e[ 574.475329] ? page_fault_oops+0x180/0x4c0\n\u003c4\u003e[ 574.475339] ? skb_pp_cow_data+0x34c/0x490\n\u003c4\u003e[ 574.475346] ? kmem_cache_free+0x257/0x280\n\u003c4\u003e[ 574.475357] ? exc_page_fault+0x67/0x150\n\u003c4\u003e[ 574.475368] ? asm_exc_page_fault+0x26/0x30\n\u003c4\u003e[ 574.475381] ? bpf_prog_5e13354d9cf5018a_prog_after_redirect+0x17/0x3c\n\u003c4\u003e[ 574.475386] bq_xmit_all+0x158/0x420\n\u003c4\u003e[ 574.475397] __dev_flush+0x30/0x90\n\u003c4\u003e[ 574.475407] veth_poll+0x216/0x250 [veth]\n\u003c4\u003e[ 574.475421] __napi_poll+0x28/0x1c0\n\u003c4\u003e[ 574.475430] net_rx_action+0x32d/0x3a0\n\u003c4\u003e[ 574.475441] handle_softirqs+0xcb/0x2c0\n\u003c4\u003e[ 574.475451] do_softirq+0x40/0x60\n\u003c4\u003e[ 574.475458] \u003c/IRQ\u003e\n\u003c4\u003e[ 574.475461] \u003cTASK\u003e\n\u003c4\u003e[ 574.475464] __local_bh_enable_ip+0x66/0x70\n\u003c4\u003e[ 574.475471] __dev_queue_xmit+0x268/0xe40\n\u003c4\u003e[ 574.475480] ? selinux_ip_postroute+0x213/0x420\n\u003c4\u003e[ 574.475491] ? alloc_skb_with_frags+0x4a/0x1d0\n\u003c4\u003e[ 574.475502] ip6_finish_output2+0x2be/0x640\n\u003c4\u003e[ 574.475512] ? nf_hook_slow+0x42/0xf0\n\u003c4\u003e[ 574.475521] ip6_finish_output+0x194/0x300\n\u003c4\u003e[ 574.475529] ? __pfx_ip6_finish_output+0x10/0x10\n\u003c4\u003e[ 574.475538] mld_sendpack+0x17c/0x240\n\u003c4\u003e[ 574.475548] mld_ifc_work+0x192/0x410\n\u003c4\u003e[ 574.475557] process_one_work+0x15d/0x380\n\u003c4\u003e[ 574.475566] worker_thread+0x29d/0x3a0\n\u003c4\u003e[ 574.475573] ? __pfx_worker_thread+0x10/0x10\n\u003c4\u003e[ 574.475580] ? __pfx_worker_thread+0x10/0x10\n\u003c4\u003e[ 574.475587] kthread+0xcd/0x100\n\u003c4\u003e[ 574.475597] ? __pfx_kthread+0x10/0x10\n\u003c4\u003e[ 574.475606] ret_from_fork+0x31/0x50\n\u003c4\u003e[ 574.475615] ? __pfx_kthread+0x10/0x10\n\u003c4\u003e[ 574.475623] ret_from_fork_asm+0x1a/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50162",
"url": "https://www.suse.com/security/cve/CVE-2024-50162"
},
{
"category": "external",
"summary": "SUSE Bug 1233075 for CVE-2024-50162",
"url": "https://bugzilla.suse.com/1233075"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50162"
},
{
"cve": "CVE-2024-50163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Make sure internal and UAPI bpf_redirect flags don\u0027t overlap\n\nThe bpf_redirect_info is shared between the SKB and XDP redirect paths,\nand the two paths use the same numeric flag values in the ri-\u003eflags\nfield (specifically, BPF_F_BROADCAST == BPF_F_NEXTHOP). This means that\nif skb bpf_redirect_neigh() is used with a non-NULL params argument and,\nsubsequently, an XDP redirect is performed using the same\nbpf_redirect_info struct, the XDP path will get confused and end up\ncrashing, which syzbot managed to trigger.\n\nWith the stack-allocated bpf_redirect_info, the structure is no longer\nshared between the SKB and XDP paths, so the crash doesn\u0027t happen\nanymore. However, different code paths using identically-numbered flag\nvalues in the same struct field still seems like a bit of a mess, so\nthis patch cleans that up by moving the flag definitions together and\nredefining the three flags in BPF_F_REDIRECT_INTERNAL to not overlap\nwith the flags used for XDP. It also adds a BUILD_BUG_ON() check to make\nsure the overlap is not re-introduced by mistake.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50163",
"url": "https://www.suse.com/security/cve/CVE-2024-50163"
},
{
"category": "external",
"summary": "SUSE Bug 1233098 for CVE-2024-50163",
"url": "https://bugzilla.suse.com/1233098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50163"
},
{
"cve": "CVE-2024-50223",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50223"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/numa: Fix the potential null pointer dereference in task_numa_work()\n\nWhen running stress-ng-vm-segv test, we found a null pointer dereference\nerror in task_numa_work(). Here is the backtrace:\n\n [323676.066985] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000020\n ......\n [323676.067108] CPU: 35 PID: 2694524 Comm: stress-ng-vm-se\n ......\n [323676.067113] pstate: 23401009 (nzCv daif +PAN -UAO +TCO +DIT +SSBS BTYPE=--)\n [323676.067115] pc : vma_migratable+0x1c/0xd0\n [323676.067122] lr : task_numa_work+0x1ec/0x4e0\n [323676.067127] sp : ffff8000ada73d20\n [323676.067128] x29: ffff8000ada73d20 x28: 0000000000000000 x27: 000000003e89f010\n [323676.067130] x26: 0000000000080000 x25: ffff800081b5c0d8 x24: ffff800081b27000\n [323676.067133] x23: 0000000000010000 x22: 0000000104d18cc0 x21: ffff0009f7158000\n [323676.067135] x20: 0000000000000000 x19: 0000000000000000 x18: ffff8000ada73db8\n [323676.067138] x17: 0001400000000000 x16: ffff800080df40b0 x15: 0000000000000035\n [323676.067140] x14: ffff8000ada73cc8 x13: 1fffe0017cc72001 x12: ffff8000ada73cc8\n [323676.067142] x11: ffff80008001160c x10: ffff000be639000c x9 : ffff8000800f4ba4\n [323676.067145] x8 : ffff000810375000 x7 : ffff8000ada73974 x6 : 0000000000000001\n [323676.067147] x5 : 0068000b33e26707 x4 : 0000000000000001 x3 : ffff0009f7158000\n [323676.067149] x2 : 0000000000000041 x1 : 0000000000004400 x0 : 0000000000000000\n [323676.067152] Call trace:\n [323676.067153] vma_migratable+0x1c/0xd0\n [323676.067155] task_numa_work+0x1ec/0x4e0\n [323676.067157] task_work_run+0x78/0xd8\n [323676.067161] do_notify_resume+0x1ec/0x290\n [323676.067163] el0_svc+0x150/0x160\n [323676.067167] el0t_64_sync_handler+0xf8/0x128\n [323676.067170] el0t_64_sync+0x17c/0x180\n [323676.067173] Code: d2888001 910003fd f9000bf3 aa0003f3 (f9401000)\n [323676.067177] SMP: stopping secondary CPUs\n [323676.070184] Starting crashdump kernel...\n\nstress-ng-vm-segv in stress-ng is used to stress test the SIGSEGV error\nhandling function of the system, which tries to cause a SIGSEGV error on\nreturn from unmapping the whole address space of the child process.\n\nNormally this program will not cause kernel crashes. But before the\nmunmap system call returns to user mode, a potential task_numa_work()\nfor numa balancing could be added and executed. In this scenario, since the\nchild process has no vma after munmap, the vma_next() in task_numa_work()\nwill return a null pointer even if the vma iterator restarts from 0.\n\nRecheck the vma pointer before dereferencing it in task_numa_work().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50223",
"url": "https://www.suse.com/security/cve/CVE-2024-50223"
},
{
"category": "external",
"summary": "SUSE Bug 1233192 for CVE-2024-50223",
"url": "https://bugzilla.suse.com/1233192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50223"
},
{
"cve": "CVE-2024-50290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50290"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: cx24116: prevent overflows on SNR calculus\n\nas reported by Coverity, if reading SNR registers fail, a negative\nnumber will be returned, causing an underflow when reading SNR\nregisters.\n\nPrevent that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50290",
"url": "https://www.suse.com/security/cve/CVE-2024-50290"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233479 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233479"
},
{
"category": "external",
"summary": "SUSE Bug 1233681 for CVE-2024-50290",
"url": "https://bugzilla.suse.com/1233681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-50294"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix missing locking causing hanging calls\n\nIf a call gets aborted (e.g. because kafs saw a signal) between it being\nqueued for connection and the I/O thread picking up the call, the abort\nwill be prioritised over the connection and it will be removed from\nlocal-\u003enew_client_calls by rxrpc_disconnect_client_call() without a lock\nbeing held. This may cause other calls on the list to disappear if a race\noccurs.\n\nFix this by taking the client_call_lock when removing a call from whatever\nlist its -\u003ewait_link happens to be on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-50294",
"url": "https://www.suse.com/security/cve/CVE-2024-50294"
},
{
"category": "external",
"summary": "SUSE Bug 1233483 for CVE-2024-50294",
"url": "https://bugzilla.suse.com/1233483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-50294"
},
{
"cve": "CVE-2024-52559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-52559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit-\u003ecmd[i].size\" and \"submit-\u003ecmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-52559",
"url": "https://www.suse.com/security/cve/CVE-2024-52559"
},
{
"category": "external",
"summary": "SUSE Bug 1238507 for CVE-2024-52559",
"url": "https://bugzilla.suse.com/1238507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT\n\nIn qdisc_tree_reduce_backlog, Qdiscs with major handle ffff: are assumed\nto be either root or ingress. This assumption is bogus since it\u0027s valid\nto create egress qdiscs with major handle ffff:\nBudimir Markovic found that for qdiscs like DRR that maintain an active\nclass list, it will cause a UAF with a dangling class pointer.\n\nIn 066a3b5b2346, the concern was to avoid iterating over the ingress\nqdisc since its parent is itself. The proper fix is to stop when parent\nTC_H_ROOT is reached because the only way to retrieve ingress is when a\nhierarchy which does not contain a ffff: major handle call into\nqdisc_lookup with TC_H_MAJ(TC_H_ROOT).\n\nIn the scenario where major ffff: is an egress qdisc in any of the tree\nlevels, the updates will also propagate to TC_H_ROOT, which then the\niteration must stop.\n\n\n net/sched/sch_api.c | 2 +-\n 1 file changed, 1 insertion(+), 1 deletion(-)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53057",
"url": "https://www.suse.com/security/cve/CVE-2024-53057"
},
{
"category": "external",
"summary": "SUSE Bug 1233551 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1233551"
},
{
"category": "external",
"summary": "SUSE Bug 1245816 for CVE-2024-53057",
"url": "https://bugzilla.suse.com/1245816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvbdev: prevent the risk of out of memory access\n\nThe dvbdev contains a static variable used to store dvb minors.\n\nThe behavior of it depends if CONFIG_DVB_DYNAMIC_MINORS is set\nor not. When not set, dvb_register_device() won\u0027t check for\nboundaries, as it will rely that a previous call to\ndvb_register_adapter() would already be enforcing it.\n\nOn a similar way, dvb_device_open() uses the assumption\nthat the register functions already did the needed checks.\n\nThis can be fragile if some device ends using different\ncalls. This also generate warnings on static check analysers\nlike Coverity.\n\nSo, add explicit guards to prevent potential risk of OOM issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53063",
"url": "https://www.suse.com/security/cve/CVE-2024-53063"
},
{
"category": "external",
"summary": "SUSE Bug 1225742 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1225742"
},
{
"category": "external",
"summary": "SUSE Bug 1233557 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233557"
},
{
"category": "external",
"summary": "SUSE Bug 1233619 for CVE-2024-53063",
"url": "https://bugzilla.suse.com/1233619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53124"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix data-races around sk-\u003esk_forward_alloc\n\nSyzkaller reported this warning:\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0\n Modules linked in:\n CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.12.0-rc5 #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:inet_sock_destruct+0x1c5/0x1e0\n Code: 24 12 4c 89 e2 5b 48 c7 c7 98 ec bb 82 41 5c e9 d1 18 17 ff 4c 89 e6 5b 48 c7 c7 d0 ec bb 82 41 5c e9 bf 18 17 ff 0f 0b eb 83 \u003c0f\u003e 0b eb 97 0f 0b eb 87 0f 0b e9 68 ff ff ff 66 66 2e 0f 1f 84 00\n RSP: 0018:ffffc9000008bd90 EFLAGS: 00010206\n RAX: 0000000000000300 RBX: ffff88810b172a90 RCX: 0000000000000007\n RDX: 0000000000000002 RSI: 0000000000000300 RDI: ffff88810b172a00\n RBP: ffff88810b172a00 R08: ffff888104273c00 R09: 0000000000100007\n R10: 0000000000020000 R11: 0000000000000006 R12: ffff88810b172a00\n R13: 0000000000000004 R14: 0000000000000000 R15: ffff888237c31f78\n FS: 0000000000000000(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007ffc63fecac8 CR3: 000000000342e000 CR4: 00000000000006f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x88/0x130\n ? inet_sock_destruct+0x1c5/0x1e0\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? inet_sock_destruct+0x1c5/0x1e0\n __sk_destruct+0x2a/0x200\n rcu_do_batch+0x1aa/0x530\n ? rcu_do_batch+0x13b/0x530\n rcu_core+0x159/0x2f0\n handle_softirqs+0xd3/0x2b0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n run_ksoftirqd+0x25/0x30\n smpboot_thread_fn+0xdd/0x1d0\n kthread+0xd3/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nIts possible that two threads call tcp_v6_do_rcv()/sk_forward_alloc_add()\nconcurrently when sk-\u003esk_state == TCP_LISTEN with sk-\u003esk_lock unlocked,\nwhich triggers a data-race around sk-\u003esk_forward_alloc:\ntcp_v6_rcv\n tcp_v6_do_rcv\n skb_clone_and_charge_r\n sk_rmem_schedule\n __sk_mem_schedule\n sk_forward_alloc_add()\n skb_set_owner_r\n sk_mem_charge\n sk_forward_alloc_add()\n __kfree_skb\n skb_release_all\n skb_release_head_state\n sock_rfree\n sk_mem_uncharge\n sk_forward_alloc_add()\n sk_mem_reclaim\n // set local var reclaimable\n __sk_mem_reclaim\n sk_forward_alloc_add()\n\nIn this syzkaller testcase, two threads call\ntcp_v6_do_rcv() with skb-\u003etruesize=768, the sk_forward_alloc changes like\nthis:\n (cpu 1) | (cpu 2) | sk_forward_alloc\n ... | ... | 0\n __sk_mem_schedule() | | +4096 = 4096\n | __sk_mem_schedule() | +4096 = 8192\n sk_mem_charge() | | -768 = 7424\n | sk_mem_charge() | -768 = 6656\n ... | ... |\n sk_mem_uncharge() | | +768 = 7424\n reclaimable=7424 | |\n | sk_mem_uncharge() | +768 = 8192\n | reclaimable=8192 |\n __sk_mem_reclaim() | | -4096 = 4096\n | __sk_mem_reclaim() | -8192 = -4096 != 0\n\nThe skb_clone_and_charge_r() should not be called in tcp_v6_do_rcv() when\nsk-\u003esk_state is TCP_LISTEN, it happens later in tcp_v6_syn_recv_sock().\nFix the same issue in dccp_v6_do_rcv().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53124",
"url": "https://www.suse.com/security/cve/CVE-2024-53124"
},
{
"category": "external",
"summary": "SUSE Bug 1234074 for CVE-2024-53124",
"url": "https://bugzilla.suse.com/1234074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-53124"
},
{
"cve": "CVE-2024-53135",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53135"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN\n\nHide KVM\u0027s pt_mode module param behind CONFIG_BROKEN, i.e. disable support\nfor virtualizing Intel PT via guest/host mode unless BROKEN=y. There are\nmyriad bugs in the implementation, some of which are fatal to the guest,\nand others which put the stability and health of the host at risk.\n\nFor guest fatalities, the most glaring issue is that KVM fails to ensure\ntracing is disabled, and *stays* disabled prior to VM-Enter, which is\nnecessary as hardware disallows loading (the guest\u0027s) RTIT_CTL if tracing\nis enabled (enforced via a VMX consistency check). Per the SDM:\n\n If the logical processor is operating with Intel PT enabled (if\n IA32_RTIT_CTL.TraceEn = 1) at the time of VM entry, the \"load\n IA32_RTIT_CTL\" VM-entry control must be 0.\n\nOn the host side, KVM doesn\u0027t validate the guest CPUID configuration\nprovided by userspace, and even worse, uses the guest configuration to\ndecide what MSRs to save/load at VM-Enter and VM-Exit. E.g. configuring\nguest CPUID to enumerate more address ranges than are supported in hardware\nwill result in KVM trying to passthrough, save, and load non-existent MSRs,\nwhich generates a variety of WARNs, ToPA ERRORs in the host, a potential\ndeadlock, etc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53135",
"url": "https://www.suse.com/security/cve/CVE-2024-53135"
},
{
"category": "external",
"summary": "SUSE Bug 1234154 for CVE-2024-53135",
"url": "https://bugzilla.suse.com/1234154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-53135"
},
{
"cve": "CVE-2024-53139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53139"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: fix possible UAF in sctp_v6_available()\n\nA lockdep report [1] with CONFIG_PROVE_RCU_LIST=y hints\nthat sctp_v6_available() is calling dev_get_by_index_rcu()\nand ipv6_chk_addr() without holding rcu.\n\n[1]\n =============================\n WARNING: suspicious RCU usage\n 6.12.0-rc5-virtme #1216 Tainted: G W\n -----------------------------\n net/core/dev.c:876 RCU-list traversed in non-reader section!!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n 1 lock held by sctp_hello/31495:\n #0: ffff9f1ebbdb7418 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_bind (./arch/x86/include/asm/jump_label.h:27 net/sctp/socket.c:315) sctp\n\nstack backtrace:\n CPU: 7 UID: 0 PID: 31495 Comm: sctp_hello Tainted: G W 6.12.0-rc5-virtme #1216\n Tainted: [W]=WARN\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:123)\n lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)\n dev_get_by_index_rcu (net/core/dev.c:876 (discriminator 7))\n sctp_v6_available (net/sctp/ipv6.c:701) sctp\n sctp_do_bind (net/sctp/socket.c:400 (discriminator 1)) sctp\n sctp_bind (net/sctp/socket.c:320) sctp\n inet6_bind_sk (net/ipv6/af_inet6.c:465)\n ? security_socket_bind (security/security.c:4581 (discriminator 1))\n __sys_bind (net/socket.c:1848 net/socket.c:1869)\n ? do_user_addr_fault (./include/linux/rcupdate.h:347 ./include/linux/rcupdate.h:880 ./include/linux/mm.h:729 arch/x86/mm/fault.c:1340)\n ? do_user_addr_fault (./arch/x86/include/asm/preempt.h:84 (discriminator 13) ./include/linux/rcupdate.h:98 (discriminator 13) ./include/linux/rcupdate.h:882 (discriminator 13) ./include/linux/mm.h:729 (discriminator 13) arch/x86/mm/fault.c:1340 (discriminator 13))\n __x64_sys_bind (net/socket.c:1877 (discriminator 1) net/socket.c:1875 (discriminator 1) net/socket.c:1875 (discriminator 1))\n do_syscall_64 (arch/x86/entry/common.c:52 (discriminator 1) arch/x86/entry/common.c:83 (discriminator 1))\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n RIP: 0033:0x7f59b934a1e7\n Code: 44 00 00 48 8b 15 39 8c 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 31 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 09 8c 0c 00 f7 d8 64 89 01 48\nAll code\n========\n 0:\t44 00 00 \tadd %r8b,(%rax)\n 3:\t48 8b 15 39 8c 0c 00 \tmov 0xc8c39(%rip),%rdx # 0xc8c43\n a:\tf7 d8 \tneg %eax\n c:\t64 89 02 \tmov %eax,%fs:(%rdx)\n f:\tb8 ff ff ff ff \tmov $0xffffffff,%eax\n 14:\teb bd \tjmp 0xffffffffffffffd3\n 16:\t66 2e 0f 1f 84 00 00 \tcs nopw 0x0(%rax,%rax,1)\n 1d:\t00 00 00\n 20:\t0f 1f 00 \tnopl (%rax)\n 23:\tb8 31 00 00 00 \tmov $0x31,%eax\n 28:\t0f 05 \tsyscall\n 2a:*\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\t\t\u003c-- trapping instruction\n 30:\t73 01 \tjae 0x33\n 32:\tc3 \tret\n 33:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c43\n 3a:\tf7 d8 \tneg %eax\n 3c:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 3f:\t48 \trex.W\n\nCode starting with the faulting instruction\n===========================================\n 0:\t48 3d 01 f0 ff ff \tcmp $0xfffffffffffff001,%rax\n 6:\t73 01 \tjae 0x9\n 8:\tc3 \tret\n 9:\t48 8b 0d 09 8c 0c 00 \tmov 0xc8c09(%rip),%rcx # 0xc8c19\n 10:\tf7 d8 \tneg %eax\n 12:\t64 89 01 \tmov %eax,%fs:(%rcx)\n 15:\t48 \trex.W\n RSP: 002b:00007ffe2d0ad398 EFLAGS: 00000202 ORIG_RAX: 0000000000000031\n RAX: ffffffffffffffda RBX: 00007ffe2d0ad3d0 RCX: 00007f59b934a1e7\n RDX: 000000000000001c RSI: 00007ffe2d0ad3d0 RDI: 0000000000000005\n RBP: 0000000000000005 R08: 1999999999999999 R09: 0000000000000000\n R10: 00007f59b9253298 R11: 000000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53139",
"url": "https://www.suse.com/security/cve/CVE-2024-53139"
},
{
"category": "external",
"summary": "SUSE Bug 1234157 for CVE-2024-53139",
"url": "https://bugzilla.suse.com/1234157"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-53139"
},
{
"cve": "CVE-2024-53140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: terminate outstanding dump on socket close\n\nNetlink supports iterative dumping of data. It provides the families\nthe following ops:\n - start - (optional) kicks off the dumping process\n - dump - actual dump helper, keeps getting called until it returns 0\n - done - (optional) pairs with .start, can be used for cleanup\nThe whole process is asynchronous and the repeated calls to .dump\ndon\u0027t actually happen in a tight loop, but rather are triggered\nin response to recvmsg() on the socket.\n\nThis gives the user full control over the dump, but also means that\nthe user can close the socket without getting to the end of the dump.\nTo make sure .start is always paired with .done we check if there\nis an ongoing dump before freeing the socket, and if so call .done.\n\nThe complication is that sockets can get freed from BH and .done\nis allowed to sleep. So we use a workqueue to defer the call, when\nneeded.\n\nUnfortunately this does not work correctly. What we defer is not\nthe cleanup but rather releasing a reference on the socket.\nWe have no guarantee that we own the last reference, if someone\nelse holds the socket they may release it in BH and we\u0027re back\nto square one.\n\nThe whole dance, however, appears to be unnecessary. Only the user\ncan interact with dumps, so we can clean up when socket is closed.\nAnd close always happens in process context. Some async code may\nstill access the socket after close, queue notification skbs to it etc.\nbut no dumps can start, end or otherwise make progress.\n\nDelete the workqueue and flush the dump state directly from the release\nhandler. Note that further cleanup is possible in -next, for instance\nwe now always call .done before releasing the main module reference,\nso dump doesn\u0027t have to take a reference of its own.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53140",
"url": "https://www.suse.com/security/cve/CVE-2024-53140"
},
{
"category": "external",
"summary": "SUSE Bug 1234222 for CVE-2024-53140",
"url": "https://bugzilla.suse.com/1234222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53163"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat/qat_420xx - fix off by one in uof_get_name()\n\nThis is called from uof_get_name_420xx() where \"num_objs\" is the\nARRAY_SIZE() of fw_objs[]. The \u003e needs to be \u003e= to prevent an out of\nbounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53163",
"url": "https://www.suse.com/security/cve/CVE-2024-53163"
},
{
"category": "external",
"summary": "SUSE Bug 1234828 for CVE-2024-53163",
"url": "https://bugzilla.suse.com/1234828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: During unmount, ensure all cached dir instances drop their dentry\n\nThe unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can\nrace with various cached directory operations, which ultimately results\nin dentries not being dropped and these kernel BUGs:\n\nBUG: Dentry ffff88814f37e358{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nVFS: Busy inodes after unmount of cifs (cifs)\n------------[ cut here ]------------\nkernel BUG at fs/super.c:661!\n\nThis happens when a cfid is in the process of being cleaned up when, and\nhas been removed from the cfids-\u003eentries list, including:\n\n- Receiving a lease break from the server\n- Server reconnection triggers invalidate_all_cached_dirs(), which\n removes all the cfids from the list\n- The laundromat thread decides to expire an old cfid.\n\nTo solve these problems, dropping the dentry is done in queued work done\nin a newly-added cfid_put_wq workqueue, and close_all_cached_dirs()\nflushes that workqueue after it drops all the dentries of which it\u0027s\naware. This is a global workqueue (rather than scoped to a mount), but\nthe queued work is minimal.\n\nThe final cleanup work for cleaning up a cfid is performed via work\nqueued in the serverclose_wq workqueue; this is done separate from\ndropping the dentries so that close_all_cached_dirs() doesn\u0027t block on\nany server operations.\n\nBoth of these queued works expect to invoked with a cfid reference and\na tcon reference to avoid those objects from being freed while the work\nis ongoing.\n\nWhile we\u0027re here, add proper locking to close_all_cached_dirs(), and\nlocking around the freeing of cfid-\u003edentry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53176",
"url": "https://www.suse.com/security/cve/CVE-2024-53176"
},
{
"category": "external",
"summary": "SUSE Bug 1234894 for CVE-2024-53176",
"url": "https://bugzilla.suse.com/1234894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-53176"
},
{
"cve": "CVE-2024-53177",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53177"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: prevent use-after-free due to open_cached_dir error paths\n\nIf open_cached_dir() encounters an error parsing the lease from the\nserver, the error handling may race with receiving a lease break,\nresulting in open_cached_dir() freeing the cfid while the queued work is\npending.\n\nUpdate open_cached_dir() to drop refs rather than directly freeing the\ncfid.\n\nHave cached_dir_lease_break(), cfids_laundromat_worker(), and\ninvalidate_all_cached_dirs() clear has_lease immediately while still\nholding cfids-\u003ecfid_list_lock, and then use this to also simplify the\nreference counting in cfids_laundromat_worker() and\ninvalidate_all_cached_dirs().\n\nFixes this KASAN splat (which manually injects an error and lease break\nin open_cached_dir()):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in smb2_cached_lease_break+0x27/0xb0\nRead of size 8 at addr ffff88811cc24c10 by task kworker/3:1/65\n\nCPU: 3 UID: 0 PID: 65 Comm: kworker/3:1 Not tainted 6.12.0-rc6-g255cf264e6e5-dirty #87\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nWorkqueue: cifsiod smb2_cached_lease_break\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x77/0xb0\n print_report+0xce/0x660\n kasan_report+0xd3/0x110\n smb2_cached_lease_break+0x27/0xb0\n process_one_work+0x50a/0xc50\n worker_thread+0x2ba/0x530\n kthread+0x17c/0x1c0\n ret_from_fork+0x34/0x60\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n open_cached_dir+0xa7d/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x51/0x70\n kfree+0x174/0x520\n open_cached_dir+0x97f/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x33/0x60\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x32/0x100\n __queue_work+0x5c9/0x870\n queue_work_on+0x82/0x90\n open_cached_dir+0x1369/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe buggy address belongs to the object at ffff88811cc24c00\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 16 bytes inside of\n freed 1024-byte region [ffff88811cc24c00, ffff88811cc25000)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53177",
"url": "https://www.suse.com/security/cve/CVE-2024-53177"
},
{
"category": "external",
"summary": "SUSE Bug 1234896 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1234896"
},
{
"category": "external",
"summary": "SUSE Bug 1235103 for CVE-2024-53177",
"url": "https://bugzilla.suse.com/1235103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2024-53177"
},
{
"cve": "CVE-2024-53178",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53178"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Don\u0027t leak cfid when reconnect races with open_cached_dir\n\nopen_cached_dir() may either race with the tcon reconnection even before\ncompound_send_recv() or directly trigger a reconnection via\nSMB2_open_init() or SMB_query_info_init().\n\nThe reconnection process invokes invalidate_all_cached_dirs() via\ncifs_mark_open_files_invalid(), which removes all cfids from the\ncfids-\u003eentries list but doesn\u0027t drop a ref if has_lease isn\u0027t true. This\nresults in the currently-being-constructed cfid not being on the list,\nbut still having a refcount of 2. It leaks if returned from\nopen_cached_dir().\n\nFix this by setting cfid-\u003ehas_lease when the ref is actually taken; the\ncfid will not be used by other threads until it has a valid time.\n\nAddresses these kmemleaks:\n\nunreferenced object 0xffff8881090c4000 (size 1024):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 32 bytes):\n 00 01 00 00 00 00 ad de 22 01 00 00 00 00 ad de ........\".......\n 00 ca 45 22 81 88 ff ff f8 dc 4f 04 81 88 ff ff ..E\"......O.....\n backtrace (crc 6f58c20f):\n [\u003cffffffff8b895a1e\u003e] __kmalloc_cache_noprof+0x2be/0x350\n [\u003cffffffff8bda06e3\u003e] open_cached_dir+0x993/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\nunreferenced object 0xffff8881044fdcf8 (size 8):\n comm \"bash\", pid 1860, jiffies 4295126592\n hex dump (first 8 bytes):\n 00 cc cc cc cc cc cc cc ........\n backtrace (crc 10c106a9):\n [\u003cffffffff8b89a3d3\u003e] __kmalloc_node_track_caller_noprof+0x363/0x480\n [\u003cffffffff8b7d7256\u003e] kstrdup+0x36/0x60\n [\u003cffffffff8bda0700\u003e] open_cached_dir+0x9b0/0x1fb0\n [\u003cffffffff8bdaa750\u003e] cifs_readdir+0x15a0/0x1d50\n [\u003cffffffff8b9a853f\u003e] iterate_dir+0x28f/0x4b0\n [\u003cffffffff8b9a9aed\u003e] __x64_sys_getdents64+0xfd/0x200\n [\u003cffffffff8cf6da05\u003e] do_syscall_64+0x95/0x1a0\n [\u003cffffffff8d00012f\u003e] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAnd addresses these BUG splats when unmounting the SMB filesystem:\n\nBUG: Dentry ffff888140590ba0{i=1000000000080,n=/} still in use (2) [unmount of cifs cifs]\nWARNING: CPU: 3 PID: 3433 at fs/dcache.c:1536 umount_check+0xd0/0x100\nModules linked in:\nCPU: 3 UID: 0 PID: 3433 Comm: bash Not tainted 6.12.0-rc4-g850925a8133c-dirty #49\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:umount_check+0xd0/0x100\nCode: 8d 7c 24 40 e8 31 5a f4 ff 49 8b 54 24 40 41 56 49 89 e9 45 89 e8 48 89 d9 41 57 48 89 de 48 c7 c7 80 e7 db ac e8 f0 72 9a ff \u003c0f\u003e 0b 58 31 c0 5a 5b 5d 41 5c 41 5d 41 5e 41 5f e9 2b e5 5d 01 41\nRSP: 0018:ffff88811cc27978 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff888140590ba0 RCX: ffffffffaaf20bae\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881f6fb6f40\nRBP: ffff8881462ec000 R08: 0000000000000001 R09: ffffed1023984ee3\nR10: ffff88811cc2771f R11: 00000000016cfcc0 R12: ffff888134383e08\nR13: 0000000000000002 R14: ffff8881462ec668 R15: ffffffffaceab4c0\nFS: 00007f23bfa98740(0000) GS:ffff8881f6f80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556de4a6f808 CR3: 0000000123c80000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n d_walk+0x6a/0x530\n shrink_dcache_for_umount+0x6a/0x200\n generic_shutdown_super+0x52/0x2a0\n kill_anon_super+0x22/0x40\n cifs_kill_sb+0x159/0x1e0\n deactivate_locked_super+0x66/0xe0\n cleanup_mnt+0x140/0x210\n task_work_run+0xfb/0x170\n syscall_exit_to_user_mode+0x29f/0x2b0\n do_syscall_64+0xa1/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f23bfb93ae7\nCode: ff ff ff ff c3 66 0f 1f 44 00 00 48 8b 0d 11 93 0d 00 f7 d8 64 89 01 b8 ff ff ff ff eb bf 0f 1f 44 00 00 b8 50 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e9 92 0d 00 f7 d8 64 89 \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53178",
"url": "https://www.suse.com/security/cve/CVE-2024-53178"
},
{
"category": "external",
"summary": "SUSE Bug 1234895 for CVE-2024-53178",
"url": "https://bugzilla.suse.com/1234895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-53178"
},
{
"cve": "CVE-2024-53680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()\n\nUnder certain kernel configurations when building with Clang/LLVM, the\ncompiler does not generate a return or jump as the terminator\ninstruction for ip_vs_protocol_init(), triggering the following objtool\nwarning during build time:\n\n vmlinux.o: warning: objtool: ip_vs_protocol_init() falls through to next function __initstub__kmod_ip_vs_rr__935_123_ip_vs_rr_init6()\n\nAt runtime, this either causes an oops when trying to load the ipvs\nmodule or a boot-time panic if ipvs is built-in. This same issue has\nbeen reported by the Intel kernel test robot previously.\n\nDigging deeper into both LLVM and the kernel code reveals this to be a\nundefined behavior problem. ip_vs_protocol_init() uses a on-stack buffer\nof 64 chars to store the registered protocol names and leaves it\nuninitialized after definition. The function calls strnlen() when\nconcatenating protocol names into the buffer. With CONFIG_FORTIFY_SOURCE\nstrnlen() performs an extra step to check whether the last byte of the\ninput char buffer is a null character (commit 3009f891bb9f (\"fortify:\nAllow strlen() and strnlen() to pass compile-time known lengths\")).\nThis, together with possibly other configurations, cause the following\nIR to be generated:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #5 section \".init.text\" align 16 !kcfi_type !29 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 14: ; preds = %11\n %15 = getelementptr inbounds i8, ptr %1, i64 63\n %16 = load i8, ptr %15, align 1\n %17 = tail call i1 @llvm.is.constant.i8(i8 %16)\n %18 = icmp eq i8 %16, 0\n %19 = select i1 %17, i1 %18, i1 false\n br i1 %19, label %20, label %23\n\n 20: ; preds = %14\n %21 = call i64 @strlen(ptr noundef nonnull dereferenceable(1) %1) #23\n ...\n\n 23: ; preds = %14, %11, %20\n %24 = call i64 @strnlen(ptr noundef nonnull dereferenceable(1) %1, i64 noundef 64) #24\n ...\n }\n\nThe above code calculates the address of the last char in the buffer\n(value %15) and then loads from it (value %16). Because the buffer is\nnever initialized, the LLVM GVN pass marks value %16 as undefined:\n\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n br i1 undef, label %14, label %17\n\nThis gives later passes (SCCP, in particular) more DCE opportunities by\npropagating the undef value further, and eventually removes everything\nafter the load on the uninitialized stack location:\n\n define hidden i32 @ip_vs_protocol_init() local_unnamed_addr #0 section \".init.text\" align 16 !kcfi_type !11 {\n %1 = alloca [64 x i8], align 16\n ...\n\n 12: ; preds = %11\n %13 = getelementptr inbounds i8, ptr %1, i64 63\n unreachable\n }\n\nIn this way, the generated native code will just fall through to the\nnext function, as LLVM does not generate any code for the unreachable IR\ninstruction and leaves the function without a terminator.\n\nZero the on-stack buffer to avoid this possible UB.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53680",
"url": "https://www.suse.com/security/cve/CVE-2024-53680"
},
{
"category": "external",
"summary": "SUSE Bug 1235715 for CVE-2024-53680",
"url": "https://bugzilla.suse.com/1235715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: bsg: Set bsg_queue to NULL after removal\n\nCurrently, this does not cause any issues, but I believe it is necessary to\nset bsg_queue to NULL after removing it to prevent potential use-after-free\n(UAF) access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54458",
"url": "https://www.suse.com/security/cve/CVE-2024-54458"
},
{
"category": "external",
"summary": "SUSE Bug 1238992 for CVE-2024-54458",
"url": "https://bugzilla.suse.com/1238992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-54683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-54683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: IDLETIMER: Fix for possible ABBA deadlock\n\nDeletion of the last rule referencing a given idletimer may happen at\nthe same time as a read of its file in sysfs:\n\n| ======================================================\n| WARNING: possible circular locking dependency detected\n| 6.12.0-rc7-01692-g5e9a28f41134-dirty #594 Not tainted\n| ------------------------------------------------------\n| iptables/3303 is trying to acquire lock:\n| ffff8881057e04b8 (kn-\u003eactive#48){++++}-{0:0}, at: __kernfs_remove+0x20\n|\n| but task is already holding lock:\n| ffffffffa0249068 (list_mutex){+.+.}-{3:3}, at: idletimer_tg_destroy_v]\n|\n| which lock already depends on the new lock.\n\nA simple reproducer is:\n\n| #!/bin/bash\n|\n| while true; do\n| iptables -A INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| iptables -D INPUT -i foo -j IDLETIMER --timeout 10 --label \"testme\"\n| done \u0026\n| while true; do\n| cat /sys/class/xt_idletimer/timers/testme \u003e/dev/null\n| done\n\nAvoid this by freeing list_mutex right after deleting the element from\nthe list, then continuing with the teardown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-54683",
"url": "https://www.suse.com/security/cve/CVE-2024-54683"
},
{
"category": "external",
"summary": "SUSE Bug 1235729 for CVE-2024-54683",
"url": "https://bugzilla.suse.com/1235729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-56638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: incorrect percpu area handling under softirq\n\nSoftirq can interrupt ongoing packet from process context that is\nwalking over the percpu area that contains inner header offsets.\n\nDisable bh and perform three checks before restoring the percpu inner\nheader offsets to validate that the percpu area is valid for this\nskbuff:\n\n1) If the NFT_PKTINFO_INNER_FULL flag is set on, then this skbuff\n has already been parsed before for inner header fetching to\n register.\n\n2) Validate that the percpu area refers to this skbuff using the\n skbuff pointer as a cookie. If there is a cookie mismatch, then\n this skbuff needs to be parsed again.\n\n3) Finally, validate if the percpu area refers to this tunnel type.\n\nOnly after these three checks the percpu area is restored to a on-stack\ncopy and bh is enabled again.\n\nAfter inner header fetching, the on-stack copy is stored back to the\npercpu area.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56638",
"url": "https://www.suse.com/security/cve/CVE-2024-56638"
},
{
"category": "external",
"summary": "SUSE Bug 1235524 for CVE-2024-56638",
"url": "https://bugzilla.suse.com/1235524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix LGR and link use-after-free issue\n\nWe encountered a LGR/link use-after-free issue, which manifested as\nthe LGR/link refcnt reaching 0 early and entering the clear process,\nmaking resource access unsafe.\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 14 PID: 107447 at lib/refcount.c:25 refcount_warn_saturate+0x9c/0x140\n Workqueue: events smc_lgr_terminate_work [smc]\n Call trace:\n refcount_warn_saturate+0x9c/0x140\n __smc_lgr_terminate.part.45+0x2a8/0x370 [smc]\n smc_lgr_terminate_work+0x28/0x30 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nor\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 6 PID: 93140 at lib/refcount.c:28 refcount_warn_saturate+0xf0/0x140\n Workqueue: smc_hs_wq smc_listen_work [smc]\n Call trace:\n refcount_warn_saturate+0xf0/0x140\n smcr_link_put+0x1cc/0x1d8 [smc]\n smc_conn_free+0x110/0x1b0 [smc]\n smc_conn_abort+0x50/0x60 [smc]\n smc_listen_find_device+0x75c/0x790 [smc]\n smc_listen_work+0x368/0x8a0 [smc]\n process_one_work+0x1b8/0x420\n worker_thread+0x158/0x510\n kthread+0x114/0x118\n\nIt is caused by repeated release of LGR/link refcnt. One suspect is that\nsmc_conn_free() is called repeatedly because some smc_conn_free() from\nserver listening path are not protected by sock lock.\n\ne.g.\n\nCalls under socklock | smc_listen_work\n-------------------------------------------------------\nlock_sock(sk) | smc_conn_abort\nsmc_conn_free | \\- smc_conn_free\n\\- smcr_link_put | \\- smcr_link_put (duplicated)\nrelease_sock(sk)\n\nSo here add sock lock protection in smc_listen_work() path, making it\nexclusive with other connection operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56640",
"url": "https://www.suse.com/security/cve/CVE-2024-56640"
},
{
"category": "external",
"summary": "SUSE Bug 1235436 for CVE-2024-56640",
"url": "https://bugzilla.suse.com/1235436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: initialize close_work early to avoid warning\n\nWe encountered a warning that close_work was canceled before\ninitialization.\n\n WARNING: CPU: 7 PID: 111103 at kernel/workqueue.c:3047 __flush_work+0x19e/0x1b0\n Workqueue: events smc_lgr_terminate_work [smc]\n RIP: 0010:__flush_work+0x19e/0x1b0\n Call Trace:\n ? __wake_up_common+0x7a/0x190\n ? work_busy+0x80/0x80\n __cancel_work_timer+0xe3/0x160\n smc_close_cancel_work+0x1a/0x70 [smc]\n smc_close_active_abort+0x207/0x360 [smc]\n __smc_lgr_terminate.part.38+0xc8/0x180 [smc]\n process_one_work+0x19e/0x340\n worker_thread+0x30/0x370\n ? process_one_work+0x340/0x340\n kthread+0x117/0x130\n ? __kthread_cancel_work+0x50/0x50\n ret_from_fork+0x22/0x30\n\nThis is because when smc_close_cancel_work is triggered, e.g. the RDMA\ndriver is rmmod and the LGR is terminated, the conn-\u003eclose_work is\nflushed before initialization, resulting in WARN_ON(!work-\u003efunc).\n\n__smc_lgr_terminate | smc_connect_{rdma|ism}\n-------------------------------------------------------------\n | smc_conn_create\n\t\t\t\t| \\- smc_lgr_register_conn\nfor conn in lgr-\u003econns_all |\n\\- smc_conn_kill |\n \\- smc_close_active_abort |\n \\- smc_close_cancel_work |\n \\- cancel_work_sync |\n \\- __flush_work |\n\t (close_work) |\n\t | smc_close_init\n\t | \\- INIT_WORK(\u0026close_work)\n\nSo fix this by initializing close_work before establishing the\nconnection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56641",
"url": "https://www.suse.com/security/cve/CVE-2024-56641"
},
{
"category": "external",
"summary": "SUSE Bug 1235526 for CVE-2024-56641",
"url": "https://bugzilla.suse.com/1235526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56641"
},
{
"cve": "CVE-2024-56702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Mark raw_tp arguments with PTR_MAYBE_NULL\n\nArguments to a raw tracepoint are tagged as trusted, which carries the\nsemantics that the pointer will be non-NULL. However, in certain cases,\na raw tracepoint argument may end up being NULL. More context about this\nissue is available in [0].\n\nThus, there is a discrepancy between the reality, that raw_tp arguments\ncan actually be NULL, and the verifier\u0027s knowledge, that they are never\nNULL, causing explicit NULL checks to be deleted, and accesses to such\npointers potentially crashing the kernel.\n\nTo fix this, mark raw_tp arguments as PTR_MAYBE_NULL, and then special\ncase the dereference and pointer arithmetic to permit it, and allow\npassing them into helpers/kfuncs; these exceptions are made for raw_tp\nprograms only. Ensure that we don\u0027t do this when ref_obj_id \u003e 0, as in\nthat case this is an acquired object and doesn\u0027t need such adjustment.\n\nThe reason we do mask_raw_tp_trusted_reg logic is because other will\nrecheck in places whether the register is a trusted_reg, and then\nconsider our register as untrusted when detecting the presence of the\nPTR_MAYBE_NULL flag.\n\nTo allow safe dereference, we enable PROBE_MEM marking when we see loads\ninto trusted pointers with PTR_MAYBE_NULL.\n\nWhile trusted raw_tp arguments can also be passed into helpers or kfuncs\nwhere such broken assumption may cause issues, a future patch set will\ntackle their case separately, as PTR_TO_BTF_ID (without PTR_TRUSTED) can\nalready be passed into helpers and causes similar problems. Thus, they\nare left alone for now.\n\nIt is possible that these checks also permit passing non-raw_tp args\nthat are trusted PTR_TO_BTF_ID with null marking. In such a case,\nallowing dereference when pointer is NULL expands allowed behavior, so\nwon\u0027t regress existing programs, and the case of passing these into\nhelpers is the same as above and will be dealt with later.\n\nAlso update the failure case in tp_btf_nullable selftest to capture the\nnew behavior, as the verifier will no longer cause an error when\ndirectly dereference a raw tracepoint argument marked as __nullable.\n\n [0]: https://lore.kernel.org/bpf/ZrCZS6nisraEqehw@jlelli-thinkpadt14gen4.remote.csb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56702",
"url": "https://www.suse.com/security/cve/CVE-2024-56702"
},
{
"category": "external",
"summary": "SUSE Bug 1235501 for CVE-2024-56702",
"url": "https://bugzilla.suse.com/1235501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix soft lockups in fib6_select_path under high next hop churn\n\nSoft lockups have been observed on a cluster of Linux-based edge routers\nlocated in a highly dynamic environment. Using the `bird` service, these\nrouters continuously update BGP-advertised routes due to frequently\nchanging nexthop destinations, while also managing significant IPv6\ntraffic. The lockups occur during the traversal of the multipath\ncircular linked-list in the `fib6_select_path` function, particularly\nwhile iterating through the siblings in the list. The issue typically\narises when the nodes of the linked list are unexpectedly deleted\nconcurrently on a different core-indicated by their \u0027next\u0027 and\n\u0027previous\u0027 elements pointing back to the node itself and their reference\ncount dropping to zero. This results in an infinite loop, leading to a\nsoft lockup that triggers a system panic via the watchdog timer.\n\nApply RCU primitives in the problematic code sections to resolve the\nissue. Where necessary, update the references to fib6_siblings to\nannotate or use the RCU APIs.\n\nInclude a test script that reproduces the issue. The script\nperiodically updates the routing table while generating a heavy load\nof outgoing IPv6 traffic through multiple iperf3 clients. It\nconsistently induces infinite soft lockups within a couple of minutes.\n\nKernel log:\n\n 0 [ffffbd13003e8d30] machine_kexec at ffffffff8ceaf3eb\n 1 [ffffbd13003e8d90] __crash_kexec at ffffffff8d0120e3\n 2 [ffffbd13003e8e58] panic at ffffffff8cef65d4\n 3 [ffffbd13003e8ed8] watchdog_timer_fn at ffffffff8d05cb03\n 4 [ffffbd13003e8f08] __hrtimer_run_queues at ffffffff8cfec62f\n 5 [ffffbd13003e8f70] hrtimer_interrupt at ffffffff8cfed756\n 6 [ffffbd13003e8fd0] __sysvec_apic_timer_interrupt at ffffffff8cea01af\n 7 [ffffbd13003e8ff0] sysvec_apic_timer_interrupt at ffffffff8df1b83d\n-- \u003cIRQ stack\u003e --\n 8 [ffffbd13003d3708] asm_sysvec_apic_timer_interrupt at ffffffff8e000ecb\n [exception RIP: fib6_select_path+299]\n RIP: ffffffff8ddafe7b RSP: ffffbd13003d37b8 RFLAGS: 00000287\n RAX: ffff975850b43600 RBX: ffff975850b40200 RCX: 0000000000000000\n RDX: 000000003fffffff RSI: 0000000051d383e4 RDI: ffff975850b43618\n RBP: ffffbd13003d3800 R8: 0000000000000000 R9: ffff975850b40200\n R10: 0000000000000000 R11: 0000000000000000 R12: ffffbd13003d3830\n R13: ffff975850b436a8 R14: ffff975850b43600 R15: 0000000000000007\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n 9 [ffffbd13003d3808] ip6_pol_route at ffffffff8ddb030c\n10 [ffffbd13003d3888] ip6_pol_route_input at ffffffff8ddb068c\n11 [ffffbd13003d3898] fib6_rule_lookup at ffffffff8ddf02b5\n12 [ffffbd13003d3928] ip6_route_input at ffffffff8ddb0f47\n13 [ffffbd13003d3a18] ip6_rcv_finish_core.constprop.0 at ffffffff8dd950d0\n14 [ffffbd13003d3a30] ip6_list_rcv_finish.constprop.0 at ffffffff8dd96274\n15 [ffffbd13003d3a98] ip6_sublist_rcv at ffffffff8dd96474\n16 [ffffbd13003d3af8] ipv6_list_rcv at ffffffff8dd96615\n17 [ffffbd13003d3b60] __netif_receive_skb_list_core at ffffffff8dc16fec\n18 [ffffbd13003d3be0] netif_receive_skb_list_internal at ffffffff8dc176b3\n19 [ffffbd13003d3c50] napi_gro_receive at ffffffff8dc565b9\n20 [ffffbd13003d3c80] ice_receive_skb at ffffffffc087e4f5 [ice]\n21 [ffffbd13003d3c90] ice_clean_rx_irq at ffffffffc0881b80 [ice]\n22 [ffffbd13003d3d20] ice_napi_poll at ffffffffc088232f [ice]\n23 [ffffbd13003d3d80] __napi_poll at ffffffff8dc18000\n24 [ffffbd13003d3db8] net_rx_action at ffffffff8dc18581\n25 [ffffbd13003d3e40] __do_softirq at ffffffff8df352e9\n26 [ffffbd13003d3eb0] run_ksoftirqd at ffffffff8ceffe47\n27 [ffffbd13003d3ec0] smpboot_thread_fn at ffffffff8cf36a30\n28 [ffffbd13003d3ee8] kthread at ffffffff8cf2b39f\n29 [ffffbd13003d3f28] ret_from_fork at ffffffff8ce5fa64\n30 [ffffbd13003d3f50] ret_from_fork_asm at ffffffff8ce03cbb",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56703",
"url": "https://www.suse.com/security/cve/CVE-2024-56703"
},
{
"category": "external",
"summary": "SUSE Bug 1235455 for CVE-2024-56703",
"url": "https://bugzilla.suse.com/1235455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: protect link down work from execute after lgr freed\n\nlink down work may be scheduled before lgr freed but execute\nafter lgr freed, which may result in crash. So it is need to\nhold a reference before shedule link down work, and put the\nreference after work executed or canceled.\n\nThe relevant crash call stack as follows:\n list_del corruption. prev-\u003enext should be ffffb638c9c0fe20,\n but was 0000000000000000\n ------------[ cut here ]------------\n kernel BUG at lib/list_debug.c:51!\n invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 6 PID: 978112 Comm: kworker/6:119 Kdump: loaded Tainted: G #1\n Hardware name: Alibaba Cloud Alibaba Cloud ECS, BIOS 2221b89 04/01/2014\n Workqueue: events smc_link_down_work [smc]\n RIP: 0010:__list_del_entry_valid.cold+0x31/0x47\n RSP: 0018:ffffb638c9c0fdd8 EFLAGS: 00010086\n RAX: 0000000000000054 RBX: ffff942fb75e5128 RCX: 0000000000000000\n RDX: ffff943520930aa0 RSI: ffff94352091fc80 RDI: ffff94352091fc80\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffb638c9c0fc38\n R10: ffffb638c9c0fc30 R11: ffffffffa015eb28 R12: 0000000000000002\n R13: ffffb638c9c0fe20 R14: 0000000000000001 R15: ffff942f9cd051c0\n FS: 0000000000000000(0000) GS:ffff943520900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f25214000 CR3: 000000025fbae004 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n rwsem_down_write_slowpath+0x17e/0x470\n smc_link_down_work+0x3c/0x60 [smc]\n process_one_work+0x1ac/0x350\n worker_thread+0x49/0x2f0\n ? rescuer_thread+0x360/0x360\n kthread+0x118/0x140\n ? __kthread_bind_mask+0x60/0x60\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56718",
"url": "https://www.suse.com/security/cve/CVE-2024-56718"
},
{
"category": "external",
"summary": "SUSE Bug 1235589 for CVE-2024-56718",
"url": "https://bugzilla.suse.com/1235589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix TSO DMA API usage causing oops\n\nCommit 66600fac7a98 (\"net: stmmac: TSO: Fix unbalanced DMA map/unmap\nfor non-paged SKB data\") moved the assignment of tx_skbuff_dma[]\u0027s\nmembers to be later in stmmac_tso_xmit().\n\nThe buf (dma cookie) and len stored in this structure are passed to\ndma_unmap_single() by stmmac_tx_clean(). The DMA API requires that\nthe dma cookie passed to dma_unmap_single() is the same as the value\nreturned from dma_map_single(). However, by moving the assignment\nlater, this is not the case when priv-\u003edma_cap.addr64 \u003e 32 as \"des\"\nis offset by proto_hdr_len.\n\nThis causes problems such as:\n\n dwc-eth-dwmac 2490000.ethernet eth0: Tx DMA map failed\n\nand with DMA_API_DEBUG enabled:\n\n DMA-API: dwc-eth-dwmac 2490000.ethernet: device driver tries to +free DMA memory it has not allocated [device address=0x000000ffffcf65c0] [size=66 bytes]\n\nFix this by maintaining \"des\" as the original DMA cookie, and use\ntso_des to pass the offset DMA cookie to stmmac_tso_allocator().\n\nFull details of the crashes can be found at:\nhttps://lore.kernel.org/all/d8112193-0386-4e14-b516-37c2d838171a@nvidia.com/\nhttps://lore.kernel.org/all/klkzp5yn5kq5efgtrow6wbvnc46bcqfxs65nz3qy77ujr5turc@bwwhelz2l4dw/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56719",
"url": "https://www.suse.com/security/cve/CVE-2024-56719"
},
{
"category": "external",
"summary": "SUSE Bug 1235591 for CVE-2024-56719",
"url": "https://bugzilla.suse.com/1235591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: release nexthop on device removal\n\nThe CI is hitting some aperiodic hangup at device removal time in the\npmtu.sh self-test:\n\nunregister_netdevice: waiting for veth_A-R1 to become free. Usage count = 6\nref_tracker: veth_A-R1@ffff888013df15d8 has 1/5 users at\n\tdst_init+0x84/0x4a0\n\tdst_alloc+0x97/0x150\n\tip6_dst_alloc+0x23/0x90\n\tip6_rt_pcpu_alloc+0x1e6/0x520\n\tip6_pol_route+0x56f/0x840\n\tfib6_rule_lookup+0x334/0x630\n\tip6_route_output_flags+0x259/0x480\n\tip6_dst_lookup_tail.constprop.0+0x5c2/0x940\n\tip6_dst_lookup_flow+0x88/0x190\n\tudp_tunnel6_dst_lookup+0x2a7/0x4c0\n\tvxlan_xmit_one+0xbde/0x4a50 [vxlan]\n\tvxlan_xmit+0x9ad/0xf20 [vxlan]\n\tdev_hard_start_xmit+0x10e/0x360\n\t__dev_queue_xmit+0xf95/0x18c0\n\tarp_solicit+0x4a2/0xe00\n\tneigh_probe+0xaa/0xf0\n\nWhile the first suspect is the dst_cache, explicitly tracking the dst\nowing the last device reference via probes proved such dst is held by\nthe nexthop in the originating fib6_info.\n\nSimilar to commit f5b51fe804ec (\"ipv6: route: purge exception on\nremoval\"), we need to explicitly release the originating fib info when\ndisconnecting a to-be-removed device from a live ipv6 dst: move the\nfib6_info cleanup into ip6_dst_ifdown().\n\nTested running:\n\n./pmtu.sh cleanup_ipv6_exception\n\nin a tight loop for more than 400 iterations with no spat, running an\nunpatched kernel I observed a splat every ~10 iterations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56751",
"url": "https://www.suse.com/security/cve/CVE-2024-56751"
},
{
"category": "external",
"summary": "SUSE Bug 1234936 for CVE-2024-56751",
"url": "https://bugzilla.suse.com/1234936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: check folio mapping after unlock in relocate_one_folio()\n\nWhen we call btrfs_read_folio() to bring a folio uptodate, we unlock the\nfolio. The result of that is that a different thread can modify the\nmapping (like remove it with invalidate) before we call folio_lock().\nThis results in an invalid page and we need to try again.\n\nIn particular, if we are relocating concurrently with aborting a\ntransaction, this can result in a crash like the following:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP\n CPU: 76 PID: 1411631 Comm: kworker/u322:5\n Workqueue: events_unbound btrfs_reclaim_bgs_work\n RIP: 0010:set_page_extent_mapped+0x20/0xb0\n RSP: 0018:ffffc900516a7be8 EFLAGS: 00010246\n RAX: ffffea009e851d08 RBX: ffffea009e0b1880 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffffc900516a7b90 RDI: ffffea009e0b1880\n RBP: 0000000003573000 R08: 0000000000000001 R09: ffff88c07fd2f3f0\n R10: 0000000000000000 R11: 0000194754b575be R12: 0000000003572000\n R13: 0000000003572fff R14: 0000000000100cca R15: 0000000005582fff\n FS: 0000000000000000(0000) GS:ffff88c07fd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 000000407d00f002 CR4: 00000000007706f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x2a8/0x3a0\n ? __switch_to+0x133/0x530\n ? wq_worker_running+0xa/0x40\n ? exc_page_fault+0x63/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? set_page_extent_mapped+0x20/0xb0\n relocate_file_extent_cluster+0x1a7/0x940\n relocate_data_extent+0xaf/0x120\n relocate_block_group+0x20f/0x480\n btrfs_relocate_block_group+0x152/0x320\n btrfs_relocate_chunk+0x3d/0x120\n btrfs_reclaim_bgs_work+0x2ae/0x4e0\n process_scheduled_works+0x184/0x370\n worker_thread+0xc6/0x3e0\n ? blk_add_timer+0xb0/0xb0\n kthread+0xae/0xe0\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork+0x2f/0x40\n ? flush_tlb_kernel_range+0x90/0x90\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n\nThis occurs because cleanup_one_transaction() calls\ndestroy_delalloc_inodes() which calls invalidate_inode_pages2() which\ntakes the folio_lock before setting mapping to NULL. We fail to check\nthis, and subsequently call set_extent_mapping(), which assumes that\nmapping != NULL (in fact it asserts that in debug mode)\n\nNote that the \"fixes\" patch here is not the one that introduced the\nrace (the very first iteration of this code from 2009) but a more recent\nchange that made this particular crash happen in practice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56758",
"url": "https://www.suse.com/security/cve/CVE-2024-56758"
},
{
"category": "external",
"summary": "SUSE Bug 1235621 for CVE-2024-56758",
"url": "https://bugzilla.suse.com/1235621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: netem: account for backlog updates from child qdisc\n\nIn general, \u0027qlen\u0027 of any classful qdisc should keep track of the\nnumber of packets that the qdisc itself and all of its children holds.\nIn case of netem, \u0027qlen\u0027 only accounts for the packets in its internal\ntfifo. When netem is used with a child qdisc, the child qdisc can use\n\u0027qdisc_tree_reduce_backlog\u0027 to inform its parent, netem, about created\nor dropped SKBs. This function updates \u0027qlen\u0027 and the backlog statistics\nof netem, but netem does not account for changes made by a child qdisc.\n\u0027qlen\u0027 then indicates the wrong number of packets in the tfifo.\nIf a child qdisc creates new SKBs during enqueue and informs its parent\nabout this, netem\u0027s \u0027qlen\u0027 value is increased. When netem dequeues the\nnewly created SKBs from the child, the \u0027qlen\u0027 in netem is not updated.\nIf \u0027qlen\u0027 reaches the configured sch-\u003elimit, the enqueue function stops\nworking, even though the tfifo is not full.\n\nReproduce the bug:\nEnsure that the sender machine has GSO enabled. Configure netem as root\nqdisc and tbf as its child on the outgoing interface of the machine\nas follows:\n$ tc qdisc add dev \u003coif\u003e root handle 1: netem delay 100ms limit 100\n$ tc qdisc add dev \u003coif\u003e parent 1:0 tbf rate 50Mbit burst 1542 latency 50ms\n\nSend bulk TCP traffic out via this interface, e.g., by running an iPerf3\nclient on the machine. Check the qdisc statistics:\n$ tc -s qdisc show dev \u003coif\u003e\n\nStatistics after 10s of iPerf3 TCP test before the fix (note that\nnetem\u0027s backlog \u003e limit, netem stopped accepting packets):\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 2767766 bytes 1848 pkt (dropped 652, overlimits 0 requeues 0)\n backlog 4294528236b 1155p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 2767766 bytes 1848 pkt (dropped 327, overlimits 7601 requeues 0)\n backlog 0b 0p requeues 0\n\nStatistics after the fix:\nqdisc netem 1: root refcnt 2 limit 1000 delay 100ms\n Sent 37766372 bytes 24974 pkt (dropped 9, overlimits 0 requeues 0)\n backlog 0b 0p requeues 0\nqdisc tbf 10: parent 1:1 rate 50Mbit burst 1537b lat 50ms\n Sent 37766372 bytes 24974 pkt (dropped 327, overlimits 96017 requeues 0)\n backlog 0b 0p requeues 0\n\ntbf segments the GSO SKBs (tbf_segment) and updates the netem\u0027s \u0027qlen\u0027.\nThe interface fully stops transferring packets and \"locks\". In this case,\nthe child qdisc and tfifo are empty, but \u0027qlen\u0027 indicates the tfifo is at\nits limit and no more packets are accepted.\n\nThis patch adds a counter for the entries in the tfifo. Netem\u0027s \u0027qlen\u0027 is\nonly decreased when a packet is returned by its dequeue function, and not\nduring enqueuing into the child qdisc. External updates to \u0027qlen\u0027 are thus\naccounted for and only the behavior of the backlog statistics changes. As\nin other qdiscs, \u0027qlen\u0027 then keeps track of how many packets are held in\nnetem and all of its children. As before, sch-\u003elimit remains as the\nmaximum number of packets in the tfifo. The same applies to netem\u0027s\nbacklog statistics.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56770",
"url": "https://www.suse.com/security/cve/CVE-2024-56770"
},
{
"category": "external",
"summary": "SUSE Bug 1235637 for CVE-2024-56770",
"url": "https://bugzilla.suse.com/1235637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix for a potential deadlock\n\nThis fixes a \u0027possible circular locking dependency detected\u0027 warning\n CPU0 CPU1\n ---- ----\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n lock(\u0026instance-\u003ereset_mutex);\n lock(\u0026shost-\u003escan_mutex);\n\nFix this by temporarily releasing the reset_mutex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57807",
"url": "https://www.suse.com/security/cve/CVE-2024-57807"
},
{
"category": "external",
"summary": "SUSE Bug 1235761 for CVE-2024-57807",
"url": "https://bugzilla.suse.com/1235761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread\n\nsyzbot report a null-ptr-deref in vidtv_mux_stop_thread. [1]\n\nIf dvb-\u003emux is not initialized successfully by vidtv_mux_init() in the\nvidtv_start_streaming(), it will trigger null pointer dereference about mux\nin vidtv_mux_stop_thread().\n\nAdjust the timing of streaming initialization and check it before\nstopping it.\n\n[1]\nKASAN: null-ptr-deref in range [0x0000000000000128-0x000000000000012f]\nCPU: 0 UID: 0 PID: 5842 Comm: syz-executor248 Not tainted 6.13.0-rc4-syzkaller-00012-g9b2ffa6148b1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nRIP: 0010:vidtv_mux_stop_thread+0x26/0x80 drivers/media/test-drivers/vidtv/vidtv_mux.c:471\nCode: 90 90 90 90 66 0f 1f 00 55 53 48 89 fb e8 82 2e c8 f9 48 8d bb 28 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 02 7e 3b 0f b6 ab 28 01 00 00 31 ff 89 ee e8\nRSP: 0018:ffffc90003f2faa8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff87cfb125\nRDX: 0000000000000025 RSI: ffffffff87d120ce RDI: 0000000000000128\nRBP: ffff888029b8d220 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000003 R12: ffff888029b8d188\nR13: ffffffff8f590aa0 R14: ffffc9000581c5c8 R15: ffff888029a17710\nFS: 00007f7eef5156c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7eef5e635c CR3: 0000000076ca6000 CR4: 00000000003526f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vidtv_stop_streaming drivers/media/test-drivers/vidtv/vidtv_bridge.c:209 [inline]\n vidtv_stop_feed+0x151/0x250 drivers/media/test-drivers/vidtv/vidtv_bridge.c:252\n dmx_section_feed_stop_filtering+0x90/0x160 drivers/media/dvb-core/dvb_demux.c:1000\n dvb_dmxdev_feed_stop.isra.0+0x1ee/0x270 drivers/media/dvb-core/dmxdev.c:486\n dvb_dmxdev_filter_stop+0x22a/0x3a0 drivers/media/dvb-core/dmxdev.c:559\n dvb_dmxdev_filter_free drivers/media/dvb-core/dmxdev.c:840 [inline]\n dvb_demux_release+0x92/0x550 drivers/media/dvb-core/dmxdev.c:1246\n __fput+0x3f8/0xb60 fs/file_table.c:450\n task_work_run+0x14e/0x250 kernel/task_work.c:239\n get_signal+0x1d3/0x2610 kernel/signal.c:2790\n arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337\n exit_to_user_mode_loop kernel/entry/common.c:111 [inline]\n exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]\n __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]\n syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218\n do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57834",
"url": "https://www.suse.com/security/cve/CVE-2024-57834"
},
{
"category": "external",
"summary": "SUSE Bug 1238993 for CVE-2024-57834",
"url": "https://bugzilla.suse.com/1238993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nila: serialize calls to nf_register_net_hooks()\n\nsyzbot found a race in ila_add_mapping() [1]\n\ncommit 031ae72825ce (\"ila: call nf_unregister_net_hooks() sooner\")\nattempted to fix a similar issue.\n\nLooking at the syzbot repro, we have concurrent ILA_CMD_ADD commands.\n\nAdd a mutex to make sure at most one thread is calling nf_register_net_hooks().\n\n[1]\n BUG: KASAN: slab-use-after-free in rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n BUG: KASAN: slab-use-after-free in __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\nRead of size 4 at addr ffff888028f40008 by task dhcpcd/5501\n\nCPU: 1 UID: 0 PID: 5501 Comm: dhcpcd Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:489\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n rht_key_hashfn include/linux/rhashtable.h:159 [inline]\n __rhashtable_lookup.constprop.0+0x426/0x550 include/linux/rhashtable.h:604\n rhashtable_lookup include/linux/rhashtable.h:646 [inline]\n rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]\n ila_lookup_wildcards net/ipv6/ila/ila_xlat.c:127 [inline]\n ila_xlat_addr net/ipv6/ila/ila_xlat.c:652 [inline]\n ila_nf_input+0x1ee/0x620 net/ipv6/ila/ila_xlat.c:185\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:626\n nf_hook.constprop.0+0x42e/0x750 include/linux/netfilter.h:269\n NF_HOOK include/linux/netfilter.h:312 [inline]\n ipv6_rcv+0xa4/0x680 net/ipv6/ip6_input.c:309\n __netif_receive_skb_one_core+0x12e/0x1e0 net/core/dev.c:5672\n __netif_receive_skb+0x1d/0x160 net/core/dev.c:5785\n process_backlog+0x443/0x15f0 net/core/dev.c:6117\n __napi_poll.constprop.0+0xb7/0x550 net/core/dev.c:6883\n napi_poll net/core/dev.c:6952 [inline]\n net_rx_action+0xa94/0x1010 net/core/dev.c:7074\n handle_softirqs+0x213/0x8f0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0x109/0x170 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa4/0xc0 arch/x86/kernel/apic/apic.c:1049",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57900",
"url": "https://www.suse.com/security/cve/CVE-2024-57900"
},
{
"category": "external",
"summary": "SUSE Bug 1235973 for CVE-2024-57900",
"url": "https://bugzilla.suse.com/1235973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: relax assertions on failure to encode file handles\n\nEncoding file handles is usually performed by a filesystem \u003eencode_fh()\nmethod that may fail for various reasons.\n\nThe legacy users of exportfs_encode_fh(), namely, nfsd and\nname_to_handle_at(2) syscall are ready to cope with the possibility\nof failure to encode a file handle.\n\nThere are a few other users of exportfs_encode_{fh,fid}() that\ncurrently have a WARN_ON() assertion when -\u003eencode_fh() fails.\nRelax those assertions because they are wrong.\n\nThe second linked bug report states commit 16aac5ad1fa9 (\"ovl: support\nencoding non-decodable file handles\") in v6.6 as the regressing commit,\nbut this is not accurate.\n\nThe aforementioned commit only increases the chances of the assertion\nand allows triggering the assertion with the reproducer using overlayfs,\ninotify and drop_caches.\n\nTriggering this assertion was always possible with other filesystems and\nother reasons of -\u003eencode_fh() failures and more particularly, it was\nalso possible with the exact same reproducer using overlayfs that is\nmounted with options index=on,nfs_export=on also on kernels \u003c v6.6.\nTherefore, I am not listing the aforementioned commit as a Fixes commit.\n\nBackport hint: this patch will have a trivial conflict applying to\nv6.6.y, and other trivial conflicts applying to stable kernels \u003c v6.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57924",
"url": "https://www.suse.com/security/cve/CVE-2024-57924"
},
{
"category": "external",
"summary": "SUSE Bug 1236086 for CVE-2024-57924",
"url": "https://bugzilla.suse.com/1236086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57924"
},
{
"cve": "CVE-2024-57947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_set_pipapo: fix initial map fill\n\nThe initial buffer has to be inited to all-ones, but it must restrict\nit to the size of the first field, not the total field size.\n\nAfter each round in the map search step, the result and the fill map\nare swapped, so if we have a set where f-\u003ebsize of the first element\nis smaller than m-\u003ebsize_max, those one-bits are leaked into future\nrounds result map.\n\nThis makes pipapo find an incorrect matching results for sets where\nfirst field size is not the largest.\n\nFollowup patch adds a test case to nft_concat_range.sh selftest script.\n\nThanks to Stefano Brivio for pointing out that we need to zero out\nthe remainder explicitly, only correcting memset() argument isn\u0027t enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57947",
"url": "https://www.suse.com/security/cve/CVE-2024-57947"
},
{
"category": "external",
"summary": "SUSE Bug 1236333 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1236333"
},
{
"category": "external",
"summary": "SUSE Bug 1245799 for CVE-2024-57947",
"url": "https://bugzilla.suse.com/1245799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrdma/cxgb4: Prevent potential integer overflow on 32bit\n\nThe \"gl-\u003etot_len\" variable is controlled by the user. It comes from\nprocess_responses(). On 32bit systems, the \"gl-\u003etot_len + sizeof(struct\ncpl_pass_accept_req) + sizeof(struct rss_header)\" addition could have an\ninteger wrapping bug. Use size_add() to prevent this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57973",
"url": "https://www.suse.com/security/cve/CVE-2024-57973"
},
{
"category": "external",
"summary": "SUSE Bug 1238531 for CVE-2024-57973",
"url": "https://bugzilla.suse.com/1238531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Deal with race between UDP socket address change and rehash\n\nIf a UDP socket changes its local address while it\u0027s receiving\ndatagrams, as a result of connect(), there is a period during which\na lookup operation might fail to find it, after the address is changed\nbut before the secondary hash (port and address) and the four-tuple\nhash (local and remote ports and addresses) are updated.\n\nSecondary hash chains were introduced by commit 30fff9231fad (\"udp:\nbind() optimisation\") and, as a result, a rehash operation became\nneeded to make a bound socket reachable again after a connect().\n\nThis operation was introduced by commit 719f835853a9 (\"udp: add\nrehash on connect()\") which isn\u0027t however a complete fix: the\nsocket will be found once the rehashing completes, but not while\nit\u0027s pending.\n\nThis is noticeable with a socat(1) server in UDP4-LISTEN mode, and a\nclient sending datagrams to it. After the server receives the first\ndatagram (cf. _xioopen_ipdgram_listen()), it issues a connect() to\nthe address of the sender, in order to set up a directed flow.\n\nNow, if the client, running on a different CPU thread, happens to\nsend a (subsequent) datagram while the server\u0027s socket changes its\naddress, but is not rehashed yet, this will result in a failed\nlookup and a port unreachable error delivered to the client, as\napparent from the following reproducer:\n\n LEN=$(($(cat /proc/sys/net/core/wmem_default) / 4))\n dd if=/dev/urandom bs=1 count=${LEN} of=tmp.in\n\n while :; do\n \ttaskset -c 1 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.1 || sleep 1\n \ttaskset -c 2 socat OPEN:tmp.in UDP4:localhost:1337,shut-null\n \twait\n done\n\nwhere the client will eventually get ECONNREFUSED on a write()\n(typically the second or third one of a given iteration):\n\n 2024/11/13 21:28:23 socat[46901] E write(6, 0x556db2e3c000, 8192): Connection refused\n\nThis issue was first observed as a seldom failure in Podman\u0027s tests\nchecking UDP functionality while using pasta(1) to connect the\ncontainer\u0027s network namespace, which leads us to a reproducer with\nthe lookup error resulting in an ICMP packet on a tap device:\n\n LOCAL_ADDR=\"$(ip -j -4 addr show|jq -rM \u0027.[] | .addr_info[0] | select(.scope == \"global\").local\u0027)\"\n\n while :; do\n \t./pasta --config-net -p pasta.pcap -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,trunc \u0026\n \tsleep 0.2 || sleep 1\n \tsocat OPEN:tmp.in UDP4:${LOCAL_ADDR}:1337,shut-null\n \twait\n \tcmp tmp.in tmp.out\n done\n\nOnce this fails:\n\n tmp.in tmp.out differ: char 8193, line 29\n\nwe can finally have a look at what\u0027s going on:\n\n $ tshark -r pasta.pcap\n 1 0.000000 :: ? ff02::16 ICMPv6 110 Multicast Listener Report Message v2\n 2 0.168690 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 3 0.168767 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 4 0.168806 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 5 0.168827 c6:47:05:8d:dc:04 ? Broadcast ARP 42 Who has 88.198.0.161? Tell 88.198.0.164\n 6 0.168851 9a:55:9a:55:9a:55 ? c6:47:05:8d:dc:04 ARP 42 88.198.0.161 is at 9a:55:9a:55:9a:55\n 7 0.168875 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 8 0.168896 88.198.0.164 ? 88.198.0.161 ICMP 590 Destination unreachable (Port unreachable)\n 9 0.168926 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 10 0.168959 88.198.0.161 ? 88.198.0.164 UDP 8234 60260 ? 1337 Len=8192\n 11 0.168989 88.198.0.161 ? 88.198.0.164 UDP 4138 60260 ? 1337 Len=4096\n 12 0.169010 88.198.0.161 ? 88.198.0.164 UDP 42 60260 ? 1337 Len=0\n\nOn the third datagram received, the network namespace of the container\ninitiates an ARP lookup to deliver the ICMP message.\n\nIn another variant of this reproducer, starting the client with:\n\n strace -f pasta --config-net -u 1337 socat UDP4-LISTEN:1337,null-eof OPEN:tmp.out,create,tru\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57974",
"url": "https://www.suse.com/security/cve/CVE-2024-57974"
},
{
"category": "external",
"summary": "SUSE Bug 1238532 for CVE-2024-57974",
"url": "https://bugzilla.suse.com/1238532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx-jpeg: Fix potential error pointer dereference in detach_pm()\n\nThe proble is on the first line:\n\n\tif (jpeg-\u003epd_dev[i] \u0026\u0026 !pm_runtime_suspended(jpeg-\u003epd_dev[i]))\n\nIf jpeg-\u003epd_dev[i] is an error pointer, then passing it to\npm_runtime_suspended() will lead to an Oops. The other conditions\ncheck for both error pointers and NULL, but it would be more clear to\nuse the IS_ERR_OR_NULL() check for that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57978",
"url": "https://www.suse.com/security/cve/CVE-2024-57978"
},
{
"category": "external",
"summary": "SUSE Bug 1238523 for CVE-2024-57978",
"url": "https://bugzilla.suse.com/1238523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npps: Fix a use-after-free\n\nOn a board running ntpd and gpsd, I\u0027m seeing a consistent use-after-free\nin sys_exit() from gpsd when rebooting:\n\n pps pps1: removed\n ------------[ cut here ]------------\n kobject: \u0027(null)\u0027 (00000000db4bec24): is not initialized, yet kobject_put() is being called.\n WARNING: CPU: 2 PID: 440 at lib/kobject.c:734 kobject_put+0x120/0x150\n CPU: 2 UID: 299 PID: 440 Comm: gpsd Not tainted 6.11.0-rc6-00308-gb31c44928842 #1\n Hardware name: Raspberry Pi 4 Model B Rev 1.1 (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : kobject_put+0x120/0x150\n lr : kobject_put+0x120/0x150\n sp : ffffffc0803d3ae0\n x29: ffffffc0803d3ae0 x28: ffffff8042dc9738 x27: 0000000000000001\n x26: 0000000000000000 x25: ffffff8042dc9040 x24: ffffff8042dc9440\n x23: ffffff80402a4620 x22: ffffff8042ef4bd0 x21: ffffff80405cb600\n x20: 000000000008001b x19: ffffff8040b3b6e0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 696e6920746f6e20\n x14: 7369203a29343263 x13: 205d303434542020 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n kobject_put+0x120/0x150\n cdev_put+0x20/0x3c\n __fput+0x2c4/0x2d8\n ____fput+0x1c/0x38\n task_work_run+0x70/0xfc\n do_exit+0x2a0/0x924\n do_group_exit+0x34/0x90\n get_signal+0x7fc/0x8c0\n do_signal+0x128/0x13b4\n do_notify_resume+0xdc/0x160\n el0_svc+0xd4/0xf8\n el0t_64_sync_handler+0x140/0x14c\n el0t_64_sync+0x190/0x194\n ---[ end trace 0000000000000000 ]---\n\n...followed by more symptoms of corruption, with similar stacks:\n\n refcount_t: underflow; use-after-free.\n kernel BUG at lib/list_debug.c:62!\n Kernel panic - not syncing: Oops - BUG: Fatal exception\n\nThis happens because pps_device_destruct() frees the pps_device with the\nembedded cdev immediately after calling cdev_del(), but, as the comment\nabove cdev_del() notes, fops for previously opened cdevs are still\ncallable even after cdev_del() returns. I think this bug has always\nbeen there: I can\u0027t explain why it suddenly started happening every time\nI reboot this particular board.\n\nIn commit d953e0e837e6 (\"pps: Fix a use-after free bug when\nunregistering a source.\"), George Spelvin suggested removing the\nembedded cdev. That seems like the simplest way to fix this, so I\u0027ve\nimplemented his suggestion, using __register_chrdev() with pps_idr\nbecoming the source of truth for which minor corresponds to which\ndevice.\n\nBut now that pps_idr defines userspace visibility instead of cdev_add(),\nwe need to be sure the pps-\u003edev refcount can\u0027t reach zero while\nuserspace can still find it again. So, the idr_remove() call moves to\npps_unregister_cdev(), and pps_idr now holds a reference to pps-\u003edev.\n\n pps_core: source serial1 got cdev (251:1)\n \u003c...\u003e\n pps pps1: removed\n pps_core: unregistering pps1\n pps_core: deallocating pps1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57979",
"url": "https://www.suse.com/security/cve/CVE-2024-57979"
},
{
"category": "external",
"summary": "SUSE Bug 1238521 for CVE-2024-57979",
"url": "https://bugzilla.suse.com/1238521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix double free in error path\n\nIf the uvc_status_init() function fails to allocate the int_urb, it will\nfree the dev-\u003estatus pointer but doesn\u0027t reset the pointer to NULL. This\nresults in the kfree() call in uvc_status_cleanup() trying to\ndouble-free the memory. Fix it by resetting the dev-\u003estatus pointer to\nNULL after freeing it.\n\nReviewed by: Ricardo Ribalda \u003cribalda@chromium.org\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57980",
"url": "https://www.suse.com/security/cve/CVE-2024-57980"
},
{
"category": "external",
"summary": "SUSE Bug 1237911 for CVE-2024-57980",
"url": "https://bugzilla.suse.com/1237911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Fix NULL pointer dereference on certain command aborts\n\nIf a command is queued to the final usable TRB of a ring segment, the\nenqueue pointer is advanced to the subsequent link TRB and no further.\nIf the command is later aborted, when the abort completion is handled\nthe dequeue pointer is advanced to the first TRB of the next segment.\n\nIf no further commands are queued, xhci_handle_stopped_cmd_ring() sees\nthe ring pointers unequal and assumes that there is a pending command,\nso it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.\n\nDon\u0027t attempt timer setup if cur_cmd is NULL. The subsequent doorbell\nring likely is unnecessary too, but it\u0027s harmless. Leave it alone.\n\nThis is probably Bug 219532, but no confirmation has been received.\n\nThe issue has been independently reproduced and confirmed fixed using\na USB MCU programmed to NAK the Status stage of SET_ADDRESS forever.\nEverything continued working normally after several prevented crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57981",
"url": "https://www.suse.com/security/cve/CVE-2024-57981"
},
{
"category": "external",
"summary": "SUSE Bug 1237912 for CVE-2024-57981",
"url": "https://bugzilla.suse.com/1237912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Fix assumption that Resolution Multipliers must be in Logical Collections\n\nA report in 2019 by the syzbot fuzzer was found to be connected to two\nerrors in the HID core associated with Resolution Multipliers. One of\nthe errors was fixed by commit ea427a222d8b (\"HID: core: Fix deadloop\nin hid_apply_multiplier.\"), but the other has not been fixed.\n\nThis error arises because hid_apply_multipler() assumes that every\nResolution Multiplier control is contained in a Logical Collection,\ni.e., there\u0027s no way the routine can ever set multiplier_collection to\nNULL. This is in spite of the fact that the function starts with a\nbig comment saying:\n\n\t * \"The Resolution Multiplier control must be contained in the same\n\t * Logical Collection as the control(s) to which it is to be applied.\n\t ...\n\t * If no Logical Collection is\n\t * defined, the Resolution Multiplier is associated with all\n\t * controls in the report.\"\n\t * HID Usage Table, v1.12, Section 4.3.1, p30\n\t *\n\t * Thus, search from the current collection upwards until we find a\n\t * logical collection...\n\nThe comment and the code overlook the possibility that none of the\ncollections found may be a Logical Collection.\n\nThe fix is to set the multiplier_collection pointer to NULL if the\ncollection found isn\u0027t a Logical Collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57986",
"url": "https://www.suse.com/security/cve/CVE-2024-57986"
},
{
"category": "external",
"summary": "SUSE Bug 1237907 for CVE-2024-57986",
"url": "https://bugzilla.suse.com/1237907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mt76: mt7925: fix off by one in mt7925_load_clc()\n\nThis comparison should be \u003e= instead of \u003e to prevent an out of bounds\nread and write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57990",
"url": "https://www.suse.com/security/cve/CVE-2024-57990"
},
{
"category": "external",
"summary": "SUSE Bug 1237900 for CVE-2024-57990",
"url": "https://bugzilla.suse.com/1237900"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check\n\nsyzbot has found a type mismatch between a USB pipe and the transfer\nendpoint, which is triggered by the hid-thrustmaster driver[1].\nThere is a number of similar, already fixed issues [2].\nIn this case as in others, implementing check for endpoint type fixes the issue.\n\n[1] https://syzkaller.appspot.com/bug?extid=040e8b3db6a96908d470\n[2] https://syzkaller.appspot.com/bug?extid=348331f63b034f89b622",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57993",
"url": "https://www.suse.com/security/cve/CVE-2024-57993"
},
{
"category": "external",
"summary": "SUSE Bug 1237894 for CVE-2024-57993",
"url": "https://bugzilla.suse.com/1237894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptr_ring: do not block hard interrupts in ptr_ring_resize_multiple()\n\nJakub added a lockdep_assert_no_hardirq() check in __page_pool_put_page()\nto increase test coverage.\n\nsyzbot found a splat caused by hard irq blocking in\nptr_ring_resize_multiple() [1]\n\nAs current users of ptr_ring_resize_multiple() do not require\nhard irqs being masked, replace it to only block BH.\n\nRename helpers to better reflect they are safe against BH only.\n\n- ptr_ring_resize_multiple() to ptr_ring_resize_multiple_bh()\n- skb_array_resize_multiple() to skb_array_resize_multiple_bh()\n\n[1]\n\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 __page_pool_put_page net/core/page_pool.c:709 [inline]\nWARNING: CPU: 1 PID: 9150 at net/core/page_pool.c:709 page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nModules linked in:\nCPU: 1 UID: 0 PID: 9150 Comm: syz.1.1052 Not tainted 6.11.0-rc3-syzkaller-00202-gf8669d7b5f5d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:__page_pool_put_page net/core/page_pool.c:709 [inline]\nRIP: 0010:page_pool_put_unrefed_netmem+0x157/0xa40 net/core/page_pool.c:780\nCode: 74 0e e8 7c aa fb f7 eb 43 e8 75 aa fb f7 eb 3c 65 8b 1d 38 a8 6a 76 31 ff 89 de e8 a3 ae fb f7 85 db 74 0b e8 5a aa fb f7 90 \u003c0f\u003e 0b 90 eb 1d 65 8b 1d 15 a8 6a 76 31 ff 89 de e8 84 ae fb f7 85\nRSP: 0018:ffffc9000bda6b58 EFLAGS: 00010083\nRAX: ffffffff8997e523 RBX: 0000000000000000 RCX: 0000000000040000\nRDX: ffffc9000fbd0000 RSI: 0000000000001842 RDI: 0000000000001843\nRBP: 0000000000000000 R08: ffffffff8997df2c R09: 1ffffd40003a000d\nR10: dffffc0000000000 R11: fffff940003a000e R12: ffffea0001d00040\nR13: ffff88802e8a4000 R14: dffffc0000000000 R15: 00000000ffffffff\nFS: 00007fb7aaf716c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fa15a0d4b72 CR3: 00000000561b0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tun_ptr_free drivers/net/tun.c:617 [inline]\n __ptr_ring_swap_queue include/linux/ptr_ring.h:571 [inline]\n ptr_ring_resize_multiple_noprof include/linux/ptr_ring.h:643 [inline]\n tun_queue_resize drivers/net/tun.c:3694 [inline]\n tun_device_event+0xaaf/0x1080 drivers/net/tun.c:3714\n notifier_call_chain+0x19f/0x3e0 kernel/notifier.c:93\n call_netdevice_notifiers_extack net/core/dev.c:2032 [inline]\n call_netdevice_notifiers net/core/dev.c:2046 [inline]\n dev_change_tx_queue_len+0x158/0x2a0 net/core/dev.c:9024\n do_setlink+0xff6/0x41f0 net/core/rtnetlink.c:2923\n rtnl_setlink+0x40d/0x5a0 net/core/rtnetlink.c:3201\n rtnetlink_rcv_msg+0x73f/0xcf0 net/core/rtnetlink.c:6647\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2550",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57994",
"url": "https://www.suse.com/security/cve/CVE-2024-57994"
},
{
"category": "external",
"summary": "SUSE Bug 1237901 for CVE-2024-57994",
"url": "https://bugzilla.suse.com/1237901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57994"
},
{
"cve": "CVE-2024-57996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: sch_sfq: don\u0027t allow 1 packet limit\n\nThe current implementation does not work correctly with a limit of\n1. iproute2 actually checks for this and this patch adds the check in\nkernel as well.\n\nThis fixes the following syzkaller reported crash:\n\nUBSAN: array-index-out-of-bounds in net/sched/sch_sfq.c:210:6\nindex 65535 is out of range for type \u0027struct sfq_head[128]\u0027\nCPU: 0 PID: 2569 Comm: syz-executor101 Not tainted 5.10.0-smp-DEV #1\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n __dump_stack lib/dump_stack.c:79 [inline]\n dump_stack+0x125/0x19f lib/dump_stack.c:120\n ubsan_epilogue lib/ubsan.c:148 [inline]\n __ubsan_handle_out_of_bounds+0xed/0x120 lib/ubsan.c:347\n sfq_link net/sched/sch_sfq.c:210 [inline]\n sfq_dec+0x528/0x600 net/sched/sch_sfq.c:238\n sfq_dequeue+0x39b/0x9d0 net/sched/sch_sfq.c:500\n sfq_reset+0x13/0x50 net/sched/sch_sfq.c:525\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n tbf_reset+0x3d/0x100 net/sched/sch_tbf.c:319\n qdisc_reset+0xfe/0x510 net/sched/sch_generic.c:1026\n dev_reset_queue+0x8c/0x140 net/sched/sch_generic.c:1296\n netdev_for_each_tx_queue include/linux/netdevice.h:2350 [inline]\n dev_deactivate_many+0x6dc/0xc20 net/sched/sch_generic.c:1362\n __dev_close_many+0x214/0x350 net/core/dev.c:1468\n dev_close_many+0x207/0x510 net/core/dev.c:1506\n unregister_netdevice_many+0x40f/0x16b0 net/core/dev.c:10738\n unregister_netdevice_queue+0x2be/0x310 net/core/dev.c:10695\n unregister_netdevice include/linux/netdevice.h:2893 [inline]\n __tun_detach+0x6b6/0x1600 drivers/net/tun.c:689\n tun_detach drivers/net/tun.c:705 [inline]\n tun_chr_close+0x104/0x1b0 drivers/net/tun.c:3640\n __fput+0x203/0x840 fs/file_table.c:280\n task_work_run+0x129/0x1b0 kernel/task_work.c:185\n exit_task_work include/linux/task_work.h:33 [inline]\n do_exit+0x5ce/0x2200 kernel/exit.c:931\n do_group_exit+0x144/0x310 kernel/exit.c:1046\n __do_sys_exit_group kernel/exit.c:1057 [inline]\n __se_sys_exit_group kernel/exit.c:1055 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:1055\n do_syscall_64+0x6c/0xd0\n entry_SYSCALL_64_after_hwframe+0x61/0xcb\nRIP: 0033:0x7fe5e7b52479\nCode: Unable to access opcode bytes at RIP 0x7fe5e7b5244f.\nRSP: 002b:00007ffd3c800398 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe5e7b52479\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007fe5e7bcd2d0 R08: ffffffffffffffb8 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fe5e7bcd2d0\nR13: 0000000000000000 R14: 00007fe5e7bcdd20 R15: 00007fe5e7b24270\n\nThe crash can be also be reproduced with the following (with a tc\nrecompiled to allow for sfq limits of 1):\n\ntc qdisc add dev dummy0 handle 1: root tbf rate 1Kbit burst 100b lat 1s\n../iproute2-6.9.0/tc/tc qdisc add dev dummy0 handle 2: parent 1:10 sfq limit 1\nifconfig dummy0 up\nping -I dummy0 -f -c2 -W0.1 8.8.8.8\nsleep 1\n\nScenario that triggers the crash:\n\n* the first packet is sent and queued in TBF and SFQ; qdisc qlen is 1\n\n* TBF dequeues: it peeks from SFQ which moves the packet to the\n gso_skb list and keeps qdisc qlen set to 1. TBF is out of tokens so\n it schedules itself for later.\n\n* the second packet is sent and TBF tries to queues it to SFQ. qdisc\n qlen is now 2 and because the SFQ limit is 1 the packet is dropped\n by SFQ. At this point qlen is 1, and all of the SFQ slots are empty,\n however q-\u003etail is not NULL.\n\nAt this point, assuming no more packets are queued, when sch_dequeue\nruns again it will decrement the qlen for the current empty slot\ncausing an underflow and the subsequent out of bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57996",
"url": "https://www.suse.com/security/cve/CVE-2024-57996"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239076"
},
{
"category": "external",
"summary": "SUSE Bug 1239077 for CVE-2024-57996",
"url": "https://bugzilla.suse.com/1239077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wcn36xx: fix channel survey memory allocation size\n\nKASAN reported a memory allocation issue in wcn-\u003echan_survey\ndue to incorrect size calculation.\nThis commit uses kcalloc to allocate memory for wcn-\u003echan_survey,\nensuring proper initialization and preventing the use of uninitialized\nvalues when there are no frames on the channel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57997",
"url": "https://www.suse.com/security/cve/CVE-2024-57997"
},
{
"category": "external",
"summary": "SUSE Bug 1238529 for CVE-2024-57997",
"url": "https://bugzilla.suse.com/1238529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: add index check to assert to avoid buffer overflow in _read_freq()\n\nPass the freq index to the assert function to make sure\nwe do not read a freq out of the opp-\u003erates[] table when called\nfrom the indexed variants:\ndev_pm_opp_find_freq_exact_indexed() or\ndev_pm_opp_find_freq_ceil/floor_indexed().\n\nAdd a secondary parameter to the assert function, unused\nfor assert_single_clk() then add assert_clk_index() which\nwill check for the clock index when called from the _indexed()\nfind functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57998",
"url": "https://www.suse.com/security/cve/CVE-2024-57998"
},
{
"category": "external",
"summary": "SUSE Bug 1238527 for CVE-2024-57998",
"url": "https://bugzilla.suse.com/1238527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57998"
},
{
"cve": "CVE-2024-57999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-57999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW\n\nPower Hypervisor can possibily allocate MMIO window intersecting with\nDynamic DMA Window (DDW) range, which is over 32-bit addressing.\n\nThese MMIO pages needs to be marked as reserved so that IOMMU doesn\u0027t map\nDMA buffers in this range.\n\nThe current code is not marking these pages correctly which is resulting\nin LPAR to OOPS while booting. The stack is at below\n\nBUG: Unable to handle kernel data access on read at 0xc00800005cd40000\nFaulting instruction address: 0xc00000000005cdac\nOops: Kernel access of bad area, sig: 11 [#1]\nLE PAGE_SIZE=64K MMU=Hash SMP NR_CPUS=2048 NUMA pSeries\nModules linked in: af_packet rfkill ibmveth(X) lpfc(+) nvmet_fc nvmet nvme_keyring crct10dif_vpmsum nvme_fc nvme_fabrics nvme_core be2net(+) nvme_auth rtc_generic nfsd auth_rpcgss nfs_acl lockd grace sunrpc fuse configfs ip_tables x_tables xfs libcrc32c dm_service_time ibmvfc(X) scsi_transport_fc vmx_crypto gf128mul crc32c_vpmsum dm_mirror dm_region_hash dm_log dm_multipath dm_mod sd_mod scsi_dh_emc scsi_dh_rdac scsi_dh_alua t10_pi crc64_rocksoft_generic crc64_rocksoft sg crc64 scsi_mod\nSupported: Yes, External\nCPU: 8 PID: 241 Comm: kworker/8:1 Kdump: loaded Not tainted 6.4.0-150600.23.14-default #1 SLE15-SP6 b44ee71c81261b9e4bab5e0cde1f2ed891d5359b\nHardware name: IBM,9080-M9S POWER9 (raw) 0x4e2103 0xf000005 of:IBM,FW950.B0 (VH950_149) hv:phyp pSeries\nWorkqueue: events work_for_cpu_fn\nNIP: c00000000005cdac LR: c00000000005e830 CTR: 0000000000000000\nREGS: c00001400c9ff770 TRAP: 0300 Not tainted (6.4.0-150600.23.14-default)\nMSR: 800000000280b033 \u003cSF,VEC,VSX,EE,FP,ME,IR,DR,RI,LE\u003e CR: 24228448 XER: 00000001\nCFAR: c00000000005cdd4 DAR: c00800005cd40000 DSISR: 40000000 IRQMASK: 0\nGPR00: c00000000005e830 c00001400c9ffa10 c000000001987d00 c00001400c4fe800\nGPR04: 0000080000000000 0000000000000001 0000000004000000 0000000000800000\nGPR08: 0000000004000000 0000000000000001 c00800005cd40000 ffffffffffffffff\nGPR12: 0000000084228882 c00000000a4c4f00 0000000000000010 0000080000000000\nGPR16: c00001400c4fe800 0000000004000000 0800000000000000 c00000006088b800\nGPR20: c00001401a7be980 c00001400eff3800 c000000002a2da68 000000000000002b\nGPR24: c0000000026793a8 c000000002679368 000000000000002a c0000000026793c8\nGPR28: 000008007effffff 0000080000000000 0000000000800000 c00001400c4fe800\nNIP [c00000000005cdac] iommu_table_reserve_pages+0xac/0x100\nLR [c00000000005e830] iommu_init_table+0x80/0x1e0\nCall Trace:\n[c00001400c9ffa10] [c00000000005e810] iommu_init_table+0x60/0x1e0 (unreliable)\n[c00001400c9ffa90] [c00000000010356c] iommu_bypass_supported_pSeriesLP+0x9cc/0xe40\n[c00001400c9ffc30] [c00000000005c300] dma_iommu_dma_supported+0xf0/0x230\n[c00001400c9ffcb0] [c00000000024b0c4] dma_supported+0x44/0x90\n[c00001400c9ffcd0] [c00000000024b14c] dma_set_mask+0x3c/0x80\n[c00001400c9ffd00] [c0080000555b715c] be_probe+0xc4/0xb90 [be2net]\n[c00001400c9ffdc0] [c000000000986f3c] local_pci_probe+0x6c/0x110\n[c00001400c9ffe40] [c000000000188f28] work_for_cpu_fn+0x38/0x60\n[c00001400c9ffe70] [c00000000018e454] process_one_work+0x314/0x620\n[c00001400c9fff10] [c00000000018f280] worker_thread+0x2b0/0x620\n[c00001400c9fff90] [c00000000019bb18] kthread+0x148/0x150\n[c00001400c9fffe0] [c00000000000ded8] start_kernel_thread+0x14/0x18\n\nThere are 2 issues in the code\n\n1. The index is \"int\" while the address is \"unsigned long\". This results in\n negative value when setting the bitmap.\n\n2. The DMA offset is page shifted but the MMIO range is used as-is (64-bit\n address). MMIO address needs to be page shifted as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-57999",
"url": "https://www.suse.com/security/cve/CVE-2024-57999"
},
{
"category": "external",
"summary": "SUSE Bug 1238526 for CVE-2024-57999",
"url": "https://bugzilla.suse.com/1238526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle a symlink read error correctly\n\nPatch series \"Convert ocfs2 to use folios\".\n\nMark did a conversion of ocfs2 to use folios and sent it to me as a\ngiant patch for review ;-)\n\nSo I\u0027ve redone it as individual patches, and credited Mark for the patches\nwhere his code is substantially the same. It\u0027s not a bad way to do it;\nhis patch had some bugs and my patches had some bugs. Hopefully all our\nbugs were different from each other. And hopefully Mark likes all the\nchanges I made to his code!\n\n\nThis patch (of 23):\n\nIf we can\u0027t read the buffer, be sure to unlock the page before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58001",
"url": "https://www.suse.com/security/cve/CVE-2024-58001"
},
{
"category": "external",
"summary": "SUSE Bug 1239079 for CVE-2024-58001",
"url": "https://bugzilla.suse.com/1239079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "low"
}
],
"title": "CVE-2024-58001"
},
{
"cve": "CVE-2024-58002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Remove dangling pointers\n\nWhen an async control is written, we copy a pointer to the file handle\nthat started the operation. That pointer will be used when the device is\ndone. Which could be anytime in the future.\n\nIf the user closes that file descriptor, its structure will be freed,\nand there will be one dangling pointer per pending async control, that\nthe driver will try to use.\n\nClean all the dangling pointers during release().\n\nTo avoid adding a performance penalty in the most common case (no async\noperation), a counter has been introduced with some logic to make sure\nthat it is properly handled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58002",
"url": "https://www.suse.com/security/cve/CVE-2024-58002"
},
{
"category": "external",
"summary": "SUSE Bug 1238503 for CVE-2024-58002",
"url": "https://bugzilla.suse.com/1238503"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Change to kvalloc() in eventlog/acpi.c\n\nThe following failure was reported on HPE ProLiant D320:\n\n[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)\n[ 10.848132][ T1] ------------[ cut here ]------------\n[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330\n[ 10.862827][ T1] Modules linked in:\n[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375\n[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024\n[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330\n[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 \u003c0f\u003e 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1\n[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246\n[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000\n[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0\n\nThe above transcript shows that ACPI pointed a 16 MiB buffer for the log\nevents because RSI maps to the \u0027order\u0027 parameter of __alloc_pages_noprof().\nAddress the bug by moving from devm_kmalloc() to devm_add_action() and\nkvmalloc() and devm_add_action().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58005",
"url": "https://www.suse.com/security/cve/CVE-2024-58005"
},
{
"category": "external",
"summary": "SUSE Bug 1237873 for CVE-2024-58005",
"url": "https://bugzilla.suse.com/1237873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()\n\nIn commit 4284c88fff0e (\"PCI: designware-ep: Allow pci_epc_set_bar() update\ninbound map address\") set_bar() was modified to support dynamically\nchanging the backing physical address of a BAR that was already configured.\n\nThis means that set_bar() can be called twice, without ever calling\nclear_bar() (as calling clear_bar() would clear the BAR\u0027s PCI address\nassigned by the host).\n\nThis can only be done if the new BAR size/flags does not differ from the\nexisting BAR configuration. Add these missing checks.\n\nIf we allow set_bar() to set e.g. a new BAR size that differs from the\nexisting BAR size, the new address translation range will be smaller than\nthe BAR size already determined by the host, which would mean that a read\npast the new BAR size would pass the iATU untranslated, which could allow\nthe host to read memory not belonging to the new struct pci_epf_bar.\n\nWhile at it, add comments which clarifies the support for dynamically\nchanging the physical address of a BAR. (Which was also missing.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58006",
"url": "https://www.suse.com/security/cve/CVE-2024-58006"
},
{
"category": "external",
"summary": "SUSE Bug 1238772 for CVE-2024-58006",
"url": "https://bugzilla.suse.com/1238772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: socinfo: Avoid out of bounds read of serial number\n\nOn MSM8916 devices, the serial number exposed in sysfs is constant and does\nnot change across individual devices. It\u0027s always:\n\n db410c:/sys/devices/soc0$ cat serial_number\n 2644893864\n\nThe firmware used on MSM8916 exposes SOCINFO_VERSION(0, 8), which does not\nhave support for the serial_num field in the socinfo struct. There is an\nexisting check to avoid exposing the serial number in that case, but it\u0027s\nnot correct: When checking the item_size returned by SMEM, we need to make\nsure the *end* of the serial_num is within bounds, instead of comparing\nwith the *start* offset. The serial_number currently exposed on MSM8916\ndevices is just an out of bounds read of whatever comes after the socinfo\nstruct in SMEM.\n\nFix this by changing offsetof() to offsetofend(), so that the size of the\nfield is also taken into account.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58007",
"url": "https://www.suse.com/security/cve/CVE-2024-58007"
},
{
"category": "external",
"summary": "SUSE Bug 1238511 for CVE-2024-58007",
"url": "https://bugzilla.suse.com/1238511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc\n\nA NULL sock pointer is passed into l2cap_sock_alloc() when it is called\nfrom l2cap_sock_new_connection_cb() and the error handling paths should\nalso be aware of it.\n\nSeemingly a more elegant solution would be to swap bt_sock_alloc() and\nl2cap_chan_create() calls since they are not interdependent to that moment\nbut then l2cap_chan_create() adds the soon to be deallocated and still\ndummy-initialized channel to the global list accessible by many L2CAP\npaths. The channel would be removed from the list in short period of time\nbut be a bit more straight-forward here and just check for NULL instead of\nchanging the order of function calls.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58009",
"url": "https://www.suse.com/security/cve/CVE-2024-58009"
},
{
"category": "external",
"summary": "SUSE Bug 1238760 for CVE-2024-58009",
"url": "https://bugzilla.suse.com/1238760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: int3472: Check for adev == NULL\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL. This\ncan e.g. (theoretically) happen when a user manually binds one of\nthe int3472 drivers to another i2c/platform device through sysfs.\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in skl_int3472_get_acpi_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58011",
"url": "https://www.suse.com/security/cve/CVE-2024-58011"
},
{
"category": "external",
"summary": "SUSE Bug 1239080 for CVE-2024-58011",
"url": "https://bugzilla.suse.com/1239080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params\n\nEach cpu DAI should associate with a widget. However, the topology might\nnot create the right number of DAI widgets for aggregated amps. And it\nwill cause NULL pointer deference.\nCheck that the DAI widget associated with the CPU DAI is valid to prevent\nNULL pointer deference due to missing DAI widgets in topologies with\naggregated amps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58012",
"url": "https://www.suse.com/security/cve/CVE-2024-58012"
},
{
"category": "external",
"summary": "SUSE Bug 1239104 for CVE-2024-58012",
"url": "https://bugzilla.suse.com/1239104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix slab-use-after-free Read in mgmt_remove_adv_monitor_sync\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\nRead of size 8 at addr ffff88814128f898 by task kworker/u9:4/5961\n\nCPU: 1 UID: 0 PID: 5961 Comm: kworker/u9:4 Not tainted 6.12.0-syzkaller-10684-gf1cd565ce577 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n mgmt_remove_adv_monitor_sync+0x3a/0xd0 net/bluetooth/mgmt.c:5543\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa63/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 16026:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4314\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n mgmt_pending_new+0x65/0x250 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x36/0x120 net/bluetooth/mgmt_util.c:296\n remove_adv_monitor+0x102/0x1b0 net/bluetooth/mgmt.c:5568\n hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712\n hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n sock_write_iter+0x2d7/0x3f0 net/socket.c:1147\n new_sync_write fs/read_write.c:586 [inline]\n vfs_write+0xaeb/0xd30 fs/read_write.c:679\n ksys_write+0x18f/0x2b0 fs/read_write.c:731\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 16022:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2338 [inline]\n slab_free mm/slub.c:4598 [inline]\n kfree+0x196/0x420 mm/slub.c:4746\n mgmt_pending_foreach+0xd1/0x130 net/bluetooth/mgmt_util.c:259\n __mgmt_power_off+0x183/0x430 net/bluetooth/mgmt.c:9550\n hci_dev_close_sync+0x6c4/0x11c0 net/bluetooth/hci_sync.c:5208\n hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]\n hci_dev_close+0x112/0x210 net/bluetooth/hci_core.c:508\n sock_do_ioctl+0x158/0x460 net/socket.c:1209\n sock_ioctl+0x626/0x8e0 net/socket.c:1328\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58013",
"url": "https://www.suse.com/security/cve/CVE-2024-58013"
},
{
"category": "external",
"summary": "SUSE Bug 1239095 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239095"
},
{
"category": "external",
"summary": "SUSE Bug 1239096 for CVE-2024-58013",
"url": "https://bugzilla.suse.com/1239096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()\n\nIn \u0027wlc_phy_iqcal_gainparams_nphy()\u0027, add gain range check to WARN()\ninstead of possible out-of-bounds \u0027tbl_iqcal_gainparams_nphy\u0027 access.\nCompile tested only.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58014",
"url": "https://www.suse.com/security/cve/CVE-2024-58014"
},
{
"category": "external",
"summary": "SUSE Bug 1239109 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239109"
},
{
"category": "external",
"summary": "SUSE Bug 1239110 for CVE-2024-58014",
"url": "https://bugzilla.suse.com/1239110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58017",
"url": "https://www.suse.com/security/cve/CVE-2024-58017"
},
{
"category": "external",
"summary": "SUSE Bug 1239112 for CVE-2024-58017",
"url": "https://bugzilla.suse.com/1239112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm: correctly calculate the available space of the GSP cmdq buffer\n\nr535_gsp_cmdq_push() waits for the available page in the GSP cmdq\nbuffer when handling a large RPC request. When it sees at least one\navailable page in the cmdq, it quits the waiting with the amount of\nfree buffer pages in the queue.\n\nUnfortunately, it always takes the [write pointer, buf_size) as\navailable buffer pages before rolling back and wrongly calculates the\nsize of the data should be copied. Thus, it can overwrite the RPC\nrequest that GSP is currently reading, which causes GSP hang due\nto corrupted RPC request:\n\n[ 549.209389] ------------[ cut here ]------------\n[ 549.214010] WARNING: CPU: 8 PID: 6314 at drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c:116 r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.225678] Modules linked in: nvkm(E+) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) mlx5_ib(E) amd64_edac(E) edac_mce_amd(E) kvm_amd(E) ib_uverbs(E) kvm(E) ib_core(E) acpi_ipmi(E) ipmi_si(E) mxm_wmi(E) ipmi_devintf(E) rapl(E) i2c_piix4(E) wmi_bmof(E) joydev(E) ptdma(E) acpi_cpufreq(E) k10temp(E) pcspkr(E) ipmi_msghandler(E) xfs(E) libcrc32c(E) ast(E) i2c_algo_bit(E) crct10dif_pclmul(E) drm_shmem_helper(E) nvme_tcp(E) crc32_pclmul(E) ahci(E) drm_kms_helper(E) libahci(E) nvme_fabrics(E) crc32c_intel(E) nvme(E) cdc_ether(E) mlx5_core(E) nvme_core(E) usbnet(E) drm(E) libata(E) ccp(E) ghash_clmulni_intel(E) mii(E) t10_pi(E) mlxfw(E) sp5100_tco(E) psample(E) pci_hyperv_intf(E) wmi(E) dm_multipath(E) sunrpc(E) dm_mirror(E) dm_region_hash(E) dm_log(E) dm_mod(E) be2iscsi(E) bnx2i(E) cnic(E) uio(E) cxgb4i(E) cxgb4(E) tls(E) libcxgbi(E) libcxgb(E) qla4xxx(E)\n[ 549.225752] iscsi_boot_sysfs(E) iscsi_tcp(E) libiscsi_tcp(E) libiscsi(E) scsi_transport_iscsi(E) fuse(E) [last unloaded: gsp_log(E)]\n[ 549.326293] CPU: 8 PID: 6314 Comm: insmod Tainted: G E 6.9.0-rc6+ #1\n[ 549.334039] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 549.341781] RIP: 0010:r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.347343] Code: 08 00 00 89 da c1 e2 0c 48 8d ac 11 00 10 00 00 48 8b 0c 24 48 85 c9 74 1f c1 e0 0c 4c 8d 6d 30 83 e8 30 89 01 e9 68 ff ff ff \u003c0f\u003e 0b 49 c7 c5 92 ff ff ff e9 5a ff ff ff ba ff ff ff ff be c0 0c\n[ 549.366090] RSP: 0018:ffffacbccaaeb7d0 EFLAGS: 00010246\n[ 549.371315] RAX: 0000000000000000 RBX: 0000000000000012 RCX: 0000000000923e28\n[ 549.378451] RDX: 0000000000000000 RSI: 0000000055555554 RDI: ffffacbccaaeb730\n[ 549.385590] RBP: 0000000000000001 R08: ffff8bd14d235f70 R09: ffff8bd14d235f70\n[ 549.392721] R10: 0000000000000002 R11: ffff8bd14d233864 R12: 0000000000000020\n[ 549.399854] R13: ffffacbccaaeb818 R14: 0000000000000020 R15: ffff8bb298c67000\n[ 549.406988] FS: 00007f5179244740(0000) GS:ffff8bd14d200000(0000) knlGS:0000000000000000\n[ 549.415076] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 549.420829] CR2: 00007fa844000010 CR3: 00000001567dc005 CR4: 0000000000770ef0\n[ 549.427963] PKRU: 55555554\n[ 549.430672] Call Trace:\n[ 549.433126] \u003cTASK\u003e\n[ 549.435233] ? __warn+0x7f/0x130\n[ 549.438473] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.443426] ? report_bug+0x18a/0x1a0\n[ 549.447098] ? handle_bug+0x3c/0x70\n[ 549.450589] ? exc_invalid_op+0x14/0x70\n[ 549.454430] ? asm_exc_invalid_op+0x16/0x20\n[ 549.458619] ? r535_gsp_msgq_wait+0xd0/0x190 [nvkm]\n[ 549.463565] r535_gsp_msg_recv+0x46/0x230 [nvkm]\n[ 549.468257] r535_gsp_rpc_push+0x106/0x160 [nvkm]\n[ 549.473033] r535_gsp_rpc_rm_ctrl_push+0x40/0x130 [nvkm]\n[ 549.478422] nvidia_grid_init_vgpu_types+0xbc/0xe0 [nvkm]\n[ 549.483899] nvidia_grid_init+0xb1/0xd0 [nvkm]\n[ 549.488420] ? srso_alias_return_thunk+0x5/0xfbef5\n[ 549.493213] nvkm_device_pci_probe+0x305/0x420 [nvkm]\n[ 549.498338] local_pci_probe+0x46/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58018",
"url": "https://www.suse.com/security/cve/CVE-2024-58018"
},
{
"category": "external",
"summary": "SUSE Bug 1238990 for CVE-2024-58018",
"url": "https://bugzilla.suse.com/1238990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58018"
},
{
"cve": "CVE-2024-58019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvkm/gsp: correctly advance the read pointer of GSP message queue\n\nA GSP event message consists three parts: message header, RPC header,\nmessage body. GSP calculates the number of pages to write from the\ntotal size of a GSP message. This behavior can be observed from the\nmovement of the write pointer.\n\nHowever, nvkm takes only the size of RPC header and message body as\nthe message size when advancing the read pointer. When handling a\ntwo-page GSP message in the non rollback case, It wrongly takes the\nmessage body of the previous message as the message header of the next\nmessage. As the \"message length\" tends to be zero, in the calculation of\nsize needs to be copied (0 - size of (message header)), the size needs to\nbe copied will be \"0xffffffxx\". It also triggers a kernel panic due to a\nNULL pointer error.\n\n[ 547.614102] msg: 00000f90: ff ff ff ff ff ff ff ff 40 d7 18 fb 8b 00 00 00 ........@.......\n[ 547.622533] msg: 00000fa0: 00 00 00 00 ff ff ff ff ff ff ff ff 00 00 00 00 ................\n[ 547.630965] msg: 00000fb0: ff ff ff ff ff ff ff ff 00 00 00 00 ff ff ff ff ................\n[ 547.639397] msg: 00000fc0: ff ff ff ff 00 00 00 00 ff ff ff ff ff ff ff ff ................\n[ 547.647832] nvkm 0000:c1:00.0: gsp: peek msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.655225] nvkm 0000:c1:00.0: gsp: get msg rpc fn:0 len:0x0/0xffffffffffffffe0\n[ 547.662532] BUG: kernel NULL pointer dereference, address: 0000000000000020\n[ 547.669485] #PF: supervisor read access in kernel mode\n[ 547.674624] #PF: error_code(0x0000) - not-present page\n[ 547.679755] PGD 0 P4D 0\n[ 547.682294] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 547.686643] CPU: 22 PID: 322 Comm: kworker/22:1 Tainted: G E 6.9.0-rc6+ #1\n[ 547.694893] Hardware name: ASRockRack 1U1G-MILAN/N/ROMED8-NL, BIOS L3.12E 09/06/2022\n[ 547.702626] Workqueue: events r535_gsp_msgq_work [nvkm]\n[ 547.707921] RIP: 0010:r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.713375] Code: 00 8b 70 08 48 89 e1 31 d2 4c 89 f7 e8 12 f5 ff ff 48 89 c5 48 85 c0 0f 84 cf 00 00 00 48 81 fd 00 f0 ff ff 0f 87 c4 00 00 00 \u003c8b\u003e 55 10 41 8b 46 30 85 d2 0f 85 f6 00 00 00 83 f8 04 76 10 ba 05\n[ 547.732119] RSP: 0018:ffffabe440f87e10 EFLAGS: 00010203\n[ 547.737335] RAX: 0000000000000010 RBX: 0000000000000008 RCX: 000000000000003f\n[ 547.744461] RDX: 0000000000000000 RSI: ffffabe4480a8030 RDI: 0000000000000010\n[ 547.751585] RBP: 0000000000000010 R08: 0000000000000000 R09: ffffabe440f87bb0\n[ 547.758707] R10: ffffabe440f87dc8 R11: 0000000000000010 R12: 0000000000000000\n[ 547.765834] R13: 0000000000000000 R14: ffff9351df1e5000 R15: 0000000000000000\n[ 547.772958] FS: 0000000000000000(0000) GS:ffff93708eb00000(0000) knlGS:0000000000000000\n[ 547.781035] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 547.786771] CR2: 0000000000000020 CR3: 00000003cc220002 CR4: 0000000000770ef0\n[ 547.793896] PKRU: 55555554\n[ 547.796600] Call Trace:\n[ 547.799046] \u003cTASK\u003e\n[ 547.801152] ? __die+0x20/0x70\n[ 547.804211] ? page_fault_oops+0x75/0x170\n[ 547.808221] ? print_hex_dump+0x100/0x160\n[ 547.812226] ? exc_page_fault+0x64/0x150\n[ 547.816152] ? asm_exc_page_fault+0x22/0x30\n[ 547.820341] ? r535_gsp_msg_recv+0x87/0x230 [nvkm]\n[ 547.825184] r535_gsp_msgq_work+0x42/0x50 [nvkm]\n[ 547.829845] process_one_work+0x196/0x3d0\n[ 547.833861] worker_thread+0x2fc/0x410\n[ 547.837613] ? __pfx_worker_thread+0x10/0x10\n[ 547.841885] kthread+0xdf/0x110\n[ 547.845031] ? __pfx_kthread+0x10/0x10\n[ 547.848775] ret_from_fork+0x30/0x50\n[ 547.852354] ? __pfx_kthread+0x10/0x10\n[ 547.856097] ret_from_fork_asm+0x1a/0x30\n[ 547.860019] \u003c/TASK\u003e\n[ 547.862208] Modules linked in: nvkm(E) gsp_log(E) snd_seq_dummy(E) snd_hrtimer(E) snd_seq(E) snd_timer(E) snd_seq_device(E) snd(E) soundcore(E) rfkill(E) qrtr(E) vfat(E) fat(E) ipmi_ssif(E) amd_atl(E) intel_rapl_msr(E) intel_rapl_common(E) amd64_edac(E) mlx5_ib(E) edac_mce_amd(E) kvm_amd\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58019",
"url": "https://www.suse.com/security/cve/CVE-2024-58019"
},
{
"category": "external",
"summary": "SUSE Bug 1238997 for CVE-2024-58019",
"url": "https://bugzilla.suse.com/1238997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: multitouch: Add NULL check in mt_input_configured\n\ndevm_kasprintf() can return a NULL pointer on failure,but this\nreturned value in mt_input_configured() is not checked.\nAdd NULL check in mt_input_configured(), to handle kernel NULL\npointer dereference error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58020",
"url": "https://www.suse.com/security/cve/CVE-2024-58020"
},
{
"category": "external",
"summary": "SUSE Bug 1239346 for CVE-2024-58020",
"url": "https://bugzilla.suse.com/1239346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58034"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()\n\nAs of_find_node_by_name() release the reference of the argument device\nnode, tegra_emc_find_node_by_ram_code() releases some device nodes while\nstill in use, resulting in possible UAFs. According to the bindings and\nthe in-tree DTS files, the \"emc-tables\" node is always device\u0027s child\nnode with the property \"nvidia,use-ram-code\", and the \"lpddr2\" node is a\nchild of the \"emc-tables\" node. Thus utilize the\nfor_each_child_of_node() macro and of_get_child_by_name() instead of\nof_find_node_by_name() to simplify the code.\n\nThis bug was found by an experimental verification tool that I am\ndeveloping.\n\n[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58034",
"url": "https://www.suse.com/security/cve/CVE-2024-58034"
},
{
"category": "external",
"summary": "SUSE Bug 1238773 for CVE-2024-58034",
"url": "https://bugzilla.suse.com/1238773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi: ipmb: Add check devm_kasprintf() returned value\n\ndevm_kasprintf() can return a NULL pointer on failure but this\nreturned value is not checked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58051",
"url": "https://www.suse.com/security/cve/CVE-2024-58051"
},
{
"category": "external",
"summary": "SUSE Bug 1238963 for CVE-2024-58051",
"url": "https://bugzilla.suse.com/1238963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table\n\nThe function atomctrl_get_smc_sclk_range_table() does not check the return\nvalue of smu_atom_get_data_table(). If smu_atom_get_data_table() fails to\nretrieve SMU_Info table, it returns NULL which is later dereferenced.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nIn practice this should never happen as this code only gets called\non polaris chips and the vbios data table will always be present on\nthose chips.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58052",
"url": "https://www.suse.com/security/cve/CVE-2024-58052"
},
{
"category": "external",
"summary": "SUSE Bug 1238986 for CVE-2024-58052",
"url": "https://bugzilla.suse.com/1238986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: media: max96712: fix kernel oops when removing module\n\nThe following kernel oops is thrown when trying to remove the max96712\nmodule:\n\nUnable to handle kernel paging request at virtual address 00007375746174db\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af89000\n[00007375746174db] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in: crct10dif_ce polyval_ce mxc_jpeg_encdec flexcan\n snd_soc_fsl_sai snd_soc_fsl_asoc_card snd_soc_fsl_micfil dwc_mipi_csi2\n imx_csi_formatter polyval_generic v4l2_jpeg imx_pcm_dma can_dev\n snd_soc_imx_audmux snd_soc_wm8962 snd_soc_imx_card snd_soc_fsl_utils\n max96712(C-) rpmsg_ctrl rpmsg_char pwm_fan fuse\n [last unloaded: imx8_isi]\nCPU: 0 UID: 0 PID: 754 Comm: rmmod\n\t Tainted: G C 6.12.0-rc6-06364-g327fec852c31 #17\nTainted: [C]=CRAP\nHardware name: NXP i.MX95 19X19 board (DT)\npstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : led_put+0x1c/0x40\nlr : v4l2_subdev_put_privacy_led+0x48/0x58\nsp : ffff80008699bbb0\nx29: ffff80008699bbb0 x28: ffff00008ac233c0 x27: 0000000000000000\nx26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\nx23: ffff000080cf1170 x22: ffff00008b53bd00 x21: ffff8000822ad1c8\nx20: ffff000080ff5c00 x19: ffff00008b53be40 x18: 0000000000000000\nx17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\nx14: 0000000000000004 x13: ffff0000800f8010 x12: 0000000000000000\nx11: ffff000082acf5c0 x10: ffff000082acf478 x9 : ffff0000800f8010\nx8 : 0101010101010101 x7 : 7f7f7f7f7f7f7f7f x6 : fefefeff6364626d\nx5 : 8080808000000000 x4 : 0000000000000020 x3 : 00000000553a3dc1\nx2 : ffff00008ac233c0 x1 : ffff00008ac233c0 x0 : ff00737574617473\nCall trace:\n led_put+0x1c/0x40\n v4l2_subdev_put_privacy_led+0x48/0x58\n v4l2_async_unregister_subdev+0x2c/0x1a4\n max96712_remove+0x1c/0x38 [max96712]\n i2c_device_remove+0x2c/0x9c\n device_remove+0x4c/0x80\n device_release_driver_internal+0x1cc/0x228\n driver_detach+0x4c/0x98\n bus_remove_driver+0x6c/0xbc\n driver_unregister+0x30/0x60\n i2c_del_driver+0x54/0x64\n max96712_i2c_driver_exit+0x18/0x1d0 [max96712]\n __arm64_sys_delete_module+0x1a4/0x290\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x34/0xd8\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x190/0x194\nCode: f9000bf3 aa0003f3 f9402800 f9402000 (f9403400)\n---[ end trace 0000000000000000 ]---\n\nThis happens because in v4l2_i2c_subdev_init(), the i2c_set_cliendata()\nis called again and the data is overwritten to point to sd, instead of\npriv. So, in remove(), the wrong pointer is passed to\nv4l2_async_unregister_subdev(), leading to a crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58054",
"url": "https://www.suse.com/security/cve/CVE-2024-58054"
},
{
"category": "external",
"summary": "SUSE Bug 1238975 for CVE-2024-58054",
"url": "https://bugzilla.suse.com/1238975"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_tcm: Don\u0027t free command immediately\n\nDon\u0027t prematurely free the command. Wait for the status completion of\nthe sense status. It can be freed then. Otherwise we will double-free\nthe command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58055",
"url": "https://www.suse.com/security/cve/CVE-2024-58055"
},
{
"category": "external",
"summary": "SUSE Bug 1238959 for CVE-2024-58055",
"url": "https://bugzilla.suse.com/1238959"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Fix ida_free call while not allocated\n\nIn the rproc_alloc() function, on error, put_device(\u0026rproc-\u003edev) is\ncalled, leading to the call of the rproc_type_release() function.\nAn error can occurs before ida_alloc is called.\n\nIn such case in rproc_type_release(), the condition (rproc-\u003eindex \u003e= 0) is\ntrue as rproc-\u003eindex has been initialized to 0.\nida_free() is called reporting a warning:\n[ 4.181906] WARNING: CPU: 1 PID: 24 at lib/idr.c:525 ida_free+0x100/0x164\n[ 4.186378] stm32-display-dsi 5a000000.dsi: Fixed dependency cycle(s) with /soc/dsi@5a000000/panel@0\n[ 4.188854] ida_free called for id=0 which is not allocated.\n[ 4.198256] mipi-dsi 5a000000.dsi.0: Fixed dependency cycle(s) with /soc/dsi@5a000000\n[ 4.203556] Modules linked in: panel_orisetech_otm8009a dw_mipi_dsi_stm(+) gpu_sched dw_mipi_dsi stm32_rproc stm32_crc32 stm32_ipcc(+) optee(+)\n[ 4.224307] CPU: 1 UID: 0 PID: 24 Comm: kworker/u10:0 Not tainted 6.12.0 #442\n[ 4.231481] Hardware name: STM32 (Device Tree Support)\n[ 4.236627] Workqueue: events_unbound deferred_probe_work_func\n[ 4.242504] Call trace:\n[ 4.242522] unwind_backtrace from show_stack+0x10/0x14\n[ 4.250218] show_stack from dump_stack_lvl+0x50/0x64\n[ 4.255274] dump_stack_lvl from __warn+0x80/0x12c\n[ 4.260134] __warn from warn_slowpath_fmt+0x114/0x188\n[ 4.265199] warn_slowpath_fmt from ida_free+0x100/0x164\n[ 4.270565] ida_free from rproc_type_release+0x38/0x60\n[ 4.275832] rproc_type_release from device_release+0x30/0xa0\n[ 4.281601] device_release from kobject_put+0xc4/0x294\n[ 4.286762] kobject_put from rproc_alloc.part.0+0x208/0x28c\n[ 4.292430] rproc_alloc.part.0 from devm_rproc_alloc+0x80/0xc4\n[ 4.298393] devm_rproc_alloc from stm32_rproc_probe+0xd0/0x844 [stm32_rproc]\n[ 4.305575] stm32_rproc_probe [stm32_rproc] from platform_probe+0x5c/0xbc\n\nCalling ida_alloc earlier in rproc_alloc ensures that the rproc-\u003eindex is\nproperly set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58056",
"url": "https://www.suse.com/security/cve/CVE-2024-58056"
},
{
"category": "external",
"summary": "SUSE Bug 1238981 for CVE-2024-58056",
"url": "https://bugzilla.suse.com/1238981"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: convert workqueues to unbound\n\nWhen a workqueue is created with `WQ_UNBOUND`, its work items are\nserved by special worker-pools, whose host workers are not bound to\nany specific CPU. In the default configuration (i.e. when\n`queue_delayed_work` and friends do not specify which CPU to run the\nwork item on), `WQ_UNBOUND` allows the work item to be executed on any\nCPU in the same node of the CPU it was enqueued on. While this\nsolution potentially sacrifices locality, it avoids contention with\nother processes that might dominate the CPU time of the processor the\nwork item was scheduled on.\n\nThis is not just a theoretical problem: in a particular scenario\nmisconfigured process was hogging most of the time from CPU0, leaving\nless than 0.5% of its CPU time to the kworker. The IDPF workqueues\nthat were using the kworker on CPU0 suffered large completion delays\nas a result, causing performance degradation, timeouts and eventual\nsystem crash.\n\n\n* I have also run a manual test to gauge the performance\n improvement. The test consists of an antagonist process\n (`./stress --cpu 2`) consuming as much of CPU 0 as possible. This\n process is run under `taskset 01` to bind it to CPU0, and its\n priority is changed with `chrt -pQ 9900 10000 ${pid}` and\n `renice -n -20 ${pid}` after start.\n\n Then, the IDPF driver is forced to prefer CPU0 by editing all calls\n to `queue_delayed_work`, `mod_delayed_work`, etc... to use CPU 0.\n\n Finally, `ktraces` for the workqueue events are collected.\n\n Without the current patch, the antagonist process can force\n arbitrary delays between `workqueue_queue_work` and\n `workqueue_execute_start`, that in my tests were as high as\n `30ms`. With the current patch applied, the workqueue can be\n migrated to another unloaded CPU in the same node, and, keeping\n everything else equal, the maximum delay I could see was `6us`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58057",
"url": "https://www.suse.com/security/cve/CVE-2024-58057"
},
{
"category": "external",
"summary": "SUSE Bug 1238969 for CVE-2024-58057",
"url": "https://bugzilla.suse.com/1238969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: skip dumping tnc tree when zroot is null\n\nClearing slab cache will free all znode in memory and make\nc-\u003ezroot.znode = NULL, then dumping tnc tree will access\nc-\u003ezroot.znode which cause null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58058",
"url": "https://www.suse.com/security/cve/CVE-2024-58058"
},
{
"category": "external",
"summary": "SUSE Bug 1238979 for CVE-2024-58058",
"url": "https://bugzilla.suse.com/1238979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: prohibit deactivating all links\n\nIn the internal API this calls this is a WARN_ON, but that\nshould remain since internally we want to know about bugs\nthat may cause this. Prevent deactivating all links in the\ndebugfs write directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58061",
"url": "https://www.suse.com/security/cve/CVE-2024-58061"
},
{
"category": "external",
"summary": "SUSE Bug 1238973 for CVE-2024-58061",
"url": "https://bugzilla.suse.com/1238973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: fix memory leaks and invalid access at probe error path\n\nDeinitialize at reverse order when probe fails.\n\nWhen init_sw_vars fails, rtl_deinit_core should not be called, specially\nnow that it destroys the rtl_wq workqueue.\n\nAnd call rtl_pci_deinit and deinit_sw_vars, otherwise, memory will be\nleaked.\n\nRemove pci_set_drvdata call as it will already be cleaned up by the core\ndriver code and could lead to memory leaks too. cf. commit 8d450935ae7f\n(\"wireless: rtlwifi: remove unnecessary pci_set_drvdata()\") and\ncommit 3d86b93064c7 (\"rtlwifi: Fix PCI probe error path orphaned memory\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58063",
"url": "https://www.suse.com/security/cve/CVE-2024-58063"
},
{
"category": "external",
"summary": "SUSE Bug 1238984 for CVE-2024-58063",
"url": "https://bugzilla.suse.com/1238984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nOPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized\n\nIf a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidth\nfrom the OPP table but the bandwidth table was not created because the\ninterconnect properties were missing in the OPP consumer node, the\nkernel will crash with:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000004\n...\npc : _read_bw+0x8/0x10\nlr : _opp_table_find_key+0x9c/0x174\n...\nCall trace:\n _read_bw+0x8/0x10 (P)\n _opp_table_find_key+0x9c/0x174 (L)\n _find_key+0x98/0x168\n dev_pm_opp_find_bw_ceil+0x50/0x88\n...\n\nIn order to fix the crash, create an assert function to check\nif the bandwidth table was created before trying to get a\nbandwidth with _read_bw().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58068",
"url": "https://www.suse.com/security/cve/CVE-2024-58068"
},
{
"category": "external",
"summary": "SUSE Bug 1238961 for CVE-2024-58068",
"url": "https://bugzilla.suse.com/1238961"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58068"
},
{
"cve": "CVE-2024-58069",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58069"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read\n\nThe nvmem interface supports variable buffer sizes, while the regmap\ninterface operates with fixed-size storage. If an nvmem client uses a\nbuffer size less than 4 bytes, regmap_read will write out of bounds\nas it expects the buffer to point at an unsigned int.\n\nFix this by using an intermediary unsigned int to hold the value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58069",
"url": "https://www.suse.com/security/cve/CVE-2024-58069"
},
{
"category": "external",
"summary": "SUSE Bug 1238978 for CVE-2024-58069",
"url": "https://bugzilla.suse.com/1238978"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT\n\nIn PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible\ncontext. bpf_mem_alloc must be used in PREEMPT_RT. This patch is\nto enforce bpf_mem_alloc in the bpf_local_storage when CONFIG_PREEMPT_RT\nis enabled.\n\n[ 35.118559] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n[ 35.118566] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1832, name: test_progs\n[ 35.118569] preempt_count: 1, expected: 0\n[ 35.118571] RCU nest depth: 1, expected: 1\n[ 35.118577] INFO: lockdep is turned off.\n ...\n[ 35.118647] __might_resched+0x433/0x5b0\n[ 35.118677] rt_spin_lock+0xc3/0x290\n[ 35.118700] ___slab_alloc+0x72/0xc40\n[ 35.118723] __kmalloc_noprof+0x13f/0x4e0\n[ 35.118732] bpf_map_kzalloc+0xe5/0x220\n[ 35.118740] bpf_selem_alloc+0x1d2/0x7b0\n[ 35.118755] bpf_local_storage_update+0x2fa/0x8b0\n[ 35.118784] bpf_sk_storage_get_tracing+0x15a/0x1d0\n[ 35.118791] bpf_prog_9a118d86fca78ebb_trace_inet_sock_set_state+0x44/0x66\n[ 35.118795] bpf_trace_run3+0x222/0x400\n[ 35.118820] __bpf_trace_inet_sock_set_state+0x11/0x20\n[ 35.118824] trace_inet_sock_set_state+0x112/0x130\n[ 35.118830] inet_sk_state_store+0x41/0x90\n[ 35.118836] tcp_set_state+0x3b3/0x640\n\nThere is no need to adjust the gfp_flags passing to the\nbpf_mem_cache_alloc_flags() which only honors the GFP_KERNEL.\nThe verifier has ensured GFP_KERNEL is passed only in sleepable context.\n\nIt has been an old issue since the first introduction of the\nbpf_local_storage ~5 years ago, so this patch targets the bpf-next.\n\nbpf_mem_alloc is needed to solve it, so the Fixes tag is set\nto the commit when bpf_mem_alloc was first used in the bpf_local_storage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58070",
"url": "https://www.suse.com/security/cve/CVE-2024-58070"
},
{
"category": "external",
"summary": "SUSE Bug 1238983 for CVE-2024-58070",
"url": "https://bugzilla.suse.com/1238983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58070"
},
{
"cve": "CVE-2024-58071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: prevent adding a device which is already a team device lower\n\nPrevent adding a device which is already a team device lower,\ne.g. adding veth0 if vlan1 was already added and veth0 is a lower of\nvlan1.\n\nThis is not useful in practice and can lead to recursive locking:\n\n$ ip link add veth0 type veth peer name veth1\n$ ip link set veth0 up\n$ ip link set veth1 up\n$ ip link add link veth0 name veth0.1 type vlan protocol 802.1Q id 1\n$ ip link add team0 type team\n$ ip link set veth0.1 down\n$ ip link set veth0.1 master team0\nteam0: Port device veth0.1 added\n$ ip link set veth0 down\n$ ip link set veth0 master team0\n\n============================================\nWARNING: possible recursive locking detected\n6.13.0-rc2-virtme-00441-ga14a429069bb #46 Not tainted\n--------------------------------------------\nip/7684 is trying to acquire lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n\nbut task is already holding lock:\nffff888016848e00 (team-\u003eteam_lock_key){+.+.}-{4:4}, at: team_add_slave (drivers/net/team/team_core.c:1147 drivers/net/team/team_core.c:1977)\n\nother info that might help us debug this:\nPossible unsafe locking scenario:\n\nCPU0\n----\nlock(team-\u003eteam_lock_key);\nlock(team-\u003eteam_lock_key);\n\n*** DEADLOCK ***\n\nMay be due to missing lock nesting notation\n\n2 locks held by ip/7684:\n\nstack backtrace:\nCPU: 3 UID: 0 PID: 7684 Comm: ip Not tainted 6.13.0-rc2-virtme-00441-ga14a429069bb #46\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:122)\nprint_deadlock_bug.cold (kernel/locking/lockdep.c:3040)\n__lock_acquire (kernel/locking/lockdep.c:3893 kernel/locking/lockdep.c:5226)\n? netlink_broadcast_filtered (net/netlink/af_netlink.c:1548)\nlock_acquire.part.0 (kernel/locking/lockdep.c:467 kernel/locking/lockdep.c:5851)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? trace_lock_acquire (./include/trace/events/lock.h:24 (discriminator 2))\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? lock_acquire (kernel/locking/lockdep.c:5822)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n__mutex_lock (kernel/locking/mutex.c:587 kernel/locking/mutex.c:735)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\n? fib_sync_up (net/ipv4/fib_semantics.c:2167)\n? team_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nteam_device_event (drivers/net/team/team_core.c:2928 drivers/net/team/team_core.c:2951 drivers/net/team/team_core.c:2973)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\n__dev_notify_flags (net/core/dev.c:8993)\n? __dev_change_flags (net/core/dev.c:8975)\ndev_change_flags (net/core/dev.c:9027)\nvlan_device_event (net/8021q/vlan.c:85 net/8021q/vlan.c:470)\n? br_device_event (net/bridge/br.c:143)\nnotifier_call_chain (kernel/notifier.c:85)\ncall_netdevice_notifiers_info (net/core/dev.c:1996)\ndev_open (net/core/dev.c:1519 net/core/dev.c:1505)\nteam_add_slave (drivers/net/team/team_core.c:1219 drivers/net/team/team_core.c:1977)\n? __pfx_team_add_slave (drivers/net/team/team_core.c:1972)\ndo_set_master (net/core/rtnetlink.c:2917)\ndo_setlink.isra.0 (net/core/rtnetlink.c:3117)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58071",
"url": "https://www.suse.com/security/cve/CVE-2024-58071"
},
{
"category": "external",
"summary": "SUSE Bug 1238970 for CVE-2024-58071",
"url": "https://bugzilla.suse.com/1238970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58071"
},
{
"cve": "CVE-2024-58072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtlwifi: remove unused check_buddy_priv\n\nCommit 2461c7d60f9f (\"rtlwifi: Update header file\") introduced a global\nlist of private data structures.\n\nLater on, commit 26634c4b1868 (\"rtlwifi Modify existing bits to match\nvendor version 2013.02.07\") started adding the private data to that list at\nprobe time and added a hook, check_buddy_priv to find the private data from\na similar device.\n\nHowever, that function was never used.\n\nBesides, though there is a lock for that list, it is never used. And when\nthe probe fails, the private data is never removed from the list. This\nwould cause a second probe to access freed memory.\n\nRemove the unused hook, structures and members, which will prevent the\npotential race condition on the list and its corruption during a second\nprobe when probe fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58072",
"url": "https://www.suse.com/security/cve/CVE-2024-58072"
},
{
"category": "external",
"summary": "SUSE Bug 1238964 for CVE-2024-58072",
"url": "https://bugzilla.suse.com/1238964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-sm6350: Add missing parent_map for two clocks\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for two clocks where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58076",
"url": "https://www.suse.com/security/cve/CVE-2024-58076"
},
{
"category": "external",
"summary": "SUSE Bug 1239037 for CVE-2024-58076",
"url": "https://bugzilla.suse.com/1239037"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors\n\nmisc_minor_alloc was allocating id using ida for minor only in case of\nMISC_DYNAMIC_MINOR but misc_minor_free was always freeing ids\nusing ida_free causing a mismatch and following warn:\n\u003e \u003e WARNING: CPU: 0 PID: 159 at lib/idr.c:525 ida_free+0x3e0/0x41f\n\u003e \u003e ida_free called for id=127 which is not allocated.\n\u003e \u003e \u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\u003c\n...\n\u003e \u003e [\u003c60941eb4\u003e] ida_free+0x3e0/0x41f\n\u003e \u003e [\u003c605ac993\u003e] misc_minor_free+0x3e/0xbc\n\u003e \u003e [\u003c605acb82\u003e] misc_deregister+0x171/0x1b3\n\nmisc_minor_alloc is changed to allocate id from ida for all minors\nfalling in the range of dynamic/ misc dynamic minors",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58078",
"url": "https://www.suse.com/security/cve/CVE-2024-58078"
},
{
"category": "external",
"summary": "SUSE Bug 1239034 for CVE-2024-58078",
"url": "https://bugzilla.suse.com/1239034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Fix crash during unbind if gpio unit is in use\n\nWe used the wrong device for the device managed functions. We used the\nusb device, when we should be using the interface device.\n\nIf we unbind the driver from the usb interface, the cleanup functions\nare never called. In our case, the IRQ is never disabled.\n\nIf an IRQ is triggered, it will try to access memory sections that are\nalready free, causing an OOPS.\n\nWe cannot use the function devm_request_threaded_irq here. The devm_*\nclean functions may be called after the main structure is released by\nuvc_delete.\n\nLuckily this bug has small impact, as it is only affected by devices\nwith gpio units and the user has to unbind the device, a disconnect will\nnot trigger this error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58079",
"url": "https://www.suse.com/security/cve/CVE-2024-58079"
},
{
"category": "external",
"summary": "SUSE Bug 1239029 for CVE-2024-58079",
"url": "https://bugzilla.suse.com/1239029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: dispcc-sm6350: Add missing parent_map for a clock\n\nIf a clk_rcg2 has a parent, it should also have parent_map defined,\notherwise we\u0027ll get a NULL pointer dereference when calling clk_set_rate\nlike the following:\n\n [ 3.388105] Call trace:\n [ 3.390664] qcom_find_src_index+0x3c/0x70 (P)\n [ 3.395301] qcom_find_src_index+0x1c/0x70 (L)\n [ 3.399934] _freq_tbl_determine_rate+0x48/0x100\n [ 3.404753] clk_rcg2_determine_rate+0x1c/0x28\n [ 3.409387] clk_core_determine_round_nolock+0x58/0xe4\n [ 3.421414] clk_core_round_rate_nolock+0x48/0xfc\n [ 3.432974] clk_core_round_rate_nolock+0xd0/0xfc\n [ 3.444483] clk_core_set_rate_nolock+0x8c/0x300\n [ 3.455886] clk_set_rate+0x38/0x14c\n\nAdd the parent_map property for the clock where it\u0027s missing and also\nun-inline the parent_data as well to keep the matching parent_map and\nparent_data together.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58080",
"url": "https://www.suse.com/security/cve/CVE-2024-58080"
},
{
"category": "external",
"summary": "SUSE Bug 1239027 for CVE-2024-58080",
"url": "https://bugzilla.suse.com/1239027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Explicitly verify target vCPU is online in kvm_get_vcpu()\n\nExplicitly verify the target vCPU is fully online _prior_ to clamping the\nindex in kvm_get_vcpu(). If the index is \"bad\", the nospec clamping will\ngenerate \u00270\u0027, i.e. KVM will return vCPU0 instead of NULL.\n\nIn practice, the bug is unlikely to cause problems, as it will only come\ninto play if userspace or the guest is buggy or misbehaving, e.g. KVM may\nsend interrupts to vCPU0 instead of dropping them on the floor.\n\nHowever, returning vCPU0 when it shouldn\u0027t exist per online_vcpus is\nproblematic now that KVM uses an xarray for the vCPUs array, as KVM needs\nto insert into the xarray before publishing the vCPU to userspace (see\ncommit c5b077549136 (\"KVM: Convert the kvm-\u003evcpus array to a xarray\")),\ni.e. before vCPU creation is guaranteed to succeed.\n\nAs a result, incorrectly providing access to vCPU0 will trigger a\nuse-after-free if vCPU0 is dereferenced and kvm_vm_ioctl_create_vcpu()\nbails out of vCPU creation due to an error and frees vCPU0. Commit\nafb2acb2e3a3 (\"KVM: Fix vcpu_array[0] races\") papered over that issue, but\nin doing so introduced an unsolvable teardown conundrum. Preventing\naccesses to vCPU0 before it\u0027s fully online will allow reverting commit\nafb2acb2e3a3, without re-introducing the vcpu_array[0] UAF race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58083",
"url": "https://www.suse.com/security/cve/CVE-2024-58083"
},
{
"category": "external",
"summary": "SUSE Bug 1239036 for CVE-2024-58083",
"url": "https://bugzilla.suse.com/1239036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntomoyo: don\u0027t emit warning in tomoyo_write_control()\n\nsyzbot is reporting too large allocation warning at tomoyo_write_control(),\nfor one can write a very very long line without new line character. To fix\nthis warning, I use __GFP_NOWARN rather than checking for KMALLOC_MAX_SIZE,\nfor practically a valid line should be always shorter than 32KB where the\n\"too small to fail\" memory-allocation rule applies.\n\nOne might try to write a valid line that is longer than 32KB, but such\nrequest will likely fail with -ENOMEM. Therefore, I feel that separately\nreturning -EINVAL when a line is longer than KMALLOC_MAX_SIZE is redundant.\nThere is no need to distinguish over-32KB and over-KMALLOC_MAX_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58085",
"url": "https://www.suse.com/security/cve/CVE-2024-58085"
},
{
"category": "external",
"summary": "SUSE Bug 1239085 for CVE-2024-58085",
"url": "https://bugzilla.suse.com/1239085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Stop active perfmon if it is being destroyed\n\nIf the active performance monitor (`v3d-\u003eactive_perfmon`) is being\ndestroyed, stop it first. Currently, the active perfmon is not\nstopped during destruction, leaving the `v3d-\u003eactive_perfmon` pointer\nstale. This can lead to undefined behavior and instability.\n\nThis patch ensures that the active perfmon is stopped before being\ndestroyed, aligning with the behavior introduced in commit\n7d1fd3638ee3 (\"drm/v3d: Stop the active perfmon before being destroyed\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58086",
"url": "https://www.suse.com/security/cve/CVE-2024-58086"
},
{
"category": "external",
"summary": "SUSE Bug 1239038 for CVE-2024-58086",
"url": "https://bugzilla.suse.com/1239038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2024-58088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix deadlock when freeing cgroup storage\n\nThe following commit\nbc235cdb423a (\"bpf: Prevent deadlock from recursive bpf_task_storage_[get|delete]\")\nfirst introduced deadlock prevention for fentry/fexit programs attaching\non bpf_task_storage helpers. That commit also employed the logic in map\nfree path in its v6 version.\n\nLater bpf_cgrp_storage was first introduced in\nc4bcfb38a95e (\"bpf: Implement cgroup storage available to non-cgroup-attached bpf progs\")\nwhich faces the same issue as bpf_task_storage, instead of its busy\ncounter, NULL was passed to bpf_local_storage_map_free() which opened\na window to cause deadlock:\n\n\t\u003cTASK\u003e\n\t\t(acquiring local_storage-\u003elock)\n\t_raw_spin_lock_irqsave+0x3d/0x50\n\tbpf_local_storage_update+0xd1/0x460\n\tbpf_cgrp_storage_get+0x109/0x130\n\tbpf_prog_a4d4a370ba857314_cgrp_ptr+0x139/0x170\n\t? __bpf_prog_enter_recur+0x16/0x80\n\tbpf_trampoline_6442485186+0x43/0xa4\n\tcgroup_storage_ptr+0x9/0x20\n\t\t(holding local_storage-\u003elock)\n\tbpf_selem_unlink_storage_nolock.constprop.0+0x135/0x160\n\tbpf_selem_unlink_storage+0x6f/0x110\n\tbpf_local_storage_map_free+0xa2/0x110\n\tbpf_map_free_deferred+0x5b/0x90\n\tprocess_one_work+0x17c/0x390\n\tworker_thread+0x251/0x360\n\tkthread+0xd2/0x100\n\tret_from_fork+0x34/0x50\n\tret_from_fork_asm+0x1a/0x30\n\t\u003c/TASK\u003e\n\nProgs:\n - A: SEC(\"fentry/cgroup_storage_ptr\")\n - cgid (BPF_MAP_TYPE_HASH)\n\tRecord the id of the cgroup the current task belonging\n\tto in this hash map, using the address of the cgroup\n\tas the map key.\n - cgrpa (BPF_MAP_TYPE_CGRP_STORAGE)\n\tIf current task is a kworker, lookup the above hash\n\tmap using function parameter @owner as the key to get\n\tits corresponding cgroup id which is then used to get\n\ta trusted pointer to the cgroup through\n\tbpf_cgroup_from_id(). This trusted pointer can then\n\tbe passed to bpf_cgrp_storage_get() to finally trigger\n\tthe deadlock issue.\n - B: SEC(\"tp_btf/sys_enter\")\n - cgrpb (BPF_MAP_TYPE_CGRP_STORAGE)\n\tThe only purpose of this prog is to fill Prog A\u0027s\n\thash map by calling bpf_cgrp_storage_get() for as\n\tmany userspace tasks as possible.\n\nSteps to reproduce:\n - Run A;\n - while (true) { Run B; Destroy B; }\n\nFix this issue by passing its busy counter to the free procedure so\nit can be properly incremented before storage/smap locking.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58088",
"url": "https://www.suse.com/security/cve/CVE-2024-58088"
},
{
"category": "external",
"summary": "SUSE Bug 1239510 for CVE-2024-58088",
"url": "https://bugzilla.suse.com/1239510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58088"
},
{
"cve": "CVE-2024-58093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/ASPM: Fix link state exit during switch upstream function removal\n\nBefore 456d8aa37d0f (\"PCI/ASPM: Disable ASPM on MFD function removal to\navoid use-after-free\"), we would free the ASPM link only after the last\nfunction on the bus pertaining to the given link was removed.\n\nThat was too late. If function 0 is removed before sibling function,\nlink-\u003edownstream would point to free\u0027d memory after.\n\nAfter above change, we freed the ASPM parent link state upon any function\nremoval on the bus pertaining to a given link.\n\nThat is too early. If the link is to a PCIe switch with MFD on the upstream\nport, then removing functions other than 0 first would free a link which\nstill remains parent_link to the remaining downstream ports.\n\nThe resulting GPFs are especially frequent during hot-unplug, because\npciehp removes devices on the link bus in reverse order.\n\nOn that switch, function 0 is the virtual P2P bridge to the internal bus.\nFree exactly when function 0 is removed -- before the parent link is\nobsolete, but after all subordinate links are gone.\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58093",
"url": "https://www.suse.com/security/cve/CVE-2024-58093"
},
{
"category": "external",
"summary": "SUSE Bug 1241347 for CVE-2024-58093",
"url": "https://bugzilla.suse.com/1241347"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58093"
},
{
"cve": "CVE-2024-58094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before truncation in jfs_truncate_nolock()\n\nAdded a check for \"read-only\" mode in the `jfs_truncate_nolock`\nfunction to avoid errors related to writing to a read-only\nfilesystem.\n\nCall stack:\n\nblock_write_begin() {\n jfs_write_failed() {\n jfs_truncate() {\n jfs_truncate_nolock() {\n txEnd() {\n ...\n log = JFS_SBI(tblk-\u003esb)-\u003elog;\n // (log == NULL)\n\nIf the `isReadOnly(ip)` condition is triggered in\n`jfs_truncate_nolock`, the function execution will stop, and no\nfurther data modification will occur. Instead, the `xtTruncate`\nfunction will be called with the \"COMMIT_WMAP\" flag, preventing\nmodifications in \"read-only\" mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58094",
"url": "https://www.suse.com/security/cve/CVE-2024-58094"
},
{
"category": "external",
"summary": "SUSE Bug 1241443 for CVE-2024-58094",
"url": "https://bugzilla.suse.com/1241443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58094"
},
{
"cve": "CVE-2024-58095",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58095"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: add check read-only before txBeginAnon() call\n\nAdded a read-only check before calling `txBeginAnon` in `extAlloc`\nand `extRecord`. This prevents modification attempts on a read-only\nmounted filesystem, avoiding potential errors or crashes.\n\nCall trace:\n txBeginAnon+0xac/0x154\n extAlloc+0xe8/0xdec fs/jfs/jfs_extent.c:78\n jfs_get_block+0x340/0xb98 fs/jfs/inode.c:248\n __block_write_begin_int+0x580/0x166c fs/buffer.c:2128\n __block_write_begin fs/buffer.c:2177 [inline]\n block_write_begin+0x98/0x11c fs/buffer.c:2236\n jfs_write_begin+0x44/0x88 fs/jfs/inode.c:299",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58095",
"url": "https://www.suse.com/security/cve/CVE-2024-58095"
},
{
"category": "external",
"summary": "SUSE Bug 1241442 for CVE-2024-58095",
"url": "https://bugzilla.suse.com/1241442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58095"
},
{
"cve": "CVE-2024-58096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58096"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: add srng-\u003elock for ath11k_hal_srng_* in monitor mode\n\nath11k_hal_srng_* should be used with srng-\u003elock to protect srng data.\n\nFor ath11k_dp_rx_mon_dest_process() and ath11k_dp_full_mon_process_rx(),\nthey use ath11k_hal_srng_* for many times but never call srng-\u003elock.\n\nSo when running (full) monitor mode, warning will occur:\nRIP: 0010:ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\nCall Trace:\n ? ath11k_hal_srng_dst_peek+0x18/0x30 [ath11k]\n ath11k_dp_rx_process_mon_status+0xc45/0x1190 [ath11k]\n ? idr_alloc_u32+0x97/0xd0\n ath11k_dp_rx_process_mon_rings+0x32a/0x550 [ath11k]\n ath11k_dp_service_srng+0x289/0x5a0 [ath11k]\n ath11k_pcic_ext_grp_napi_poll+0x30/0xd0 [ath11k]\n __napi_poll+0x30/0x1f0\n net_rx_action+0x198/0x320\n __do_softirq+0xdd/0x319\n\nSo add srng-\u003elock for them to avoid such warnings.\n\nInorder to fetch the srng-\u003elock, should change srng\u0027s definition from\n\u0027void\u0027 to \u0027struct hal_srng\u0027. And initialize them elsewhere to prevent\none line of code from being too long. This is consistent with other ring\nprocess functions, such as ath11k_dp_process_rx().\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58096",
"url": "https://www.suse.com/security/cve/CVE-2024-58096"
},
{
"category": "external",
"summary": "SUSE Bug 1241344 for CVE-2024-58096",
"url": "https://bugzilla.suse.com/1241344"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58096"
},
{
"cve": "CVE-2024-58097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix RCU stall while reaping monitor destination ring\n\nWhile processing the monitor destination ring, MSDUs are reaped from the\nlink descriptor based on the corresponding buf_id.\n\nHowever, sometimes the driver cannot obtain a valid buffer corresponding\nto the buf_id received from the hardware. This causes an infinite loop\nin the destination processing, resulting in a kernel crash.\n\nkernel log:\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\nath11k_pci 0000:58:00.0: data msdu_pop: invalid buf_id 309\nath11k_pci 0000:58:00.0: data dp_rx_monitor_link_desc_return failed\n\nFix this by skipping the problematic buf_id and reaping the next entry,\nreplacing the break with the next MSDU processing.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58097",
"url": "https://www.suse.com/security/cve/CVE-2024-58097"
},
{
"category": "external",
"summary": "SUSE Bug 1241343 for CVE-2024-58097",
"url": "https://bugzilla.suse.com/1241343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2024-58097"
},
{
"cve": "CVE-2025-21631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock, bfq: fix waker_bfqq UAF after bfq_split_bfqq()\n\nOur syzkaller report a following UAF for v6.6:\n\nBUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\nRead of size 8 at addr ffff8881b57147d8 by task fsstress/232726\n\nCPU: 2 PID: 232726 Comm: fsstress Not tainted 6.6.0-g3629d1885222 #39\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106\n print_address_description.constprop.0+0x66/0x300 mm/kasan/report.c:364\n print_report+0x3e/0x70 mm/kasan/report.c:475\n kasan_report+0xb8/0xf0 mm/kasan/report.c:588\n hlist_add_head include/linux/list.h:1023 [inline]\n bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh+0x15e/0x2e0 fs/ext4/super.c:230\n __read_extent_tree_block+0x304/0x6f0 fs/ext4/extents.c:567\n ext4_find_extent+0x479/0xd20 fs/ext4/extents.c:947\n ext4_ext_map_blocks+0x1a3/0x2680 fs/ext4/extents.c:4182\n ext4_map_blocks+0x929/0x15a0 fs/ext4/inode.c:660\n ext4_iomap_begin_report+0x298/0x480 fs/ext4/inode.c:3569\n iomap_iter+0x3dd/0x1010 fs/iomap/iter.c:91\n iomap_fiemap+0x1f4/0x360 fs/iomap/fiemap.c:80\n ext4_fiemap+0x181/0x210 fs/ext4/extents.c:5051\n ioctl_fiemap.isra.0+0x1b4/0x290 fs/ioctl.c:220\n do_vfs_ioctl+0x31c/0x11a0 fs/ioctl.c:811\n __do_sys_ioctl fs/ioctl.c:869 [inline]\n __se_sys_ioctl+0xae/0x190 fs/ioctl.c:857\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x70/0x120 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\nAllocated by task 232719:\n kasan_save_stack+0x22/0x50 mm/kasan/common.c:45\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\n slab_post_alloc_hook mm/slab.h:768 [inline]\n slab_alloc_node mm/slub.c:3492 [inline]\n kmem_cache_alloc_node+0x1b8/0x6f0 mm/slub.c:3537\n bfq_get_queue+0x215/0x1f00 block/bfq-iosched.c:5869\n bfq_get_bfqq_handle_split+0x167/0x5f0 block/bfq-iosched.c:6776\n bfq_init_rq+0x13a4/0x17a0 block/bfq-iosched.c:6938\n bfq_insert_request.isra.0+0xe8/0xa20 block/bfq-iosched.c:6271\n bfq_insert_requests+0x27f/0x390 block/bfq-iosched.c:6323\n blk_mq_insert_request+0x290/0x8f0 block/blk-mq.c:2660\n blk_mq_submit_bio+0x1021/0x15e0 block/blk-mq.c:3143\n __submit_bio+0xa0/0x6b0 block/blk-core.c:639\n __submit_bio_noacct_mq block/blk-core.c:718 [inline]\n submit_bio_noacct_nocheck+0x5b7/0x810 block/blk-core.c:747\n submit_bio_noacct+0xca0/0x1990 block/blk-core.c:847\n __ext4_read_bh fs/ext4/super.c:205 [inline]\n ext4_read_bh_nowait+0x15a/0x240 fs/ext4/super.c:217\n ext4_read_bh_lock+0xac/0xd0 fs/ext4/super.c:242\n ext4_bread_batch+0x268/0x500 fs/ext4/inode.c:958\n __ext4_find_entry+0x448/0x10f0 fs/ext4/namei.c:1671\n ext4_lookup_entry fs/ext4/namei.c:1774 [inline]\n ext4_lookup.part.0+0x359/0x6f0 fs/ext4/namei.c:1842\n ext4_lookup+0x72/0x90 fs/ext4/namei.c:1839\n __lookup_slow+0x257/0x480 fs/namei.c:1696\n lookup_slow fs/namei.c:1713 [inline]\n walk_component+0x454/0x5c0 fs/namei.c:2004\n link_path_walk.part.0+0x773/0xda0 fs/namei.c:2331\n link_path_walk fs/namei.c:3826 [inline]\n path_openat+0x1b9/0x520 fs/namei.c:3826\n do_filp_open+0x1b7/0x400 fs/namei.c:3857\n do_sys_openat2+0x5dc/0x6e0 fs/open.c:1428\n do_sys_open fs/open.c:1443 [inline]\n __do_sys_openat fs/open.c:1459 [inline]\n __se_sys_openat fs/open.c:1454 [inline]\n __x64_sys_openat+0x148/0x200 fs/open.c:1454\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_6\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21631",
"url": "https://www.suse.com/security/cve/CVE-2025-21631"
},
{
"category": "external",
"summary": "SUSE Bug 1236099 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236099"
},
{
"category": "external",
"summary": "SUSE Bug 1236100 for CVE-2025-21631",
"url": "https://bugzilla.suse.com/1236100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe per-netns structure can be obtained from the table-\u003edata using\ncontainer_of(), then the \u0027net\u0027 one can be retrieved from the listen\nsocket (if available).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21635",
"url": "https://www.suse.com/security/cve/CVE-2025-21635"
},
{
"category": "external",
"summary": "SUSE Bug 1236111 for CVE-2025-21635",
"url": "https://bugzilla.suse.com/1236111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\n\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\nresizing hashtable because __GFP_NOWARN is unset. See:\n\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\n\nNote: hashtable resize is only possible from init_netns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21648",
"url": "https://www.suse.com/security/cve/CVE-2025-21648"
},
{
"category": "external",
"summary": "SUSE Bug 1236142 for CVE-2025-21648",
"url": "https://bugzilla.suse.com/1236142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetdev: prevent accessing NAPI instances from another namespace\n\nThe NAPI IDs were not fully exposed to user space prior to the netlink\nAPI, so they were never namespaced. The netlink API must ensure that\nat the very least NAPI instance belongs to the same netns as the owner\nof the genl sock.\n\nnapi_by_id() can become static now, but it needs to move because of\ndev_get_by_napi_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21659",
"url": "https://www.suse.com/security/cve/CVE-2025-21659"
},
{
"category": "external",
"summary": "SUSE Bug 1236206 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236206"
},
{
"category": "external",
"summary": "SUSE Bug 1236207 for CVE-2025-21659",
"url": "https://bugzilla.suse.com/1236207"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nzram: fix potential UAF of zram table\n\nIf zram_meta_alloc failed early, it frees allocated zram-\u003etable without\nsetting it NULL. Which will potentially cause zram_meta_free to access\nthe table if user reset an failed and uninitialized device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21671",
"url": "https://www.suse.com/security/cve/CVE-2025-21671"
},
{
"category": "external",
"summary": "SUSE Bug 1236692 for CVE-2025-21671",
"url": "https://bugzilla.suse.com/1236692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_sk_select_reuseport() memory leak\n\nAs pointed out in the original comment, lookup in sockmap can return a TCP\nESTABLISHED socket. Such TCP socket may have had SO_ATTACH_REUSEPORT_EBPF\nset before it was ESTABLISHED. In other words, a non-NULL sk_reuseport_cb\ndoes not imply a non-refcounted socket.\n\nDrop sk\u0027s reference in both error paths.\n\nunreferenced object 0xffff888101911800 (size 2048):\n comm \"test_progs\", pid 44109, jiffies 4297131437\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 80 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 9336483b):\n __kmalloc_noprof+0x3bf/0x560\n __reuseport_alloc+0x1d/0x40\n reuseport_alloc+0xca/0x150\n reuseport_attach_prog+0x87/0x140\n sk_reuseport_attach_bpf+0xc8/0x100\n sk_setsockopt+0x1181/0x1990\n do_sock_setsockopt+0x12b/0x160\n __sys_setsockopt+0x7b/0xc0\n __x64_sys_setsockopt+0x1b/0x30\n do_syscall_64+0x93/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21683",
"url": "https://www.suse.com/security/cve/CVE-2025-21683"
},
{
"category": "external",
"summary": "SUSE Bug 1236704 for CVE-2025-21683",
"url": "https://bugzilla.suse.com/1236704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "low"
}
],
"title": "CVE-2025-21683"
},
{
"cve": "CVE-2025-21693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: properly synchronize freeing resources during CPU hotunplug\n\nIn zswap_compress() and zswap_decompress(), the per-CPU acomp_ctx of the\ncurrent CPU at the beginning of the operation is retrieved and used\nthroughout. However, since neither preemption nor migration are disabled,\nit is possible that the operation continues on a different CPU.\n\nIf the original CPU is hotunplugged while the acomp_ctx is still in use,\nwe run into a UAF bug as some of the resources attached to the acomp_ctx\nare freed during hotunplug in zswap_cpu_comp_dead() (i.e. \nacomp_ctx.buffer, acomp_ctx.req, or acomp_ctx.acomp).\n\nThe problem was introduced in commit 1ec3b5fe6eec (\"mm/zswap: move to use\ncrypto_acomp API for hardware acceleration\") when the switch to the\ncrypto_acomp API was made. Prior to that, the per-CPU crypto_comp was\nretrieved using get_cpu_ptr() which disables preemption and makes sure the\nCPU cannot go away from under us. Preemption cannot be disabled with the\ncrypto_acomp API as a sleepable context is needed.\n\nUse the acomp_ctx.mutex to synchronize CPU hotplug callbacks allocating\nand freeing resources with compression/decompression paths. Make sure\nthat acomp_ctx.req is NULL when the resources are freed. In the\ncompression/decompression paths, check if acomp_ctx.req is NULL after\nacquiring the mutex (meaning the CPU was offlined) and retry on the new\nCPU.\n\nThe initialization of acomp_ctx.mutex is moved from the CPU hotplug\ncallback to the pool initialization where it belongs (where the mutex is\nallocated). In addition to adding clarity, this makes sure that CPU\nhotplug cannot reinitialize a mutex that is already locked by\ncompression/decompression.\n\nPreviously a fix was attempted by holding cpus_read_lock() [1]. This\nwould have caused a potential deadlock as it is possible for code already\nholding the lock to fall into reclaim and enter zswap (causing a\ndeadlock). A fix was also attempted using SRCU for synchronization, but\nJohannes pointed out that synchronize_srcu() cannot be used in CPU hotplug\nnotifiers [2].\n\nAlternative fixes that were considered/attempted and could have worked:\n- Refcounting the per-CPU acomp_ctx. This involves complexity in\n handling the race between the refcount dropping to zero in\n zswap_[de]compress() and the refcount being re-initialized when the\n CPU is onlined.\n- Disabling migration before getting the per-CPU acomp_ctx [3], but\n that\u0027s discouraged and is a much bigger hammer than needed, and could\n result in subtle performance issues.\n\n[1]https://lkml.kernel.org/20241219212437.2714151-1-yosryahmed@google.com/\n[2]https://lkml.kernel.org/20250107074724.1756696-2-yosryahmed@google.com/\n[3]https://lkml.kernel.org/20250107222236.2715883-2-yosryahmed@google.com/\n\n[yosryahmed@google.com: remove comment]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21693",
"url": "https://www.suse.com/security/cve/CVE-2025-21693"
},
{
"category": "external",
"summary": "SUSE Bug 1237029 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237029"
},
{
"category": "external",
"summary": "SUSE Bug 1237047 for CVE-2025-21693",
"url": "https://bugzilla.suse.com/1237047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: clear uffd-wp PTE/PMD state on mremap()\n\nWhen mremap()ing a memory region previously registered with userfaultfd as\nwrite-protected but without UFFD_FEATURE_EVENT_REMAP, an inconsistency in\nflag clearing leads to a mismatch between the vma flags (which have\nuffd-wp cleared) and the pte/pmd flags (which do not have uffd-wp\ncleared). This mismatch causes a subsequent mprotect(PROT_WRITE) to\ntrigger a warning in page_table_check_pte_flags() due to setting the pte\nto writable while uffd-wp is still set.\n\nFix this by always explicitly clearing the uffd-wp pte/pmd flags on any\nsuch mremap() so that the values are consistent with the existing clearing\nof VM_UFFD_WP. Be careful to clear the logical flag regardless of its\nphysical form; a PTE bit, a swap PTE bit, or a PTE marker. Cover PTE,\nhuge PMD and hugetlb paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21696",
"url": "https://www.suse.com/security/cve/CVE-2025-21696"
},
{
"category": "external",
"summary": "SUSE Bug 1237111 for CVE-2025-21696",
"url": "https://bugzilla.suse.com/1237111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21696"
},
{
"cve": "CVE-2025-21701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: avoid race between device unregistration and ethnl ops\n\nThe following trace can be seen if a device is being unregistered while\nits number of channels are being modified.\n\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 3 PID: 3754 at kernel/locking/mutex.c:564 __mutex_lock+0xc8a/0x1120\n CPU: 3 UID: 0 PID: 3754 Comm: ethtool Not tainted 6.13.0-rc6+ #771\n RIP: 0010:__mutex_lock+0xc8a/0x1120\n Call Trace:\n \u003cTASK\u003e\n ethtool_check_max_channel+0x1ea/0x880\n ethnl_set_channels+0x3c3/0xb10\n ethnl_default_set_doit+0x306/0x650\n genl_family_rcv_msg_doit+0x1e3/0x2c0\n genl_rcv_msg+0x432/0x6f0\n netlink_rcv_skb+0x13d/0x3b0\n genl_rcv+0x28/0x40\n netlink_unicast+0x42e/0x720\n netlink_sendmsg+0x765/0xc20\n __sys_sendto+0x3ac/0x420\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x95/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThis is because unregister_netdevice_many_notify might run before the\nrtnl lock section of ethnl operations, eg. set_channels in the above\nexample. In this example the rss lock would be destroyed by the device\nunregistration path before being used again, but in general running\nethnl operations while dismantle has started is not a good idea.\n\nFix this by denying any operation on devices being unregistered. A check\nwas already there in ethnl_ops_begin, but not wide enough.\n\nNote that the same issue cannot be seen on the ioctl version\n(__dev_ethtool) because the device reference is retrieved from within\nthe rtnl lock section there. Once dismantle started, the net device is\nunlisted and no reference will be found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21701",
"url": "https://www.suse.com/security/cve/CVE-2025-21701"
},
{
"category": "external",
"summary": "SUSE Bug 1237164 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1237164"
},
{
"category": "external",
"summary": "SUSE Bug 1245805 for CVE-2025-21701",
"url": "https://bugzilla.suse.com/1245805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0\n\nExpected behaviour:\nIn case we reach scheduler\u0027s limit, pfifo_tail_enqueue() will drop a\npacket in scheduler\u0027s queue and decrease scheduler\u0027s qlen by one.\nThen, pfifo_tail_enqueue() enqueue new packet and increase\nscheduler\u0027s qlen by one. Finally, pfifo_tail_enqueue() return\n`NET_XMIT_CN` status code.\n\nWeird behaviour:\nIn case we set `sch-\u003elimit == 0` and trigger pfifo_tail_enqueue() on a\nscheduler that has no packet, the \u0027drop a packet\u0027 step will do nothing.\nThis means the scheduler\u0027s qlen still has value equal 0.\nThen, we continue to enqueue new packet and increase scheduler\u0027s qlen by\none. In summary, we can leverage pfifo_tail_enqueue() to increase qlen by\none and return `NET_XMIT_CN` status code.\n\nThe problem is:\nLet\u0027s say we have two qdiscs: Qdisc_A and Qdisc_B.\n - Qdisc_A\u0027s type must have \u0027-\u003egraft()\u0027 function to create parent/child relationship.\n Let\u0027s say Qdisc_A\u0027s type is `hfsc`. Enqueue packet to this qdisc will trigger `hfsc_enqueue`.\n - Qdisc_B\u0027s type is pfifo_head_drop. Enqueue packet to this qdisc will trigger `pfifo_tail_enqueue`.\n - Qdisc_B is configured to have `sch-\u003elimit == 0`.\n - Qdisc_A is configured to route the enqueued\u0027s packet to Qdisc_B.\n\nEnqueue packet through Qdisc_A will lead to:\n - hfsc_enqueue(Qdisc_A) -\u003e pfifo_tail_enqueue(Qdisc_B)\n - Qdisc_B-\u003eq.qlen += 1\n - pfifo_tail_enqueue() return `NET_XMIT_CN`\n - hfsc_enqueue() check for `NET_XMIT_SUCCESS` and see `NET_XMIT_CN` =\u003e hfsc_enqueue() don\u0027t increase qlen of Qdisc_A.\n\nThe whole process lead to a situation where Qdisc_A-\u003eq.qlen == 0 and Qdisc_B-\u003eq.qlen == 1.\nReplace \u0027hfsc\u0027 with other type (for example: \u0027drr\u0027) still lead to the same problem.\nThis violate the design where parent\u0027s qlen should equal to the sum of its childrens\u0027qlen.\n\nBug impact: This issue can be used for user-\u003ekernel privilege escalation when it is reachable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21702",
"url": "https://www.suse.com/security/cve/CVE-2025-21702"
},
{
"category": "external",
"summary": "SUSE Bug 1237312 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1237312"
},
{
"category": "external",
"summary": "SUSE Bug 1245797 for CVE-2025-21702",
"url": "https://bugzilla.suse.com/1245797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetem: Update sch-\u003eq.qlen before qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() notifies parent qdisc only if child\nqdisc becomes empty, therefore we need to reduce the backlog of the\nchild qdisc before calling it. Otherwise it would miss the opportunity\nto call cops-\u003eqlen_notify(), in the case of DRR, it resulted in UAF\nsince DRR uses -\u003eqlen_notify() to maintain its active list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21703",
"url": "https://www.suse.com/security/cve/CVE-2025-21703"
},
{
"category": "external",
"summary": "SUSE Bug 1237313 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1237313"
},
{
"category": "external",
"summary": "SUSE Bug 1245796 for CVE-2025-21703",
"url": "https://bugzilla.suse.com/1245796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: cdc-acm: Check control transfer buffer size before access\n\nIf the first fragment is shorter than struct usb_cdc_notification, we can\u0027t\ncalculate an expected_size. Log an error and discard the notification\ninstead of reading lengths from memory outside the received data, which can\nlead to memory corruption when the expected_size decreases between\nfragments, causing `expected_size - acm-\u003enb_index` to wrap.\n\nThis issue has been present since the beginning of git history; however,\nit only leads to memory corruption since commit ea2583529cd1\n(\"cdc-acm: reassemble fragmented notifications\").\n\nA mitigating factor is that acm_ctrl_irq() can only execute after userspace\nhas opened /dev/ttyACM*; but if ModemManager is running, ModemManager will\ndo that automatically depending on the USB device\u0027s vendor/product IDs and\nits other interfaces.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21704",
"url": "https://www.suse.com/security/cve/CVE-2025-21704"
},
{
"category": "external",
"summary": "SUSE Bug 1237571 for CVE-2025-21704",
"url": "https://bugzilla.suse.com/1237571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: handle fastopen disconnect correctly\n\nSyzbot was able to trigger a data stream corruption:\n\n WARNING: CPU: 0 PID: 9846 at net/mptcp/protocol.c:1024 __mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Modules linked in:\n CPU: 0 UID: 0 PID: 9846 Comm: syz-executor351 Not tainted 6.13.0-rc2-syzkaller-00059-g00a5acdbf398 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024\n RIP: 0010:__mptcp_clean_una+0xddb/0xff0 net/mptcp/protocol.c:1024\n Code: fa ff ff 48 8b 4c 24 18 80 e1 07 fe c1 38 c1 0f 8c 8e fa ff ff 48 8b 7c 24 18 e8 e0 db 54 f6 e9 7f fa ff ff e8 e6 80 ee f5 90 \u003c0f\u003e 0b 90 4c 8b 6c 24 40 4d 89 f4 e9 04 f5 ff ff 44 89 f1 80 e1 07\n RSP: 0018:ffffc9000c0cf400 EFLAGS: 00010293\n RAX: ffffffff8bb0dd5a RBX: ffff888033f5d230 RCX: ffff888059ce8000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000c0cf518 R08: ffffffff8bb0d1dd R09: 1ffff110170c8928\n R10: dffffc0000000000 R11: ffffed10170c8929 R12: 0000000000000000\n R13: ffff888033f5d220 R14: dffffc0000000000 R15: ffff8880592b8000\n FS: 00007f6e866496c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f6e86f491a0 CR3: 00000000310e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup+0x7f/0x2d0 net/mptcp/protocol.c:1074\n mptcp_release_cb+0x7cb/0xb30 net/mptcp/protocol.c:3493\n release_sock+0x1aa/0x1f0 net/core/sock.c:3640\n inet_wait_for_connect net/ipv4/af_inet.c:609 [inline]\n __inet_stream_connect+0x8bd/0xf30 net/ipv4/af_inet.c:703\n mptcp_sendmsg_fastopen+0x2a2/0x530 net/mptcp/protocol.c:1755\n mptcp_sendmsg+0x1884/0x1b10 net/mptcp/protocol.c:1830\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x1a6/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f6e86ebfe69\n Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f6e86649168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f6e86f491b8 RCX: 00007f6e86ebfe69\n RDX: 0000000030004001 RSI: 0000000020000080 RDI: 0000000000000003\n RBP: 00007f6e86f491b0 R08: 00007f6e866496c0 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6e86f491bc\n R13: 000000000000006e R14: 00007ffe445d9420 R15: 00007ffe445d9508\n \u003c/TASK\u003e\n\nThe root cause is the bad handling of disconnect() generated internally\nby the MPTCP protocol in case of connect FASTOPEN errors.\n\nAddress the issue increasing the socket disconnect counter even on such\na case, to allow other threads waiting on the same socket lock to\nproperly error out.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21705",
"url": "https://www.suse.com/security/cve/CVE-2025-21705"
},
{
"category": "external",
"summary": "SUSE Bug 1238525 for CVE-2025-21705",
"url": "https://bugzilla.suse.com/1238525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21705"
},
{
"cve": "CVE-2025-21706",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21706"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: only set fullmesh for subflow endp\n\nWith the in-kernel path-manager, it is possible to change the \u0027fullmesh\u0027\nflag. The code in mptcp_pm_nl_fullmesh() expects to change it only on\n\u0027subflow\u0027 endpoints, to recreate more or less subflows using the linked\naddress.\n\nUnfortunately, the set_flags() hook was a bit more permissive, and\nallowed \u0027implicit\u0027 endpoints to get the \u0027fullmesh\u0027 flag while it is not\nallowed before.\n\nThat\u0027s what syzbot found, triggering the following warning:\n\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 __mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n WARNING: CPU: 0 PID: 6499 at net/mptcp/pm_netlink.c:1496 mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Modules linked in:\n CPU: 0 UID: 0 PID: 6499 Comm: syz.1.413 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_netlink.c:1496 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_netlink.c:1980 [inline]\n RIP: 0010:mptcp_nl_set_flags net/mptcp/pm_netlink.c:2003 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x974/0xdc0 net/mptcp/pm_netlink.c:2064\n Code: 01 00 00 49 89 c5 e8 fb 45 e8 f5 e9 b8 fc ff ff e8 f1 45 e8 f5 4c 89 f7 be 03 00 00 00 e8 44 1d 0b f9 eb a0 e8 dd 45 e8 f5 90 \u003c0f\u003e 0b 90 e9 17 ff ff ff 89 d9 80 e1 07 38 c1 0f 8c c9 fc ff ff 48\n RSP: 0018:ffffc9000d307240 EFLAGS: 00010293\n RAX: ffffffff8bb72e03 RBX: 0000000000000000 RCX: ffff88807da88000\n RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffc9000d307430 R08: ffffffff8bb72cf0 R09: 1ffff1100b842a5e\n R10: dffffc0000000000 R11: ffffed100b842a5f R12: ffff88801e2e5ac0\n R13: ffff88805c214800 R14: ffff88805c2152e8 R15: 1ffff1100b842a5d\n FS: 00005555619f6500(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020002840 CR3: 00000000247e6000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb14/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2542\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x8e4/0xcb0 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:726\n ____sys_sendmsg+0x52a/0x7e0 net/socket.c:2583\n ___sys_sendmsg net/socket.c:2637 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2669\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f5fe8785d29\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fff571f5558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f5fe8975fa0 RCX: 00007f5fe8785d29\n RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000007\n RBP: 00007f5fe8801b08 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 00007f5fe8975fa0 R14: 00007f5fe8975fa0 R15: 000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21706",
"url": "https://www.suse.com/security/cve/CVE-2025-21706"
},
{
"category": "external",
"summary": "SUSE Bug 1238528 for CVE-2025-21706",
"url": "https://bugzilla.suse.com/1238528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: consolidate suboption status\n\nMPTCP maintains the received sub-options status is the bitmask carrying\nthe received suboptions and in several bitfields carrying per suboption\nadditional info.\n\nZeroing the bitmask before parsing is not enough to ensure a consistent\nstatus, and the MPTCP code has to additionally clear some bitfiled\ndepending on the actually parsed suboption.\n\nThe above schema is fragile, and syzbot managed to trigger a path where\na relevant bitfield is not cleared/initialized:\n\n BUG: KMSAN: uninit-value in __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n BUG: KMSAN: uninit-value in mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n BUG: KMSAN: uninit-value in ack_update_msk net/mptcp/options.c:1060 [inline]\n BUG: KMSAN: uninit-value in mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n __mptcp_expand_seq net/mptcp/options.c:1030 [inline]\n mptcp_expand_seq net/mptcp/protocol.h:864 [inline]\n ack_update_msk net/mptcp/options.c:1060 [inline]\n mptcp_incoming_options+0x2036/0x3d30 net/mptcp/options.c:1209\n tcp_data_queue+0xb4/0x7be0 net/ipv4/tcp_input.c:5233\n tcp_rcv_established+0x1061/0x2510 net/ipv4/tcp_input.c:6264\n tcp_v4_do_rcv+0x7f3/0x11a0 net/ipv4/tcp_ipv4.c:1916\n tcp_v4_rcv+0x51df/0x5750 net/ipv4/tcp_ipv4.c:2351\n ip_protocol_deliver_rcu+0x2a3/0x13d0 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:460 [inline]\n ip_rcv_finish+0x4a2/0x520 net/ipv4/ip_input.c:447\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0xcd/0x380 net/ipv4/ip_input.c:567\n __netif_receive_skb_one_core net/core/dev.c:5704 [inline]\n __netif_receive_skb+0x319/0xa00 net/core/dev.c:5817\n process_backlog+0x4ad/0xa50 net/core/dev.c:6149\n __napi_poll+0xe7/0x980 net/core/dev.c:6902\n napi_poll net/core/dev.c:6971 [inline]\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:7093\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4493\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_hh_output include/net/neighbour.h:523 [inline]\n neigh_output include/net/neighbour.h:537 [inline]\n ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236\n __ip_finish_output+0x287/0x810\n ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434\n dst_output include/net/dst.h:450 [inline]\n ip_local_out net/ipv4/ip_output.c:130 [inline]\n __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536\n ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550\n __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1468\n tcp_transmit_skb net/ipv4/tcp_output.c:1486 [inline]\n tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2829\n __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3012\n tcp_send_fin+0x9f6/0xf50 net/ipv4/tcp_output.c:3618\n __tcp_close+0x140c/0x1550 net/ipv4/tcp.c:3130\n __mptcp_close_ssk+0x74e/0x16f0 net/mptcp/protocol.c:2496\n mptcp_close_ssk+0x26b/0x2c0 net/mptcp/protocol.c:2550\n mptcp_pm_nl_rm_addr_or_subflow+0x635/0xd10 net/mptcp/pm_netlink.c:889\n mptcp_pm_nl_rm_subflow_received net/mptcp/pm_netlink.c:924 [inline]\n mptcp_pm_flush_addrs_and_subflows net/mptcp/pm_netlink.c:1688 [inline]\n mptcp_nl_flush_addrs_list net/mptcp/pm_netlink.c:1709 [inline]\n mptcp_pm_nl_flush_addrs_doit+0xe10/0x1630 net/mptcp/pm_netlink.c:1750\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21707",
"url": "https://www.suse.com/security/cve/CVE-2025-21707"
},
{
"category": "external",
"summary": "SUSE Bug 1238862 for CVE-2025-21707",
"url": "https://bugzilla.suse.com/1238862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21707"
},
{
"cve": "CVE-2025-21708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: rtl8150: enable basic endpoint checking\n\nSyzkaller reports [1] encountering a common issue of utilizing a wrong\nusb endpoint type during URB submitting stage. This, in turn, triggers\na warning shown below.\n\nFor now, enable simple endpoint checking (specifically, bulk and\ninterrupt eps, testing control one is not essential) to mitigate\nthe issue with a view to do other related cosmetic changes later,\nif they are necessary.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 1 PID: 2586 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 driv\u003e\nModules linked in:\nCPU: 1 UID: 0 PID: 2586 Comm: dhcpcd Not tainted 6.11.0-rc4-syzkaller-00069-gfc88bb11617\u003e\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nCode: 84 3c 02 00 00 e8 05 e4 fc fc 4c 89 ef e8 fd 25 d7 fe 45 89 e0 89 e9 4c 89 f2 48 8\u003e\nRSP: 0018:ffffc9000441f740 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888112487a00 RCX: ffffffff811a99a9\nRDX: ffff88810df6ba80 RSI: ffffffff811a99b6 RDI: 0000000000000001\nRBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff8881023bf0a8 R14: ffff888112452a20 R15: ffff888112487a7c\nFS: 00007fc04eea5740(0000) GS:ffff8881f6300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f0a1de9f870 CR3: 000000010dbd0000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rtl8150_open+0x300/0xe30 drivers/net/usb/rtl8150.c:733\n __dev_open+0x2d4/0x4e0 net/core/dev.c:1474\n __dev_change_flags+0x561/0x720 net/core/dev.c:8838\n dev_change_flags+0x8f/0x160 net/core/dev.c:8910\n devinet_ioctl+0x127a/0x1f10 net/ipv4/devinet.c:1177\n inet_ioctl+0x3aa/0x3f0 net/ipv4/af_inet.c:1003\n sock_do_ioctl+0x116/0x280 net/socket.c:1222\n sock_ioctl+0x22e/0x6c0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl fs/ioctl.c:893 [inline]\n __x64_sys_ioctl+0x193/0x220 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fc04ef73d49\n...\n\nThis change has not been tested on real hardware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21708",
"url": "https://www.suse.com/security/cve/CVE-2025-21708"
},
{
"category": "external",
"summary": "SUSE Bug 1239087 for CVE-2025-21708",
"url": "https://bugzilla.suse.com/1239087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rose: prevent integer overflows in rose_setsockopt()\n\nIn case of possible unpredictably large arguments passed to\nrose_setsockopt() and multiplied by extra values on top of that,\ninteger overflows may occur.\n\nDo the safest minimum and fix these issues by checking the\ncontents of \u0027opt\u0027 and returning -EINVAL if they are too large. Also,\nswitch to unsigned int and remove useless check for negative \u0027opt\u0027\nin ROSE_IDLE case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21711",
"url": "https://www.suse.com/security/cve/CVE-2025-21711"
},
{
"category": "external",
"summary": "SUSE Bug 1239114 for CVE-2025-21711",
"url": "https://bugzilla.suse.com/1239114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP use after free\n\nPrevent double queueing of implicit ODP mr destroy work by using\n__xa_cmpxchg() to make sure this is the only time we are destroying this\nspecific mr.\n\nWithout this change, we could try to invalidate this mr twice, which in\nturn could result in queuing a MR work destroy twice, and eventually the\nsecond work could execute after the MR was freed due to the first work,\ncausing a user after free and trace below.\n\n refcount_t: underflow; use-after-free.\n WARNING: CPU: 2 PID: 12178 at lib/refcount.c:28 refcount_warn_saturate+0x12b/0x130\n Modules linked in: bonding ib_ipoib vfio_pci ip_gre geneve nf_tables ip6_gre gre ip6_tunnel tunnel6 ipip tunnel4 ib_umad rdma_ucm mlx5_vfio_pci vfio_pci_core vfio_iommu_type1 mlx5_ib vfio ib_uverbs mlx5_core iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\n CPU: 2 PID: 12178 Comm: kworker/u20:5 Not tainted 6.5.0-rc1_net_next_mlx5_58c644e #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events_unbound free_implicit_child_mr_work [mlx5_ib]\n RIP: 0010:refcount_warn_saturate+0x12b/0x130\n Code: 48 c7 c7 38 95 2a 82 c6 05 bc c6 fe 00 01 e8 0c 66 aa ff 0f 0b 5b c3 48 c7 c7 e0 94 2a 82 c6 05 a7 c6 fe 00 01 e8 f5 65 aa ff \u003c0f\u003e 0b 5b c3 90 8b 07 3d 00 00 00 c0 74 12 83 f8 01 74 13 8d 50 ff\n RSP: 0018:ffff8881008e3e40 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000027\n RDX: ffff88852c91b5c8 RSI: 0000000000000001 RDI: ffff88852c91b5c0\n RBP: ffff8881dacd4e00 R08: 00000000ffffffff R09: 0000000000000019\n R10: 000000000000072e R11: 0000000063666572 R12: ffff88812bfd9e00\n R13: ffff8881c792d200 R14: ffff88810011c005 R15: ffff8881002099c0\n FS: 0000000000000000(0000) GS:ffff88852c900000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f5694b5e000 CR3: 00000001153f6003 CR4: 0000000000370ea0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0x12b/0x130\n free_implicit_child_mr_work+0x180/0x1b0 [mlx5_ib]\n process_one_work+0x1cc/0x3c0\n worker_thread+0x218/0x3c0\n kthread+0xc6/0xf0\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21714",
"url": "https://www.suse.com/security/cve/CVE-2025-21714"
},
{
"category": "external",
"summary": "SUSE Bug 1237890 for CVE-2025-21714",
"url": "https://bugzilla.suse.com/1237890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21715",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21715"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: davicom: fix UAF in dm9000_drv_remove\n\ndm is netdev private data and it cannot be\nused after free_netdev() call. Using dm after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction.\n\nThis is similar to the issue fixed in commit\nad297cd2db89 (\"net: qcom/emac: fix UAF in emac_remove\").\n\nThis bug is detected by our static analysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21715",
"url": "https://www.suse.com/security/cve/CVE-2025-21715"
},
{
"category": "external",
"summary": "SUSE Bug 1237889 for CVE-2025-21715",
"url": "https://bugzilla.suse.com/1237889"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21715"
},
{
"cve": "CVE-2025-21716",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21716"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: Fix uninit-value in vxlan_vnifilter_dump()\n\nKMSAN reported an uninit-value access in vxlan_vnifilter_dump() [1].\n\nIf the length of the netlink message payload is less than\nsizeof(struct tunnel_msg), vxlan_vnifilter_dump() accesses bytes\nbeyond the message. This can lead to uninit-value access. Fix this by\nreturning an error in such situations.\n\n[1]\nBUG: KMSAN: uninit-value in vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n vxlan_vnifilter_dump+0x328/0x920 drivers/net/vxlan/vxlan_vnifilter.c:422\n rtnl_dumpit+0xd5/0x2f0 net/core/rtnetlink.c:6786\n netlink_dump+0x93e/0x15f0 net/netlink/af_netlink.c:2317\n __netlink_dump_start+0x716/0xd60 net/netlink/af_netlink.c:2432\n netlink_dump_start include/linux/netlink.h:340 [inline]\n rtnetlink_dump_start net/core/rtnetlink.c:6815 [inline]\n rtnetlink_rcv_msg+0x1256/0x14a0 net/core/rtnetlink.c:6882\n netlink_rcv_skb+0x467/0x660 net/netlink/af_netlink.c:2542\n rtnetlink_rcv+0x35/0x40 net/core/rtnetlink.c:6944\n netlink_unicast_kernel net/netlink/af_netlink.c:1321 [inline]\n netlink_unicast+0xed6/0x1290 net/netlink/af_netlink.c:1347\n netlink_sendmsg+0x1092/0x1230 net/netlink/af_netlink.c:1891\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:4110 [inline]\n slab_alloc_node mm/slub.c:4153 [inline]\n kmem_cache_alloc_node_noprof+0x800/0xe80 mm/slub.c:4205\n kmalloc_reserve+0x13b/0x4b0 net/core/skbuff.c:587\n __alloc_skb+0x347/0x7d0 net/core/skbuff.c:678\n alloc_skb include/linux/skbuff.h:1323 [inline]\n netlink_alloc_large_skb+0xa5/0x280 net/netlink/af_netlink.c:1196\n netlink_sendmsg+0xac9/0x1230 net/netlink/af_netlink.c:1866\n sock_sendmsg_nosec net/socket.c:711 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:726\n ____sys_sendmsg+0x7f4/0xb50 net/socket.c:2583\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2637\n __sys_sendmsg net/socket.c:2669 [inline]\n __do_sys_sendmsg net/socket.c:2674 [inline]\n __se_sys_sendmsg net/socket.c:2672 [inline]\n __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2672\n x64_sys_call+0x3878/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nCPU: 0 UID: 0 PID: 30991 Comm: syz.4.10630 Not tainted 6.12.0-10694-gc44daa7e3c73 #29\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21716",
"url": "https://www.suse.com/security/cve/CVE-2025-21716"
},
{
"category": "external",
"summary": "SUSE Bug 1237891 for CVE-2025-21716",
"url": "https://bugzilla.suse.com/1237891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21716"
},
{
"cve": "CVE-2025-21718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: fix timer races against user threads\n\nRose timers only acquire the socket spinlock, without\nchecking if the socket is owned by one user thread.\n\nAdd a check and rearm the timers if needed.\n\nBUG: KASAN: slab-use-after-free in rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\nRead of size 2 at addr ffff88802f09b82a by task swapper/0/0\n\nCPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.13.0-rc5-syzkaller-00172-gd1bf27c4e176 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n rose_timer_expiry+0x31d/0x360 net/rose/rose_timer.c:174\n call_timer_fn+0x187/0x650 kernel/time/timer.c:1793\n expire_timers kernel/time/timer.c:1844 [inline]\n __run_timers kernel/time/timer.c:2418 [inline]\n __run_timer_base+0x66a/0x8e0 kernel/time/timer.c:2430\n run_timer_base kernel/time/timer.c:2439 [inline]\n run_timer_softirq+0xb7/0x170 kernel/time/timer.c:2449\n handle_softirqs+0x2d4/0x9b0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21718",
"url": "https://www.suse.com/security/cve/CVE-2025-21718"
},
{
"category": "external",
"summary": "SUSE Bug 1239073 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239073"
},
{
"category": "external",
"summary": "SUSE Bug 1239074 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239074"
},
{
"category": "external",
"summary": "SUSE Bug 1239076 for CVE-2025-21718",
"url": "https://bugzilla.suse.com/1239076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21719",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21719"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmr: do not call mr_mfc_uses_dev() for unres entries\n\nsyzbot found that calling mr_mfc_uses_dev() for unres entries\nwould crash [1], because c-\u003emfc_un.res.minvif / c-\u003emfc_un.res.maxvif\nalias to \"struct sk_buff_head unresolved\", which contain two pointers.\n\nThis code never worked, lets remove it.\n\n[1]\nUnable to handle kernel paging request at virtual address ffff5fff2d536613\nKASAN: maybe wild-memory-access in range [0xfffefff96a9b3098-0xfffefff96a9b309f]\nModules linked in:\nCPU: 1 UID: 0 PID: 7321 Comm: syz.0.16 Not tainted 6.13.0-rc7-syzkaller-g1950a0af2d55 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline]\n pc : mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334\n lr : mr_mfc_uses_dev net/ipv4/ipmr_base.c:289 [inline]\n lr : mr_table_dump+0x694/0x8b0 net/ipv4/ipmr_base.c:334\nCall trace:\n mr_mfc_uses_dev net/ipv4/ipmr_base.c:290 [inline] (P)\n mr_table_dump+0x5a4/0x8b0 net/ipv4/ipmr_base.c:334 (P)\n mr_rtm_dumproute+0x254/0x454 net/ipv4/ipmr_base.c:382\n ipmr_rtm_dumproute+0x248/0x4b4 net/ipv4/ipmr.c:2648\n rtnl_dump_all+0x2e4/0x4e8 net/core/rtnetlink.c:4327\n rtnl_dumpit+0x98/0x1d0 net/core/rtnetlink.c:6791\n netlink_dump+0x4f0/0xbc0 net/netlink/af_netlink.c:2317\n netlink_recvmsg+0x56c/0xe64 net/netlink/af_netlink.c:1973\n sock_recvmsg_nosec net/socket.c:1033 [inline]\n sock_recvmsg net/socket.c:1055 [inline]\n sock_read_iter+0x2d8/0x40c net/socket.c:1125\n new_sync_read fs/read_write.c:484 [inline]\n vfs_read+0x740/0x970 fs/read_write.c:565\n ksys_read+0x15c/0x26c fs/read_write.c:708",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21719",
"url": "https://www.suse.com/security/cve/CVE-2025-21719"
},
{
"category": "external",
"summary": "SUSE Bug 1238860 for CVE-2025-21719",
"url": "https://bugzilla.suse.com/1238860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21723",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21723"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpi3mr: Fix possible crash when setting up bsg fails\n\nIf bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.\nConsequently, in mpi3mr_bsg_exit(), the condition \"if(!mrioc-\u003ebsg_queue)\"\nwill not be satisfied, preventing execution from entering\nbsg_remove_queue(), which could lead to the following crash:\n\nBUG: kernel NULL pointer dereference, address: 000000000000041c\nCall Trace:\n \u003cTASK\u003e\n mpi3mr_bsg_exit+0x1f/0x50 [mpi3mr]\n mpi3mr_remove+0x6f/0x340 [mpi3mr]\n pci_device_remove+0x3f/0xb0\n device_release_driver_internal+0x19d/0x220\n unbind_store+0xa4/0xb0\n kernfs_fop_write_iter+0x11f/0x200\n vfs_write+0x1fc/0x3e0\n ksys_write+0x67/0xe0\n do_syscall_64+0x38/0x80\n entry_SYSCALL_64_after_hwframe+0x78/0xe2",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21723",
"url": "https://www.suse.com/security/cve/CVE-2025-21723"
},
{
"category": "external",
"summary": "SUSE Bug 1238864 for CVE-2025-21723",
"url": "https://bugzilla.suse.com/1238864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21724"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()\n\nResolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index()\nwhere shifting the constant \"1\" (of type int) by bitmap-\u003emapped.pgshift\n(an unsigned long value) could result in undefined behavior.\n\nThe constant \"1\" defaults to a 32-bit \"int\", and when \"pgshift\" exceeds\n31 (e.g., pgshift = 63) the shift operation overflows, as the result\ncannot be represented in a 32-bit type.\n\nTo resolve this, the constant is updated to \"1UL\", promoting it to an\nunsigned long type to match the operand\u0027s type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21724",
"url": "https://www.suse.com/security/cve/CVE-2025-21724"
},
{
"category": "external",
"summary": "SUSE Bug 1238863 for CVE-2025-21724",
"url": "https://bugzilla.suse.com/1238863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix oops due to unset link speed\n\nIt isn\u0027t guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will always\nbe set by the server, so the client must handle any values and then\nprevent oopses like below from happening:\n\nOops: divide error: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 1323 Comm: cat Not tainted 6.13.0-rc7 #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nRIP: 0010:cifs_debug_data_proc_show+0xa45/0x1460 [cifs] Code: 00 00 48\n89 df e8 3b cd 1b c1 41 f6 44 24 2c 04 0f 84 50 01 00 00 48 89 ef e8\ne7 d0 1b c1 49 8b 44 24 18 31 d2 49 8d 7c 24 28 \u003c48\u003e f7 74 24 18 48 89\nc3 e8 6e cf 1b c1 41 8b 6c 24 28 49 8d 7c 24\nRSP: 0018:ffffc90001817be0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88811230022c RCX: ffffffffc041bd99\nRDX: 0000000000000000 RSI: 0000000000000567 RDI: ffff888112300228\nRBP: ffff888112300218 R08: fffff52000302f5f R09: ffffed1022fa58ac\nR10: ffff888117d2c566 R11: 00000000fffffffe R12: ffff888112300200\nR13: 000000012a15343f R14: 0000000000000001 R15: ffff888113f2db58\nFS: 00007fe27119e740(0000) GS:ffff888148600000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe2633c5000 CR3: 0000000124da0000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __die_body.cold+0x19/0x27\n ? die+0x2e/0x50\n ? do_trap+0x159/0x1b0\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? do_error_trap+0x90/0x130\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? exc_divide_error+0x39/0x50\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? asm_exc_divide_error+0x1a/0x20\n ? cifs_debug_data_proc_show+0xa39/0x1460 [cifs]\n ? cifs_debug_data_proc_show+0xa45/0x1460 [cifs]\n ? seq_read_iter+0x42e/0x790\n seq_read_iter+0x19a/0x790\n proc_reg_read_iter+0xbe/0x110\n ? __pfx_proc_reg_read_iter+0x10/0x10\n vfs_read+0x469/0x570\n ? do_user_addr_fault+0x398/0x760\n ? __pfx_vfs_read+0x10/0x10\n ? find_held_lock+0x8a/0xa0\n ? __pfx_lock_release+0x10/0x10\n ksys_read+0xd3/0x170\n ? __pfx_ksys_read+0x10/0x10\n ? __rcu_read_unlock+0x50/0x270\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe271288911\nCode: 00 48 8b 15 01 25 10 00 f7 d8 64 89 02 b8 ff ff ff ff eb bd e8\n20 ad 01 00 f3 0f 1e fa 80 3d b5 a7 10 00 00 74 13 31 c0 0f 05 \u003c48\u003e 3d\n00 f0 ff ff 77 4f c3 66 0f 1f 44 00 00 55 48 89 e5 48 83 ec\nRSP: 002b:00007ffe87c079d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\nRAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007fe271288911\nRDX: 0000000000040000 RSI: 00007fe2633c6000 RDI: 0000000000000003\nRBP: 00007ffe87c07a00 R08: 0000000000000000 R09: 00007fe2713e6380\nR10: 0000000000000022 R11: 0000000000000246 R12: 0000000000040000\nR13: 00007fe2633c6000 R14: 0000000000000003 R15: 0000000000000000\n \u003c/TASK\u003e\n\nFix this by setting cifs_server_iface::speed to a sane value (1Gbps)\nby default when link speed is unset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21725",
"url": "https://www.suse.com/security/cve/CVE-2025-21725"
},
{
"category": "external",
"summary": "SUSE Bug 1238877 for CVE-2025-21725",
"url": "https://bugzilla.suse.com/1238877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21725"
},
{
"cve": "CVE-2025-21726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: avoid UAF for reorder_work\n\nAlthough the previous patch can avoid ps and ps UAF for _do_serial, it\ncan not avoid potential UAF issue for reorder_work. This issue can\nhappen just as below:\n\ncrypto_request\t\t\tcrypto_request\t\tcrypto_del_alg\npadata_do_serial\n ...\n padata_reorder\n // processes all remaining\n // requests then breaks\n while (1) {\n if (!padata)\n break;\n ...\n }\n\n\t\t\t\tpadata_do_serial\n\t\t\t\t // new request added\n\t\t\t\t list_add\n // sees the new request\n queue_work(reorder_work)\n\t\t\t\t padata_reorder\n\t\t\t\t queue_work_on(squeue-\u003ework)\n...\n\n\t\t\t\t\u003ckworker context\u003e\n\t\t\t\tpadata_serial_worker\n\t\t\t\t// completes new request,\n\t\t\t\t// no more outstanding\n\t\t\t\t// requests\n\n\t\t\t\t\t\t\tcrypto_del_alg\n\t\t\t\t\t\t\t // free pd\n\n\u003ckworker context\u003e\ninvoke_padata_reorder\n // UAF of pd\n\nTo avoid UAF for \u0027reorder_work\u0027, get \u0027pd\u0027 ref before put \u0027reorder_work\u0027\ninto the \u0027serial_wq\u0027 and put \u0027pd\u0027 ref until the \u0027serial_wq\u0027 finish.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21726",
"url": "https://www.suse.com/security/cve/CVE-2025-21726"
},
{
"category": "external",
"summary": "SUSE Bug 1238865 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1238865"
},
{
"category": "external",
"summary": "SUSE Bug 1240837 for CVE-2025-21726",
"url": "https://bugzilla.suse.com/1240837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: fix UAF in padata_reorder\n\nA bug was found when run ltp test:\n\nBUG: KASAN: slab-use-after-free in padata_find_next+0x29/0x1a0\nRead of size 4 at addr ffff88bbfe003524 by task kworker/u113:2/3039206\n\nCPU: 0 PID: 3039206 Comm: kworker/u113:2 Kdump: loaded Not tainted 6.6.0+\nWorkqueue: pdecrypt_parallel padata_parallel_worker\nCall Trace:\n\u003cTASK\u003e\ndump_stack_lvl+0x32/0x50\nprint_address_description.constprop.0+0x6b/0x3d0\nprint_report+0xdd/0x2c0\nkasan_report+0xa5/0xd0\npadata_find_next+0x29/0x1a0\npadata_reorder+0x131/0x220\npadata_parallel_worker+0x3d/0xc0\nprocess_one_work+0x2ec/0x5a0\n\nIf \u0027mdelay(10)\u0027 is added before calling \u0027padata_find_next\u0027 in the\n\u0027padata_reorder\u0027 function, this issue could be reproduced easily with\nltp test (pcrypt_aead01).\n\nThis can be explained as bellow:\n\npcrypt_aead_encrypt\n...\npadata_do_parallel\nrefcount_inc(\u0026pd-\u003erefcnt); // add refcnt\n...\npadata_do_serial\npadata_reorder // pd\nwhile (1) {\npadata_find_next(pd, true); // using pd\nqueue_work_on\n...\npadata_serial_worker\t\t\t\tcrypto_del_alg\npadata_put_pd_cnt // sub refcnt\n\t\t\t\t\t\tpadata_free_shell\n\t\t\t\t\t\tpadata_put_pd(ps-\u003epd);\n\t\t\t\t\t\t// pd is freed\n// loop again, but pd is freed\n// call padata_find_next, UAF\n}\n\nIn the padata_reorder function, when it loops in \u0027while\u0027, if the alg is\ndeleted, the refcnt may be decreased to 0 before entering\n\u0027padata_find_next\u0027, which leads to UAF.\n\nAs mentioned in [1], do_serial is supposed to be called with BHs disabled\nand always happen under RCU protection, to address this issue, add\nsynchronize_rcu() in \u0027padata_free_shell\u0027 wait for all _do_serial calls\nto finish.\n\n[1] https://lore.kernel.org/all/20221028160401.cccypv4euxikusiq@parnassus.localdomain/\n[2] https://lore.kernel.org/linux-kernel/jfjz5d7zwbytztackem7ibzalm5lnxldi2eofeiczqmqs2m7o6@fq426cwnjtkm/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21727",
"url": "https://www.suse.com/security/cve/CVE-2025-21727"
},
{
"category": "external",
"summary": "SUSE Bug 1237876 for CVE-2025-21727",
"url": "https://bugzilla.suse.com/1237876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Send signals asynchronously if !preemptible\n\nBPF programs can execute in all kinds of contexts and when a program\nrunning in a non-preemptible context uses the bpf_send_signal() kfunc,\nit will cause issues because this kfunc can sleep.\nChange `irqs_disabled()` to `!preemptible()`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21728",
"url": "https://www.suse.com/security/cve/CVE-2025-21728"
},
{
"category": "external",
"summary": "SUSE Bug 1237879 for CVE-2025-21728",
"url": "https://bugzilla.suse.com/1237879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix race between cancel_hw_scan and hw_scan completion\n\nThe rtwdev-\u003escanning flag isn\u0027t protected by mutex originally, so\ncancel_hw_scan can pass the condition, but suddenly hw_scan completion\nunset the flag and calls ieee80211_scan_completed() that will free\nlocal-\u003ehw_scan_req. Then, cancel_hw_scan raises null-ptr-deref and\nuse-after-free. Fix it by moving the check condition to where\nprotected by mutex.\n\n KASAN: null-ptr-deref in range [0x0000000000000088-0x000000000000008f]\n CPU: 2 PID: 6922 Comm: kworker/2:2 Tainted: G OE\n Hardware name: LENOVO 2356AD1/2356AD1, BIOS G7ETB6WW (2.76 ) 09/10/2019\n Workqueue: events cfg80211_conn_work [cfg80211]\n RIP: 0010:rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n Code: 00 45 89 6c 24 1c 0f 85 23 01 00 00 48 8b 85 20 ff ff ff 48 8d\n RSP: 0018:ffff88811fd9f068 EFLAGS: 00010206\n RAX: dffffc0000000000 RBX: ffff88811fd9f258 RCX: 0000000000000001\n RDX: 0000000000000011 RSI: 0000000000000001 RDI: 0000000000000089\n RBP: ffff88811fd9f170 R08: 0000000000000000 R09: 0000000000000000\n R10: ffff88811fd9f108 R11: 0000000000000000 R12: ffff88810e47f960\n R13: 0000000000000000 R14: 000000000000ffff R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8881d6f00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007531dfca55b0 CR3: 00000001be296004 CR4: 00000000001706e0\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x61/0x73\n ? __die_body+0x20/0x73\n ? die_addr+0x4f/0x7b\n ? exc_general_protection+0x191/0x1db\n ? asm_exc_general_protection+0x27/0x30\n ? rtw89_fw_h2c_scan_offload_be+0xc33/0x13c3 [rtw89_core]\n ? rtw89_fw_h2c_scan_offload_be+0x458/0x13c3 [rtw89_core]\n ? __pfx_rtw89_fw_h2c_scan_offload_be+0x10/0x10 [rtw89_core]\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx_do_raw_spin_lock+0x10/0x10\n rtw89_hw_scan_offload+0xb5e/0xbf7 [rtw89_core]\n ? _raw_spin_unlock+0xe/0x24\n ? __mutex_lock.constprop.0+0x40c/0x471\n ? __pfx_rtw89_hw_scan_offload+0x10/0x10 [rtw89_core]\n ? __mutex_lock_slowpath+0x13/0x1f\n ? mutex_lock+0xa2/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n rtw89_hw_scan_abort+0x58/0xb7 [rtw89_core]\n rtw89_ops_cancel_hw_scan+0x120/0x13b [rtw89_core]\n ieee80211_scan_cancel+0x468/0x4d0 [mac80211]\n ieee80211_prep_connection+0x858/0x899 [mac80211]\n ieee80211_mgd_auth+0xbea/0xdde [mac80211]\n ? __pfx_ieee80211_mgd_auth+0x10/0x10 [mac80211]\n ? cfg80211_find_elem+0x15/0x29 [cfg80211]\n ? is_bss+0x1b7/0x1d7 [cfg80211]\n ieee80211_auth+0x18/0x27 [mac80211]\n cfg80211_mlme_auth+0x3bb/0x3e7 [cfg80211]\n cfg80211_conn_do_work+0x410/0xb81 [cfg80211]\n ? __pfx_cfg80211_conn_do_work+0x10/0x10 [cfg80211]\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? __kasan_check_write+0x14/0x22\n ? mutex_lock+0x8e/0xdc\n ? __pfx_mutex_lock+0x10/0x10\n ? __pfx___radix_tree_lookup+0x10/0x10\n cfg80211_conn_work+0x245/0x34d [cfg80211]\n ? __pfx_cfg80211_conn_work+0x10/0x10 [cfg80211]\n ? update_cfs_rq_load_avg+0x3bc/0x3d7\n ? sched_clock_noinstr+0x9/0x1a\n ? sched_clock+0x10/0x24\n ? sched_clock_cpu+0x7e/0x42e\n ? newidle_balance+0x796/0x937\n ? __pfx_sched_clock_cpu+0x10/0x10\n ? __pfx_newidle_balance+0x10/0x10\n ? __kasan_check_read+0x11/0x1f\n ? psi_group_change+0x8bc/0x944\n ? _raw_spin_unlock+0xe/0x24\n ? raw_spin_rq_unlock+0x47/0x54\n ? raw_spin_rq_unlock_irq+0x9/0x1f\n ? finish_task_switch.isra.0+0x347/0x586\n ? __schedule+0x27bf/0x2892\n ? mutex_unlock+0x80/0xd0\n ? do_raw_spin_lock+0x75/0xdb\n ? __pfx___schedule+0x10/0x10\n process_scheduled_works+0x58c/0x821\n worker_thread+0x4c7/0x586\n ? __kasan_check_read+0x11/0x1f\n kthread+0x285/0x294\n ? __pfx_worker_thread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x29/0x6f\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21729",
"url": "https://www.suse.com/security/cve/CVE-2025-21729"
},
{
"category": "external",
"summary": "SUSE Bug 1237874 for CVE-2025-21729",
"url": "https://bugzilla.suse.com/1237874"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21729"
},
{
"cve": "CVE-2025-21731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: don\u0027t allow reconnect after disconnect\n\nFollowing process can cause nbd_config UAF:\n\n1) grab nbd_config temporarily;\n\n2) nbd_genl_disconnect() flush all recv_work() and release the\ninitial reference:\n\n nbd_genl_disconnect\n nbd_disconnect_and_put\n nbd_disconnect\n flush_workqueue(nbd-\u003erecv_workq)\n if (test_and_clear_bit(NBD_RT_HAS_CONFIG_REF, ...))\n nbd_config_put\n -\u003e due to step 1), reference is still not zero\n\n3) nbd_genl_reconfigure() queue recv_work() again;\n\n nbd_genl_reconfigure\n config = nbd_get_config_unlocked(nbd)\n if (!config)\n -\u003e succeed\n if (!test_bit(NBD_RT_BOUND, ...))\n -\u003e succeed\n nbd_reconnect_socket\n queue_work(nbd-\u003erecv_workq, \u0026args-\u003ework)\n\n4) step 1) release the reference;\n\n5) Finially, recv_work() will trigger UAF:\n\n recv_work\n nbd_config_put(nbd)\n -\u003e nbd_config is freed\n atomic_dec(\u0026config-\u003erecv_threads)\n -\u003e UAF\n\nFix the problem by clearing NBD_RT_BOUND in nbd_genl_disconnect(), so\nthat nbd_genl_reconfigure() will fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21731",
"url": "https://www.suse.com/security/cve/CVE-2025-21731"
},
{
"category": "external",
"summary": "SUSE Bug 1237881 for CVE-2025-21731",
"url": "https://bugzilla.suse.com/1237881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error\n\nThis patch addresses a race condition for an ODP MR that can result in a\nCQE with an error on the UMR QP.\n\nDuring the __mlx5_ib_dereg_mr() flow, the following sequence of calls\noccurs:\n\nmlx5_revoke_mr()\n mlx5r_umr_revoke_mr()\n mlx5r_umr_post_send_wait()\n\nAt this point, the lkey is freed from the hardware\u0027s perspective.\n\nHowever, concurrently, mlx5_ib_invalidate_range() might be triggered by\nanother task attempting to invalidate a range for the same freed lkey.\n\nThis task will:\n - Acquire the umem_odp-\u003eumem_mutex lock.\n - Call mlx5r_umr_update_xlt() on the UMR QP.\n - Since the lkey has already been freed, this can lead to a CQE error,\n causing the UMR QP to enter an error state [1].\n\nTo resolve this race condition, the umem_odp-\u003eumem_mutex lock is now also\nacquired as part of the mlx5_revoke_mr() scope. Upon successful revoke,\nwe set umem_odp-\u003eprivate which points to that MR to NULL, preventing any\nfurther invalidation attempts on its lkey.\n\n[1] From dmesg:\n\n infiniband rocep8s0f0: dump_cqe:277:(pid 0): WC error: 6, Message: memory bind operation error\n cqe_dump: 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n cqe_dump: 00000030: 00 00 00 00 08 00 78 06 25 00 11 b9 00 0e dd d2\n\n WARNING: CPU: 15 PID: 1506 at drivers/infiniband/hw/mlx5/umr.c:394 mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n Modules linked in: ip6table_mangle ip6table_natip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_umad ib_ipoib ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\n CPU: 15 UID: 0 PID: 1506 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1626\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:mlx5r_umr_post_send_wait+0x15a/0x2b0 [mlx5_ib]\n [..]\n Call Trace:\n \u003cTASK\u003e\n mlx5r_umr_update_xlt+0x23c/0x3e0 [mlx5_ib]\n mlx5_ib_invalidate_range+0x2e1/0x330 [mlx5_ib]\n __mmu_notifier_invalidate_range_start+0x1e1/0x240\n zap_page_range_single+0xf1/0x1a0\n madvise_vma_behavior+0x677/0x6e0\n do_madvise+0x1a2/0x4b0\n __x64_sys_madvise+0x25/0x30\n do_syscall_64+0x6b/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21732",
"url": "https://www.suse.com/security/cve/CVE-2025-21732"
},
{
"category": "external",
"summary": "SUSE Bug 1237877 for CVE-2025-21732",
"url": "https://bugzilla.suse.com/1237877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/osnoise: Fix resetting of tracepoints\n\nIf a timerlat tracer is started with the osnoise option OSNOISE_WORKLOAD\ndisabled, but then that option is enabled and timerlat is removed, the\ntracepoints that were enabled on timerlat registration do not get\ndisabled. If the option is disabled again and timelat is started, then it\ntriggers a warning in the tracepoint code due to registering the\ntracepoint again without ever disabling it.\n\nDo not use the same user space defined options to know to disable the\ntracepoints when timerlat is removed. Instead, set a global flag when it\nis enabled and use that flag to know to disable the events.\n\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n ~# echo OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo nop \u003e /sys/kernel/tracing/current_tracer\n ~# echo NO_OSNOISE_WORKLOAD \u003e /sys/kernel/tracing/osnoise/options\n ~# echo timerlat \u003e /sys/kernel/tracing/current_tracer\n\nTriggers:\n\n ------------[ cut here ]------------\n WARNING: CPU: 6 PID: 1337 at kernel/tracepoint.c:294 tracepoint_add_func+0x3b6/0x3f0\n Modules linked in:\n CPU: 6 UID: 0 PID: 1337 Comm: rtla Not tainted 6.13.0-rc4-test-00018-ga867c441128e-dirty #73\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n RIP: 0010:tracepoint_add_func+0x3b6/0x3f0\n Code: 48 8b 53 28 48 8b 73 20 4c 89 04 24 e8 23 59 11 00 4c 8b 04 24 e9 36 fe ff ff 0f 0b b8 ea ff ff ff 45 84 e4 0f 84 68 fe ff ff \u003c0f\u003e 0b e9 61 fe ff ff 48 8b 7b 18 48 85 ff 0f 84 4f ff ff ff 49 8b\n RSP: 0018:ffffb9b003a87ca0 EFLAGS: 00010202\n RAX: 00000000ffffffef RBX: ffffffff92f30860 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff9bf59e91ccd0 RDI: ffffffff913b6410\n RBP: 000000000000000a R08: 00000000000005c7 R09: 0000000000000002\n R10: ffffb9b003a87ce0 R11: 0000000000000002 R12: 0000000000000001\n R13: ffffb9b003a87ce0 R14: ffffffffffffffef R15: 0000000000000008\n FS: 00007fce81209240(0000) GS:ffff9bf6fdd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055e99b728000 CR3: 00000001277c0002 CR4: 0000000000172ef0\n Call Trace:\n \u003cTASK\u003e\n ? __warn.cold+0xb7/0x14d\n ? tracepoint_add_func+0x3b6/0x3f0\n ? report_bug+0xea/0x170\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? tracepoint_add_func+0x3b6/0x3f0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n tracepoint_probe_register+0x78/0xb0\n ? __pfx_trace_sched_migrate_callback+0x10/0x10\n osnoise_workload_start+0x2b5/0x370\n timerlat_tracer_init+0x76/0x1b0\n tracing_set_tracer+0x244/0x400\n tracing_set_trace_write+0xa0/0xe0\n vfs_write+0xfc/0x570\n ? do_sys_openat2+0x9c/0xe0\n ksys_write+0x72/0xf0\n do_syscall_64+0x79/0x1c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21733",
"url": "https://www.suse.com/security/cve/CVE-2025-21733"
},
{
"category": "external",
"summary": "SUSE Bug 1238494 for CVE-2025-21733",
"url": "https://bugzilla.suse.com/1238494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: Fix copy buffer page size\n\nFor non-registered buffer, fastrpc driver copies the buffer and\npass it to the remote subsystem. There is a problem with current\nimplementation of page size calculation which is not considering\nthe offset in the calculation. This might lead to passing of\nimproper and out-of-bounds page size which could result in\nmemory issue. Calculate page start and page end using the offset\nadjusted address instead of absolute address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21734",
"url": "https://www.suse.com/security/cve/CVE-2025-21734"
},
{
"category": "external",
"summary": "SUSE Bug 1238734 for CVE-2025-21734",
"url": "https://bugzilla.suse.com/1238734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: nci: Add bounds checking in nci_hci_create_pipe()\n\nThe \"pipe\" variable is a u8 which comes from the network. If it\u0027s more\nthan 127, then it results in memory corruption in the caller,\nnci_hci_connect_gate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21735",
"url": "https://www.suse.com/security/cve/CVE-2025-21735"
},
{
"category": "external",
"summary": "SUSE Bug 1238497 for CVE-2025-21735",
"url": "https://bugzilla.suse.com/1238497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix possible int overflows in nilfs_fiemap()\n\nSince nilfs_bmap_lookup_contig() in nilfs_fiemap() calculates its result\nby being prepared to go through potentially maxblocks == INT_MAX blocks,\nthe value in n may experience an overflow caused by left shift of blkbits.\n\nWhile it is extremely unlikely to occur, play it safe and cast right hand\nexpression to wider type to mitigate the issue.\n\nFound by Linux Verification Center (linuxtesting.org) with static analysis\ntool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21736",
"url": "https://www.suse.com/security/cve/CVE-2025-21736"
},
{
"category": "external",
"summary": "SUSE Bug 1238715 for CVE-2025-21736",
"url": "https://bugzilla.suse.com/1238715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nata: libata-sff: Ensure that we cannot write outside the allocated buffer\n\nreveliofuzzing reported that a SCSI_IOCTL_SEND_COMMAND ioctl with out_len\nset to 0xd42, SCSI command set to ATA_16 PASS-THROUGH, ATA command set to\nATA_NOP, and protocol set to ATA_PROT_PIO, can cause ata_pio_sector() to\nwrite outside the allocated buffer, overwriting random memory.\n\nWhile a ATA device is supposed to abort a ATA_NOP command, there does seem\nto be a bug either in libata-sff or QEMU, where either this status is not\nset, or the status is cleared before read by ata_sff_hsm_move().\nAnyway, that is most likely a separate bug.\n\nLooking at __atapi_pio_bytes(), it already has a safety check to ensure\nthat __atapi_pio_bytes() cannot write outside the allocated buffer.\n\nAdd a similar check to ata_pio_sector(), such that also ata_pio_sector()\ncannot write outside the allocated buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21738",
"url": "https://www.suse.com/security/cve/CVE-2025-21738"
},
{
"category": "external",
"summary": "SUSE Bug 1238917 for CVE-2025-21738",
"url": "https://bugzilla.suse.com/1238917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: Fix use-after free in init error and remove paths\n\ndevm_blk_crypto_profile_init() registers a cleanup handler to run when\nthe associated (platform-) device is being released. For UFS, the\ncrypto private data and pointers are stored as part of the ufs_hba\u0027s\ndata structure \u0027struct ufs_hba::crypto_profile\u0027. This structure is\nallocated as part of the underlying ufshcd and therefore Scsi_host\nallocation.\n\nDuring driver release or during error handling in ufshcd_pltfrm_init(),\nthis structure is released as part of ufshcd_dealloc_host() before the\n(platform-) device associated with the crypto call above is released.\nOnce this device is released, the crypto cleanup code will run, using\nthe just-released \u0027struct ufs_hba::crypto_profile\u0027. This causes a\nuse-after-free situation:\n\n Call trace:\n kfree+0x60/0x2d8 (P)\n kvfree+0x44/0x60\n blk_crypto_profile_destroy_callback+0x28/0x70\n devm_action_release+0x1c/0x30\n release_nodes+0x6c/0x108\n devres_release_all+0x98/0x100\n device_unbind_cleanup+0x20/0x70\n really_probe+0x218/0x2d0\n\nIn other words, the initialisation code flow is:\n\n platform-device probe\n ufshcd_pltfrm_init()\n ufshcd_alloc_host()\n scsi_host_alloc()\n allocation of struct ufs_hba\n creation of scsi-host devices\n devm_blk_crypto_profile_init()\n devm registration of cleanup handler using platform-device\n\nand during error handling of ufshcd_pltfrm_init() or during driver\nremoval:\n\n ufshcd_dealloc_host()\n scsi_host_put()\n put_device(scsi-host)\n release of struct ufs_hba\n put_device(platform-device)\n crypto cleanup handler\n\nTo fix this use-after free, change ufshcd_alloc_host() to register a\ndevres action to automatically cleanup the underlying SCSI device on\nufshcd destruction, without requiring explicit calls to\nufshcd_dealloc_host(). This way:\n\n * the crypto profile and all other ufs_hba-owned resources are\n destroyed before SCSI (as they\u0027ve been registered after)\n * a memleak is plugged in tc-dwc-g210-pci.c remove() as a\n side-effect\n * EXPORT_SYMBOL_GPL(ufshcd_dealloc_host) can be removed fully as\n it\u0027s not needed anymore\n * no future drivers using ufshcd_alloc_host() could ever forget\n adding the cleanup",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21739",
"url": "https://www.suse.com/security/cve/CVE-2025-21739"
},
{
"category": "external",
"summary": "SUSE Bug 1238506 for CVE-2025-21739",
"url": "https://bugzilla.suse.com/1238506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21741"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix DPE OoB read\n\nFix an out-of-bounds DPE read, limit the number of processed DPEs to\nthe amount that fits into the fixed-size NDP16 header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21741",
"url": "https://www.suse.com/security/cve/CVE-2025-21741"
},
{
"category": "external",
"summary": "SUSE Bug 1238767 for CVE-2025-21741",
"url": "https://bugzilla.suse.com/1238767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: use static NDP16 location in URB\n\nOriginal code allowed for the start of NDP16 to be anywhere within the\nURB based on the `wNdpIndex` value in NTH16. Only the start position of\nNDP16 was checked, so it was possible for even the fixed-length part\nof NDP16 to extend past the end of URB, leading to an out-of-bounds\nread.\n\nOn iOS devices, the NDP16 header always directly follows NTH16. Rely on\nand check for this specific format.\n\nThis, along with NCM-specific minimal URB length check that already\nexists, will ensure that the fixed-length part of NDP16 plus a set\namount of DPEs fit within the URB.\n\nNote that this commit alone does not fully address the OoB read.\nThe limit on the amount of DPEs needs to be enforced separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21742",
"url": "https://www.suse.com/security/cve/CVE-2025-21742"
},
{
"category": "external",
"summary": "SUSE Bug 1238771 for CVE-2025-21742",
"url": "https://bugzilla.suse.com/1238771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21743"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: ipheth: fix possible overflow in DPE length check\n\nOriginally, it was possible for the DPE length check to overflow if\nwDatagramIndex + wDatagramLength \u003e U16_MAX. This could lead to an OoB\nread.\n\nMove the wDatagramIndex term to the other side of the inequality.\n\nAn existing condition ensures that wDatagramIndex \u003c urb-\u003eactual_length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21743",
"url": "https://www.suse.com/security/cve/CVE-2025-21743"
},
{
"category": "external",
"summary": "SUSE Bug 1238781 for CVE-2025-21743",
"url": "https://bugzilla.suse.com/1238781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()\n\nOn removal of the device or unloading of the kernel module a potential NULL\npointer dereference occurs.\n\nThe following sequence deletes the interface:\n\n brcmf_detach()\n brcmf_remove_interface()\n brcmf_del_if()\n\nInside the brcmf_del_if() function the drvr-\u003eif2bss[ifidx] is updated to\nBRCMF_BSSIDX_INVALID (-1) if the bsscfgidx matches.\n\nAfter brcmf_remove_interface() call the brcmf_proto_detach() function is\ncalled providing the following sequence:\n\n brcmf_detach()\n brcmf_proto_detach()\n brcmf_proto_msgbuf_detach()\n brcmf_flowring_detach()\n brcmf_msgbuf_delete_flowring()\n brcmf_msgbuf_remove_flowring()\n brcmf_flowring_delete()\n brcmf_get_ifp()\n brcmf_txfinalize()\n\nSince brcmf_get_ip() can and actually will return NULL in this case the\ncall to brcmf_txfinalize() will result in a NULL pointer dereference inside\nbrcmf_txfinalize() when trying to update ifp-\u003endev-\u003estats.tx_errors.\n\nThis will only happen if a flowring still has an skb.\n\nAlthough the NULL pointer dereference has only been seen when trying to\nupdate the tx statistic, all other uses of the ifp pointer have been\nguarded as well with an early return if ifp is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21744",
"url": "https://www.suse.com/security/cve/CVE-2025-21744"
},
{
"category": "external",
"summary": "SUSE Bug 1238903 for CVE-2025-21744",
"url": "https://bugzilla.suse.com/1238903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21745"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\n\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\nclass_dev_iter_(init|next)(), but does not end iterating with\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\n\nFix by ending the iterating with class_dev_iter_exit().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21745",
"url": "https://www.suse.com/security/cve/CVE-2025-21745"
},
{
"category": "external",
"summary": "SUSE Bug 1238785 for CVE-2025-21745",
"url": "https://bugzilla.suse.com/1238785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rose: lock the socket in rose_bind()\n\nsyzbot reported a soft lockup in rose_loopback_timer(),\nwith a repro calling bind() from multiple threads.\n\nrose_bind() must lock the socket to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21749",
"url": "https://www.suse.com/security/cve/CVE-2025-21749"
},
{
"category": "external",
"summary": "SUSE Bug 1238904 for CVE-2025-21749",
"url": "https://bugzilla.suse.com/1238904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "low"
}
],
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Check the return value of of_property_read_string_index()\n\nSomewhen between 6.10 and 6.11 the driver started to crash on my\nMacBookPro14,3. The property doesn\u0027t exist and \u0027tmp\u0027 remains\nuninitialized, so we pass a random pointer to devm_kstrdup().\n\nThe crash I am getting looks like this:\n\nBUG: unable to handle page fault for address: 00007f033c669379\nPF: supervisor read access in kernel mode\nPF: error_code(0x0001) - permissions violation\nPGD 8000000101341067 P4D 8000000101341067 PUD 101340067 PMD 1013bb067 PTE 800000010aee9025\nOops: Oops: 0001 [#1] SMP PTI\nCPU: 4 UID: 0 PID: 827 Comm: (udev-worker) Not tainted 6.11.8-gentoo #1\nHardware name: Apple Inc. MacBookPro14,3/Mac-551B86E5744E2388, BIOS 529.140.2.0.0 06/23/2024\nRIP: 0010:strlen+0x4/0x30\nCode: f7 75 ec 31 c0 c3 cc cc cc cc 48 89 f8 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c80\u003e 3f 00 74 14 48 89 f8 48 83 c0 01 80 38 00 75 f7 48 29 f8 c3 cc\nRSP: 0018:ffffb4aac0683ad8 EFLAGS: 00010202\nRAX: 00000000ffffffea RBX: 00007f033c669379 RCX: 0000000000000001\nRDX: 0000000000000cc0 RSI: 00007f033c669379 RDI: 00007f033c669379\nRBP: 00000000ffffffea R08: 0000000000000000 R09: 00000000c0ba916a\nR10: ffffffffffffffff R11: ffffffffb61ea260 R12: ffff91f7815b50c8\nR13: 0000000000000cc0 R14: ffff91fafefffe30 R15: ffffb4aac0683b30\nFS: 00007f033ccbe8c0(0000) GS:ffff91faeed00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f033c669379 CR3: 0000000107b1e004 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x149/0x4c0\n ? raw_spin_rq_lock_nested+0xe/0x20\n ? sched_balance_newidle+0x22b/0x3c0\n ? update_load_avg+0x78/0x770\n ? exc_page_fault+0x6f/0x150\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_pci_conf1_write+0x10/0x10\n ? strlen+0x4/0x30\n devm_kstrdup+0x25/0x70\n brcmf_of_probe+0x273/0x350 [brcmfmac]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21750",
"url": "https://www.suse.com/security/cve/CVE-2025-21750"
},
{
"category": "external",
"summary": "SUSE Bug 1238905 for CVE-2025-21750",
"url": "https://bugzilla.suse.com/1238905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix use-after-free when attempting to join an aborted transaction\n\nWhen we are trying to join the current transaction and if it\u0027s aborted,\nwe read its \u0027aborted\u0027 field after unlocking fs_info-\u003etrans_lock and\nwithout holding any extra reference count on it. This means that a\nconcurrent task that is aborting the transaction may free the transaction\nbefore we read its \u0027aborted\u0027 field, leading to a use-after-free.\n\nFix this by reading the \u0027aborted\u0027 field while holding fs_info-\u003etrans_lock\nsince any freeing task must first acquire that lock and set\nfs_info-\u003erunning_transaction to NULL before freeing the transaction.\n\nThis was reported by syzbot and Dmitry with the following stack traces\nfrom KASAN:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n Read of size 4 at addr ffff888011839024 by task kworker/u4:9/1128\n\n CPU: 0 UID: 0 PID: 1128 Comm: kworker/u4:9 Not tainted 6.13.0-rc7-syzkaller-00019-gc45323b7560e #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Workqueue: events_unbound btrfs_async_reclaim_data_space\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n join_transaction+0xd9b/0xda0 fs/btrfs/transaction.c:278\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n flush_space+0x448/0xcf0 fs/btrfs/space-info.c:803\n btrfs_async_reclaim_data_space+0x159/0x510 fs/btrfs/space-info.c:1321\n process_one_work kernel/workqueue.c:3236 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3317\n worker_thread+0x870/0xd30 kernel/workqueue.c:3398\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\n Allocated by task 5315:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n join_transaction+0x144/0xda0 fs/btrfs/transaction.c:308\n start_transaction+0xaf8/0x1670 fs/btrfs/transaction.c:697\n btrfs_create_common+0x1b2/0x2e0 fs/btrfs/inode.c:6572\n lookup_open fs/namei.c:3649 [inline]\n open_last_lookups fs/namei.c:3748 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3984\n do_filp_open+0x27f/0x4e0 fs/namei.c:4014\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1402\n do_sys_open fs/open.c:1417 [inline]\n __do_sys_creat fs/open.c:1495 [inline]\n __se_sys_creat fs/open.c:1489 [inline]\n __x64_sys_creat+0x123/0x170 fs/open.c:1489\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Freed by task 5336:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n cleanup_transaction fs/btrfs/transaction.c:2063 [inline]\n btrfs_commit_transaction+0x2c97/0x3720 fs/btrfs/transaction.c:2598\n insert_balance_item+0x1284/0x20b0 fs/btrfs/volumes.c:3757\n btrfs_balance+0x992/\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21753",
"url": "https://www.suse.com/security/cve/CVE-2025-21753"
},
{
"category": "external",
"summary": "SUSE Bug 1237875 for CVE-2025-21753",
"url": "https://bugzilla.suse.com/1237875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix assertion failure when splitting ordered extent after transaction abort\n\nIf while we are doing a direct IO write a transaction abort happens, we\nmark all existing ordered extents with the BTRFS_ORDERED_IOERR flag (done\nat btrfs_destroy_ordered_extents()), and then after that if we enter\nbtrfs_split_ordered_extent() and the ordered extent has bytes left\n(meaning we have a bio that doesn\u0027t cover the whole ordered extent, see\ndetails at btrfs_extract_ordered_extent()), we will fail on the following\nassertion at btrfs_split_ordered_extent():\n\n ASSERT(!(flags \u0026 ~BTRFS_ORDERED_TYPE_FLAGS));\n\nbecause the BTRFS_ORDERED_IOERR flag is set and the definition of\nBTRFS_ORDERED_TYPE_FLAGS is just the union of all flags that identify the\ntype of write (regular, nocow, prealloc, compressed, direct IO, encoded).\n\nFix this by returning an error from btrfs_extract_ordered_extent() if we\nfind the BTRFS_ORDERED_IOERR flag in the ordered extent. The error will\nbe the error that resulted in the transaction abort or -EIO if no\ntransaction abort happened.\n\nThis was recently reported by syzbot with the following trace:\n\n FAULT_INJECTION: forcing a failure.\n name failslab, interval 1, probability 0, space 0, times 1\n CPU: 0 UID: 0 PID: 5321 Comm: syz.0.0 Not tainted 6.13.0-rc5-syzkaller #0\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n fail_dump lib/fault-inject.c:53 [inline]\n should_fail_ex+0x3b0/0x4e0 lib/fault-inject.c:154\n should_failslab+0xac/0x100 mm/failslab.c:46\n slab_pre_alloc_hook mm/slub.c:4072 [inline]\n slab_alloc_node mm/slub.c:4148 [inline]\n __do_kmalloc_node mm/slub.c:4297 [inline]\n __kmalloc_noprof+0xdd/0x4c0 mm/slub.c:4310\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n btrfs_chunk_alloc_add_chunk_item+0x244/0x1100 fs/btrfs/volumes.c:5742\n reserve_chunk_space+0x1ca/0x2c0 fs/btrfs/block-group.c:4292\n check_system_chunk fs/btrfs/block-group.c:4319 [inline]\n do_chunk_alloc fs/btrfs/block-group.c:3891 [inline]\n btrfs_chunk_alloc+0x77b/0xf80 fs/btrfs/block-group.c:4187\n find_free_extent_update_loop fs/btrfs/extent-tree.c:4166 [inline]\n find_free_extent+0x42d1/0x5810 fs/btrfs/extent-tree.c:4579\n btrfs_reserve_extent+0x422/0x810 fs/btrfs/extent-tree.c:4672\n btrfs_new_extent_direct fs/btrfs/direct-io.c:186 [inline]\n btrfs_get_blocks_direct_write+0x706/0xfa0 fs/btrfs/direct-io.c:321\n btrfs_dio_iomap_begin+0xbb7/0x1180 fs/btrfs/direct-io.c:525\n iomap_iter+0x697/0xf60 fs/iomap/iter.c:90\n __iomap_dio_rw+0xeb9/0x25b0 fs/iomap/direct-io.c:702\n btrfs_dio_write fs/btrfs/direct-io.c:775 [inline]\n btrfs_direct_write+0x610/0xa30 fs/btrfs/direct-io.c:880\n btrfs_do_write_iter+0x2a0/0x760 fs/btrfs/file.c:1397\n do_iter_readv_writev+0x600/0x880\n vfs_writev+0x376/0xba0 fs/read_write.c:1050\n do_pwritev fs/read_write.c:1146 [inline]\n __do_sys_pwritev2 fs/read_write.c:1204 [inline]\n __se_sys_pwritev2+0x196/0x2b0 fs/read_write.c:1195\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f1281f85d29\n RSP: 002b:00007f12819fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148\n RAX: ffffffffffffffda RBX: 00007f1282176080 RCX: 00007f1281f85d29\n RDX: 0000000000000001 RSI: 0000000020000240 RDI: 0000000000000005\n RBP: 00007f12819fe090 R08: 0000000000000000 R09: 0000000000000003\n R10: 0000000000007000 R11: 0000000000000246 R12: 0000000000000002\n R13: 0000000000000000 R14: 00007f1282176080 R15: 00007ffcb9e23328\n \u003c/TASK\u003e\n BTRFS error (device loop0 state A): Transaction aborted (error -12)\n BTRFS: error (device loop0 state A\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21754",
"url": "https://www.suse.com/security/cve/CVE-2025-21754"
},
{
"category": "external",
"summary": "SUSE Bug 1238496 for CVE-2025-21754",
"url": "https://bugzilla.suse.com/1238496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21755"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21755",
"url": "https://www.suse.com/security/cve/CVE-2025-21755"
},
{
"category": "external",
"summary": "SUSE Bug 1237882 for CVE-2025-21755",
"url": "https://bugzilla.suse.com/1237882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21755"
},
{
"cve": "CVE-2025-21756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock: Keep the binding until socket destruction\n\nPreserve sockets bindings; this includes both resulting from an explicit\nbind() and those implicitly bound through autobind during connect().\n\nPrevents socket unbinding during a transport reassignment, which fixes a\nuse-after-free:\n\n 1. vsock_create() (refcnt=1) calls vsock_insert_unbound() (refcnt=2)\n 2. transport-\u003erelease() calls vsock_remove_bound() without checking if\n sk was bound and moved to bound list (refcnt=1)\n 3. vsock_bind() assumes sk is in unbound list and before\n __vsock_insert_bound(vsock_bound_sockets()) calls\n __vsock_remove_bound() which does:\n list_del_init(\u0026vsk-\u003ebound_table); // nop\n sock_put(\u0026vsk-\u003esk); // refcnt=0\n\nBUG: KASAN: slab-use-after-free in __vsock_bind+0x62e/0x730\nRead of size 4 at addr ffff88816b46a74c by task a.out/2057\n dump_stack_lvl+0x68/0x90\n print_report+0x174/0x4f6\n kasan_report+0xb9/0x190\n __vsock_bind+0x62e/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAllocated by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n __kasan_slab_alloc+0x85/0x90\n kmem_cache_alloc_noprof+0x131/0x450\n sk_prot_alloc+0x5b/0x220\n sk_alloc+0x2c/0x870\n __vsock_create.constprop.0+0x2e/0xb60\n vsock_create+0xe4/0x420\n __sock_create+0x241/0x650\n __sys_socket+0xf2/0x1a0\n __x64_sys_socket+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2057:\n kasan_save_stack+0x1e/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x37/0x60\n __kasan_slab_free+0x4b/0x70\n kmem_cache_free+0x1a1/0x590\n __sk_destruct+0x388/0x5a0\n __vsock_bind+0x5e1/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:25 refcount_warn_saturate+0xce/0x150\nRIP: 0010:refcount_warn_saturate+0xce/0x150\n __vsock_bind+0x66d/0x730\n vsock_bind+0x97/0xe0\n __sys_bind+0x154/0x1f0\n __x64_sys_bind+0x6e/0xb0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 7 PID: 2057 at lib/refcount.c:28 refcount_warn_saturate+0xee/0x150\nRIP: 0010:refcount_warn_saturate+0xee/0x150\n vsock_remove_bound+0x187/0x1e0\n __vsock_release+0x383/0x4a0\n vsock_release+0x90/0x120\n __sock_release+0xa3/0x250\n sock_close+0x14/0x20\n __fput+0x359/0xa80\n task_work_run+0x107/0x1d0\n do_exit+0x847/0x2560\n do_group_exit+0xb8/0x250\n __x64_sys_exit_group+0x3a/0x50\n x64_sys_call+0xfec/0x14f0\n do_syscall_64+0x93/0x1b0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21756",
"url": "https://www.suse.com/security/cve/CVE-2025-21756"
},
{
"category": "external",
"summary": "SUSE Bug 1238876 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1238876"
},
{
"category": "external",
"summary": "SUSE Bug 1245795 for CVE-2025-21756",
"url": "https://bugzilla.suse.com/1245795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: add RCU protection to mld_newpack()\n\nmld_newpack() can be called without RTNL or RCU being held.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21758",
"url": "https://www.suse.com/security/cve/CVE-2025-21758"
},
{
"category": "external",
"summary": "SUSE Bug 1238737 for CVE-2025-21758",
"url": "https://bugzilla.suse.com/1238737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: mcast: extend RCU protection in igmp6_send()\n\nigmp6_send() can be called without RTNL or RCU being held.\n\nExtend RCU protection so that we can safely fetch the net pointer\nand avoid a potential UAF.\n\nNote that we no longer can use sock_alloc_send_skb() because\nipv6.igmp_sk uses GFP_KERNEL allocations which can sleep.\n\nInstead use alloc_skb() and charge the net-\u003eipv6.igmp_sk\nsocket under RCU protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21759",
"url": "https://www.suse.com/security/cve/CVE-2025-21759"
},
{
"category": "external",
"summary": "SUSE Bug 1238738 for CVE-2025-21759",
"url": "https://bugzilla.suse.com/1238738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: extend RCU protection in ndisc_send_skb()\n\nndisc_send_skb() can be called without RTNL or RCU held.\n\nAcquire rcu_read_lock() earlier, so that we can use dev_net_rcu()\nand avoid a potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21760",
"url": "https://www.suse.com/security/cve/CVE-2025-21760"
},
{
"category": "external",
"summary": "SUSE Bug 1238763 for CVE-2025-21760",
"url": "https://bugzilla.suse.com/1238763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: use RCU protection in ovs_vport_cmd_fill_info()\n\novs_vport_cmd_fill_info() can be called without RTNL or RCU.\n\nUse RCU protection and dev_net_rcu() to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21761",
"url": "https://www.suse.com/security/cve/CVE-2025-21761"
},
{
"category": "external",
"summary": "SUSE Bug 1238775 for CVE-2025-21761",
"url": "https://bugzilla.suse.com/1238775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: use RCU protection in arp_xmit()\n\narp_xmit() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21762",
"url": "https://www.suse.com/security/cve/CVE-2025-21762"
},
{
"category": "external",
"summary": "SUSE Bug 1238780 for CVE-2025-21762",
"url": "https://bugzilla.suse.com/1238780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nneighbour: use RCU protection in __neigh_notify()\n\n__neigh_notify() can be called without RTNL or RCU protection.\n\nUse RCU protection to avoid potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21763",
"url": "https://www.suse.com/security/cve/CVE-2025-21763"
},
{
"category": "external",
"summary": "SUSE Bug 1237897 for CVE-2025-21763",
"url": "https://bugzilla.suse.com/1237897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nndisc: use RCU protection in ndisc_alloc_skb()\n\nndisc_alloc_skb() can be called without RTNL or RCU being held.\n\nAdd RCU protection to avoid possible UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21764",
"url": "https://www.suse.com/security/cve/CVE-2025-21764"
},
{
"category": "external",
"summary": "SUSE Bug 1237885 for CVE-2025-21764",
"url": "https://bugzilla.suse.com/1237885"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: use RCU protection in ip6_default_advmss()\n\nip6_default_advmss() needs rcu protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21765",
"url": "https://www.suse.com/security/cve/CVE-2025-21765"
},
{
"category": "external",
"summary": "SUSE Bug 1237906 for CVE-2025-21765",
"url": "https://bugzilla.suse.com/1237906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: use RCU protection in __ip_rt_update_pmtu()\n\n__ip_rt_update_pmtu() must use RCU protection to make\nsure the net structure it reads does not disappear.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21766",
"url": "https://www.suse.com/security/cve/CVE-2025-21766"
},
{
"category": "external",
"summary": "SUSE Bug 1238754 for CVE-2025-21766",
"url": "https://bugzilla.suse.com/1238754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context\n\nThe following bug report happened with a PREEMPT_RT kernel:\n\n BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48\n in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog\n preempt_count: 1, expected: 0\n RCU nest depth: 0, expected: 0\n get_random_u32+0x4f/0x110\n clocksource_verify_choose_cpus+0xab/0x1a0\n clocksource_verify_percpu.part.0+0x6b/0x330\n clocksource_watchdog_kthread+0x193/0x1a0\n\nIt is due to the fact that clocksource_verify_choose_cpus() is invoked with\npreemption disabled. This function invokes get_random_u32() to obtain\nrandom numbers for choosing CPUs. The batched_entropy_32 local lock and/or\nthe base_crng.lock spinlock in driver/char/random.c will be acquired during\nthe call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot\nbe acquired in atomic context.\n\nFix this problem by using migrate_disable() to allow smp_processor_id() to\nbe reliably used without introducing atomic context. preempt_disable() is\nthen called after clocksource_verify_choose_cpus() but before the\nclocksource measurement is being run to avoid introducing unexpected\nlatency.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21767",
"url": "https://www.suse.com/security/cve/CVE-2025-21767"
},
{
"category": "external",
"summary": "SUSE Bug 1238509 for CVE-2025-21767",
"url": "https://bugzilla.suse.com/1238509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels\n\nSome lwtunnels have a dst cache for post-transformation dst.\nIf the packet destination did not change we may end up recording\na reference to the lwtunnel in its own cache, and the lwtunnel\nstate will never be freed.\n\nDiscovered by the ioam6.sh test, kmemleak was recently fixed\nto catch per-cpu memory leaks. I\u0027m not sure if rpl and seg6\ncan actually hit this, but in principle I don\u0027t see why not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21768",
"url": "https://www.suse.com/security/cve/CVE-2025-21768"
},
{
"category": "external",
"summary": "SUSE Bug 1238714 for CVE-2025-21768",
"url": "https://bugzilla.suse.com/1238714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21768"
},
{
"cve": "CVE-2025-21772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npartitions: mac: fix handling of bogus partition table\n\nFix several issues in partition probing:\n\n - The bailout for a bad partoffset must use put_dev_sector(), since the\n preceding read_part_sector() succeeded.\n - If the partition table claims a silly sector size like 0xfff bytes\n (which results in partition table entries straddling sector boundaries),\n bail out instead of accessing out-of-bounds memory.\n - We must not assume that the partition table contains proper NUL\n termination - use strnlen() and strncmp() instead of strlen() and\n strcmp().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21772",
"url": "https://www.suse.com/security/cve/CVE-2025-21772"
},
{
"category": "external",
"summary": "SUSE Bug 1238911 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238911"
},
{
"category": "external",
"summary": "SUSE Bug 1238912 for CVE-2025-21772",
"url": "https://bugzilla.suse.com/1238912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: fix potential NULL pointer dereference on udev-\u003eserial\n\nThe driver assumed that es58x_dev-\u003eudev-\u003eserial could never be NULL.\nWhile this is true on commercially available devices, an attacker\ncould spoof the device identity providing a NULL USB serial number.\nThat would trigger a NULL pointer dereference.\n\nAdd a check on es58x_dev-\u003eudev-\u003eserial before accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21773",
"url": "https://www.suse.com/security/cve/CVE-2025-21773"
},
{
"category": "external",
"summary": "SUSE Bug 1238762 for CVE-2025-21773",
"url": "https://bugzilla.suse.com/1238762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ctucanfd: handle skb allocation failure\n\nIf skb allocation fails, the pointer to struct can_frame is NULL. This\nis actually handled everywhere inside ctucan_err_interrupt() except for\nthe only place.\n\nAdd the missed NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21775",
"url": "https://www.suse.com/security/cve/CVE-2025-21775"
},
{
"category": "external",
"summary": "SUSE Bug 1238501 for CVE-2025-21775",
"url": "https://bugzilla.suse.com/1238501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: hub: Ignore non-compliant devices with too many configs or interfaces\n\nRobert Morris created a test program which can cause\nusb_hub_to_struct_hub() to dereference a NULL or inappropriate\npointer:\n\nOops: general protection fault, probably for non-canonical address\n0xcccccccccccccccc: 0000 [#1] SMP DEBUG_PAGEALLOC PTI\nCPU: 7 UID: 0 PID: 117 Comm: kworker/7:1 Not tainted 6.13.0-rc3-00017-gf44d154d6e3d #14\nHardware name: FreeBSD BHYVE/BHYVE, BIOS 14.0 10/17/2021\nWorkqueue: usb_hub_wq hub_event\nRIP: 0010:usb_hub_adjust_deviceremovable+0x78/0x110\n...\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x31/0x80\n ? exc_general_protection+0x1b4/0x3c0\n ? asm_exc_general_protection+0x26/0x30\n ? usb_hub_adjust_deviceremovable+0x78/0x110\n hub_probe+0x7c7/0xab0\n usb_probe_interface+0x14b/0x350\n really_probe+0xd0/0x2d0\n ? __pfx___device_attach_driver+0x10/0x10\n __driver_probe_device+0x6e/0x110\n driver_probe_device+0x1a/0x90\n __device_attach_driver+0x7e/0xc0\n bus_for_each_drv+0x7f/0xd0\n __device_attach+0xaa/0x1a0\n bus_probe_device+0x8b/0xa0\n device_add+0x62e/0x810\n usb_set_configuration+0x65d/0x990\n usb_generic_driver_probe+0x4b/0x70\n usb_probe_device+0x36/0xd0\n\nThe cause of this error is that the device has two interfaces, and the\nhub driver binds to interface 1 instead of interface 0, which is where\nusb_hub_to_struct_hub() looks.\n\nWe can prevent the problem from occurring by refusing to accept hub\ndevices that violate the USB spec by having more than one\nconfiguration or interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21776",
"url": "https://www.suse.com/security/cve/CVE-2025-21776"
},
{
"category": "external",
"summary": "SUSE Bug 1238909 for CVE-2025-21776",
"url": "https://bugzilla.suse.com/1238909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Reject Hyper-V\u0027s SEND_IPI hypercalls if local APIC isn\u0027t in-kernel\n\nAdvertise support for Hyper-V\u0027s SEND_IPI and SEND_IPI_EX hypercalls if and\nonly if the local API is emulated/virtualized by KVM, and explicitly reject\nsaid hypercalls if the local APIC is emulated in userspace, i.e. don\u0027t rely\non userspace to opt-in to KVM_CAP_HYPERV_ENFORCE_CPUID.\n\nRejecting SEND_IPI and SEND_IPI_EX fixes a NULL-pointer dereference if\nHyper-V enlightenments are exposed to the guest without an in-kernel local\nAPIC:\n\n dump_stack+0xbe/0xfd\n __kasan_report.cold+0x34/0x84\n kasan_report+0x3a/0x50\n __apic_accept_irq+0x3a/0x5c0\n kvm_hv_send_ipi.isra.0+0x34e/0x820\n kvm_hv_hypercall+0x8d9/0x9d0\n kvm_emulate_hypercall+0x506/0x7e0\n __vmx_handle_exit+0x283/0xb60\n vmx_handle_exit+0x1d/0xd0\n vcpu_enter_guest+0x16b0/0x24c0\n vcpu_run+0xc0/0x550\n kvm_arch_vcpu_ioctl_run+0x170/0x6d0\n kvm_vcpu_ioctl+0x413/0xb20\n __se_sys_ioctl+0x111/0x160\n do_syscal1_64+0x30/0x40\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nNote, checking the sending vCPU is sufficient, as the per-VM irqchip_mode\ncan\u0027t be modified after vCPUs are created, i.e. if one vCPU has an\nin-kernel local APIC, then all vCPUs have an in-kernel local APIC.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21779",
"url": "https://www.suse.com/security/cve/CVE-2025-21779"
},
{
"category": "external",
"summary": "SUSE Bug 1238768 for CVE-2025-21779",
"url": "https://bugzilla.suse.com/1238768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()\n\nIt malicious user provides a small pptable through sysfs and then\na bigger pptable, it may cause buffer overflow attack in function\nsmu_sys_set_pp_table().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21780",
"url": "https://www.suse.com/security/cve/CVE-2025-21780"
},
{
"category": "external",
"summary": "SUSE Bug 1239115 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239115"
},
{
"category": "external",
"summary": "SUSE Bug 1239116 for CVE-2025-21780",
"url": "https://bugzilla.suse.com/1239116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix panic during interface removal\n\nReference counting is used to ensure that\nbatadv_hardif_neigh_node and batadv_hard_iface\nare not freed before/during\nbatadv_v_elp_throughput_metric_update work is\nfinished.\n\nBut there isn\u0027t a guarantee that the hard if will\nremain associated with a soft interface up until\nthe work is finished.\n\nThis fixes a crash triggered by reboot that looks\nlike this:\n\nCall trace:\n batadv_v_mesh_free+0xd0/0x4dc [batman_adv]\n batadv_v_elp_throughput_metric_update+0x1c/0xa4\n process_one_work+0x178/0x398\n worker_thread+0x2e8/0x4d0\n kthread+0xd8/0xdc\n ret_from_fork+0x10/0x20\n\n(the batadv_v_mesh_free call is misleading,\nand does not actually happen)\n\nI was able to make the issue happen more reliably\nby changing hardif_neigh-\u003ebat_v.metric_work work\nto be delayed work. This allowed me to track down\nand confirm the fix.\n\n[sven@narfation.org: prevent entering batadv_v_elp_get_throughput without\n soft_iface]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21781",
"url": "https://www.suse.com/security/cve/CVE-2025-21781"
},
{
"category": "external",
"summary": "SUSE Bug 1238735 for CVE-2025-21781",
"url": "https://bugzilla.suse.com/1238735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\norangefs: fix a oob in orangefs_debug_write\n\nI got a syzbot report: slab-out-of-bounds Read in\norangefs_debug_write... several people suggested fixes,\nI tested Al Viro\u0027s suggestion and made this patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21782",
"url": "https://www.suse.com/security/cve/CVE-2025-21782"
},
{
"category": "external",
"summary": "SUSE Bug 1239117 for CVE-2025-21782",
"url": "https://bugzilla.suse.com/1239117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: bail out when failed to load fw in psp_init_cap_microcode()\n\nIn function psp_init_cap_microcode(), it should bail out when failed to\nload firmware, otherwise it may cause invalid memory access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21784",
"url": "https://www.suse.com/security/cve/CVE-2025-21784"
},
{
"category": "external",
"summary": "SUSE Bug 1238510 for CVE-2025-21784",
"url": "https://bugzilla.suse.com/1238510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array\n\nThe loop that detects/populates cache information already has a bounds\ncheck on the array size but does not account for cache levels with\nseparate data/instructions cache. Fix this by incrementing the index\nfor any populated leaf (instead of any populated level).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21785",
"url": "https://www.suse.com/security/cve/CVE-2025-21785"
},
{
"category": "external",
"summary": "SUSE Bug 1238747 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1238747"
},
{
"category": "external",
"summary": "SUSE Bug 1240745 for CVE-2025-21785",
"url": "https://bugzilla.suse.com/1240745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: better TEAM_OPTION_TYPE_STRING validation\n\nsyzbot reported following splat [1]\n\nMake sure user-provided data contains one nul byte.\n\n[1]\n BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:633 [inline]\n BUG: KMSAN: uninit-value in string+0x3ec/0x5f0 lib/vsprintf.c:714\n string_nocheck lib/vsprintf.c:633 [inline]\n string+0x3ec/0x5f0 lib/vsprintf.c:714\n vsnprintf+0xa5d/0x1960 lib/vsprintf.c:2843\n __request_module+0x252/0x9f0 kernel/module/kmod.c:149\n team_mode_get drivers/net/team/team_core.c:480 [inline]\n team_change_mode drivers/net/team/team_core.c:607 [inline]\n team_mode_option_set+0x437/0x970 drivers/net/team/team_core.c:1401\n team_option_set drivers/net/team/team_core.c:375 [inline]\n team_nl_options_set_doit+0x1339/0x1f90 drivers/net/team/team_core.c:2662\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x1214/0x12c0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2543\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0xf52/0x1260 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x10da/0x11e0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:733\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2573\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2627\n __sys_sendmsg net/socket.c:2659 [inline]\n __do_sys_sendmsg net/socket.c:2664 [inline]\n __se_sys_sendmsg net/socket.c:2662 [inline]\n __x64_sys_sendmsg+0x212/0x3c0 net/socket.c:2662\n x64_sys_call+0x2ed6/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:47\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21787",
"url": "https://www.suse.com/security/cve/CVE-2025-21787"
},
{
"category": "external",
"summary": "SUSE Bug 1238774 for CVE-2025-21787",
"url": "https://bugzilla.suse.com/1238774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: check vxlan_vnigroup_init() return value\n\nvxlan_init() must check vxlan_vnigroup_init() success\notherwise a crash happens later, spotted by syzbot.\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000002c: 0000 [#1] PREEMPT SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000160-0x0000000000000167]\nCPU: 0 UID: 0 PID: 7313 Comm: syz-executor147 Not tainted 6.14.0-rc1-syzkaller-00276-g69b54314c975 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:vxlan_vnigroup_uninit+0x89/0x500 drivers/net/vxlan/vxlan_vnifilter.c:912\nCode: 00 48 8b 44 24 08 4c 8b b0 98 41 00 00 49 8d 86 60 01 00 00 48 89 c2 48 89 44 24 10 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4d 04 00 00 49 8b 86 60 01 00 00 48 ba 00 00 00\nRSP: 0018:ffffc9000cc1eea8 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff8672effb\nRDX: 000000000000002c RSI: ffffffff8672ecb9 RDI: ffff8880461b4f18\nRBP: ffff8880461b4ef4 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000020000\nR13: ffff8880461b0d80 R14: 0000000000000000 R15: dffffc0000000000\nFS: 00007fecfa95d6c0(0000) GS:ffff88806a600000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fecfa95cfb8 CR3: 000000004472c000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n vxlan_uninit+0x1ab/0x200 drivers/net/vxlan/vxlan_core.c:2942\n unregister_netdevice_many_notify+0x12d6/0x1f30 net/core/dev.c:11824\n unregister_netdevice_many net/core/dev.c:11866 [inline]\n unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11736\n register_netdevice+0x1829/0x1eb0 net/core/dev.c:10901\n __vxlan_dev_create+0x7c6/0xa30 drivers/net/vxlan/vxlan_core.c:3981\n vxlan_newlink+0xd1/0x130 drivers/net/vxlan/vxlan_core.c:4407\n rtnl_newlink_create net/core/rtnetlink.c:3795 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21790",
"url": "https://www.suse.com/security/cve/CVE-2025-21790"
},
{
"category": "external",
"summary": "SUSE Bug 1238753 for CVE-2025-21790",
"url": "https://bugzilla.suse.com/1238753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21790"
},
{
"cve": "CVE-2025-21791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: use RCU protection in l3mdev_l3_out()\n\nl3mdev_l3_out() can be called without RCU being held:\n\nraw_sendmsg()\n ip_push_pending_frames()\n ip_send_skb()\n ip_local_out()\n __ip_local_out()\n l3mdev_ip_out()\n\nAdd rcu_read_lock() / rcu_read_unlock() pair to avoid\na potential UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21791",
"url": "https://www.suse.com/security/cve/CVE-2025-21791"
},
{
"category": "external",
"summary": "SUSE Bug 1238512 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1238512"
},
{
"category": "external",
"summary": "SUSE Bug 1240744 for CVE-2025-21791",
"url": "https://bugzilla.suse.com/1240744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix refcount leak caused by setting SO_BINDTODEVICE sockopt\n\nIf an AX25 device is bound to a socket by setting the SO_BINDTODEVICE\nsocket option, a refcount leak will occur in ax25_release().\n\nCommit 9fd75b66b8f6 (\"ax25: Fix refcount leaks caused by ax25_cb_del()\")\nadded decrement of device refcounts in ax25_release(). In order for that\nto work correctly the refcounts must already be incremented when the\ndevice is bound to the socket. An AX25 device can be bound to a socket\nby either calling ax25_bind() or setting SO_BINDTODEVICE socket option.\nIn both cases the refcounts should be incremented, but in fact it is done\nonly in ax25_bind().\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 1 PID: 5932 at lib/refcount.c:31 refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nModules linked in:\nCPU: 1 UID: 0 PID: 5932 Comm: syz-executor424 Not tainted 6.13.0-rc4-syzkaller-00110-g4099a71718b0 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x1ed/0x210 lib/refcount.c:31\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x710/0x820 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4156 [inline]\n netdev_put include/linux/netdevice.h:4173 [inline]\n netdev_put include/linux/netdevice.h:4169 [inline]\n ax25_release+0x33f/0xa10 net/ax25/af_ax25.c:1069\n __sock_release+0xb0/0x270 net/socket.c:640\n sock_close+0x1c/0x30 net/socket.c:1408\n ...\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nFix the implementation of ax25_setsockopt() by adding increment of\nrefcounts for the new device bound, and decrement of refcounts for\nthe old unbound device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21792",
"url": "https://www.suse.com/security/cve/CVE-2025-21792"
},
{
"category": "external",
"summary": "SUSE Bug 1238745 for CVE-2025-21792",
"url": "https://bugzilla.suse.com/1238745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21792"
},
{
"cve": "CVE-2025-21793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sn-f-ospi: Fix division by zero\n\nWhen there is no dummy cycle in the spi-nor commands, both dummy bus cycle\nbytes and width are zero. Because of the cpu\u0027s warning when divided by\nzero, the warning should be avoided. Return just zero to avoid such\ncalculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21793",
"url": "https://www.suse.com/security/cve/CVE-2025-21793"
},
{
"category": "external",
"summary": "SUSE Bug 1238500 for CVE-2025-21793",
"url": "https://bugzilla.suse.com/1238500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints()\n\nSyzbot[1] has detected a stack-out-of-bounds read of the ep_addr array from\nhid-thrustmaster driver. This array is passed to usb_check_int_endpoints\nfunction from usb.c core driver, which executes a for loop that iterates\nover the elements of the passed array. Not finding a null element at the end of\nthe array, it tries to read the next, non-existent element, crashing the kernel.\n\nTo fix this, a 0 element was added at the end of the array to break the for\nloop.\n\n[1] https://syzkaller.appspot.com/bug?extid=9c9179ac46169c56c1ad",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21794",
"url": "https://www.suse.com/security/cve/CVE-2025-21794"
},
{
"category": "external",
"summary": "SUSE Bug 1238502 for CVE-2025-21794",
"url": "https://bugzilla.suse.com/1238502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: fix hang in nfsd4_shutdown_callback\n\nIf nfs4_client is in courtesy state then there is no point to send\nthe callback. This causes nfsd4_shutdown_callback to hang since\ncl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP\nnotifies NFSD that the connection was dropped.\n\nThis patch modifies nfsd4_run_cb_work to skip the RPC call if\nnfs4_client is in courtesy state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21795",
"url": "https://www.suse.com/security/cve/CVE-2025-21795"
},
{
"category": "external",
"summary": "SUSE Bug 1238759 for CVE-2025-21795",
"url": "https://bugzilla.suse.com/1238759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: clear acl_access/acl_default after releasing them\n\nIf getting acl_default fails, acl_access and acl_default will be released\nsimultaneously. However, acl_access will still retain a pointer pointing\nto the released posix_acl, which will trigger a WARNING in\nnfs3svc_release_getacl like this:\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 26 PID: 3199 at lib/refcount.c:28\nrefcount_warn_saturate+0xb5/0x170\nModules linked in:\nCPU: 26 UID: 0 PID: 3199 Comm: nfsd Not tainted\n6.12.0-rc6-00079-g04ae226af01f-dirty #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n1.16.1-2.fc37 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xb5/0x170\nCode: cc cc 0f b6 1d b3 20 a5 03 80 fb 01 0f 87 65 48 d8 00 83 e3 01 75\ne4 48 c7 c7 c0 3b 9b 85 c6 05 97 20 a5 03 01 e8 fb 3e 30 ff \u003c0f\u003e 0b eb\ncd 0f b6 1d 8a3\nRSP: 0018:ffffc90008637cd8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff83904fde\nRDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff88871ed36380\nRBP: ffff888158beeb40 R08: 0000000000000001 R09: fffff520010c6f56\nR10: ffffc90008637ab7 R11: 0000000000000001 R12: 0000000000000001\nR13: ffff888140e77400 R14: ffff888140e77408 R15: ffffffff858b42c0\nFS: 0000000000000000(0000) GS:ffff88871ed00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000562384d32158 CR3: 000000055cc6a000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xb5/0x170\n ? __warn+0xa5/0x140\n ? refcount_warn_saturate+0xb5/0x170\n ? report_bug+0x1b1/0x1e0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x17/0x40\n ? asm_exc_invalid_op+0x1a/0x20\n ? tick_nohz_tick_stopped+0x1e/0x40\n ? refcount_warn_saturate+0xb5/0x170\n ? refcount_warn_saturate+0xb5/0x170\n nfs3svc_release_getacl+0xc9/0xe0\n svc_process_common+0x5db/0xb60\n ? __pfx_svc_process_common+0x10/0x10\n ? __rcu_read_unlock+0x69/0xa0\n ? __pfx_nfsd_dispatch+0x10/0x10\n ? svc_xprt_received+0xa1/0x120\n ? xdr_init_decode+0x11d/0x190\n svc_process+0x2a7/0x330\n svc_handle_xprt+0x69d/0x940\n svc_recv+0x180/0x2d0\n nfsd+0x168/0x200\n ? __pfx_nfsd+0x10/0x10\n kthread+0x1a2/0x1e0\n ? kthread+0xf4/0x1e0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\nKernel panic - not syncing: kernel: panic_on_warn set ...\n\nClear acl_access/acl_default after posix_acl_release is called to prevent\nUAF from being triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21796",
"url": "https://www.suse.com/security/cve/CVE-2025-21796"
},
{
"category": "external",
"summary": "SUSE Bug 1238716 for CVE-2025-21796",
"url": "https://bugzilla.suse.com/1238716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: ti: am65-cpsw: fix freeing IRQ in am65_cpsw_nuss_remove_tx_chns()\n\nWhen getting the IRQ we use k3_udma_glue_tx_get_irq() which returns\nnegative error value on error. So not NULL check is not sufficient\nto deteremine if IRQ is valid. Check that IRQ is greater then zero\nto ensure it is valid.\n\nThere is no issue at probe time but at runtime user can invoke\n.set_channels which results in the following call chain.\nam65_cpsw_set_channels()\n am65_cpsw_nuss_update_tx_rx_chns()\n am65_cpsw_nuss_remove_tx_chns()\n am65_cpsw_nuss_init_tx_chns()\n\nAt this point if am65_cpsw_nuss_init_tx_chns() fails due to\nk3_udma_glue_tx_get_irq() then tx_chn-\u003eirq will be set to a\nnegative value.\n\nThen, at subsequent .set_channels with higher channel count we\nwill attempt to free an invalid IRQ in am65_cpsw_nuss_remove_tx_chns()\nleading to a kernel warning.\n\nThe issue is present in the original commit that introduced this driver,\nalthough there, am65_cpsw_nuss_update_tx_rx_chns() existed as\nam65_cpsw_nuss_update_tx_chns().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21799",
"url": "https://www.suse.com/security/cve/CVE-2025-21799"
},
{
"category": "external",
"summary": "SUSE Bug 1238739 for CVE-2025-21799",
"url": "https://bugzilla.suse.com/1238739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21799"
},
{
"cve": "CVE-2025-21802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix oops when unload drivers paralleling\n\nWhen unload hclge driver, it tries to disable sriov first for each\nae_dev node from hnae3_ae_dev_list. If user unloads hns3 driver at\nthe time, because it removes all the ae_dev nodes, and it may cause\noops.\n\nBut we can\u0027t simply use hnae3_common_lock for this. Because in the\nprocess flow of pci_disable_sriov(), it will trigger the remove flow\nof VF, which will also take hnae3_common_lock.\n\nTo fixes it, introduce a new mutex to protect the unload process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21802",
"url": "https://www.suse.com/security/cve/CVE-2025-21802"
},
{
"category": "external",
"summary": "SUSE Bug 1238751 for CVE-2025-21802",
"url": "https://bugzilla.suse.com/1238751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21802"
},
{
"cve": "CVE-2025-21804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: rcar-ep: Fix incorrect variable used when calling devm_request_mem_region()\n\nThe rcar_pcie_parse_outbound_ranges() uses the devm_request_mem_region()\nmacro to request a needed resource. A string variable that lives on the\nstack is then used to store a dynamically computed resource name, which\nis then passed on as one of the macro arguments. This can lead to\nundefined behavior.\n\nDepending on the current contents of the memory, the manifestations of\nerrors may vary. One possible output may be as follows:\n\n $ cat /proc/iomem\n 30000000-37ffffff :\n 38000000-3fffffff :\n\nSometimes, garbage may appear after the colon.\n\nIn very rare cases, if no NULL-terminator is found in memory, the system\nmight crash because the string iterator will overrun which can lead to\naccess of unmapped memory above the stack.\n\nThus, fix this by replacing outbound_name with the name of the previously\nrequested resource. With the changes applied, the output will be as\nfollows:\n\n $ cat /proc/iomem\n 30000000-37ffffff : memory2\n 38000000-3fffffff : memory3\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21804",
"url": "https://www.suse.com/security/cve/CVE-2025-21804"
},
{
"category": "external",
"summary": "SUSE Bug 1238736 for CVE-2025-21804",
"url": "https://bugzilla.suse.com/1238736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: let net.core.dev_weight always be non-zero\n\nThe following problem was encountered during stability test:\n\n(NULL net_device): NAPI poll function process_backlog+0x0/0x530 \\\n\treturned 1, exceeding its budget of 0.\n------------[ cut here ]------------\nlist_add double add: new=ffff88905f746f48, prev=ffff88905f746f48, \\\n\tnext=ffff88905f746e40.\nWARNING: CPU: 18 PID: 5462 at lib/list_debug.c:35 \\\n\t__list_add_valid_or_report+0xf3/0x130\nCPU: 18 UID: 0 PID: 5462 Comm: ping Kdump: loaded Not tainted 6.13.0-rc7+\nRIP: 0010:__list_add_valid_or_report+0xf3/0x130\nCall Trace:\n? __warn+0xcd/0x250\n? __list_add_valid_or_report+0xf3/0x130\nenqueue_to_backlog+0x923/0x1070\nnetif_rx_internal+0x92/0x2b0\n__netif_rx+0x15/0x170\nloopback_xmit+0x2ef/0x450\ndev_hard_start_xmit+0x103/0x490\n__dev_queue_xmit+0xeac/0x1950\nip_finish_output2+0x6cc/0x1620\nip_output+0x161/0x270\nip_push_pending_frames+0x155/0x1a0\nraw_sendmsg+0xe13/0x1550\n__sys_sendto+0x3bf/0x4e0\n__x64_sys_sendto+0xdc/0x1b0\ndo_syscall_64+0x5b/0x170\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe reproduction command is as follows:\n sysctl -w net.core.dev_weight=0\n ping 127.0.0.1\n\nThis is because when the napi\u0027s weight is set to 0, process_backlog() may\nreturn 0 and clear the NAPI_STATE_SCHED bit of napi-\u003estate, causing this\nnapi to be re-polled in net_rx_action() until __do_softirq() times out.\nSince the NAPI_STATE_SCHED bit has been cleared, napi_schedule_rps() can\nbe retriggered in enqueue_to_backlog(), causing this issue.\n\nMaking the napi\u0027s weight always non-zero solves this problem.\n\nTriggering this issue requires system-wide admin (setting is\nnot namespaced).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21806",
"url": "https://www.suse.com/security/cve/CVE-2025-21806"
},
{
"category": "external",
"summary": "SUSE Bug 1238746 for CVE-2025-21806",
"url": "https://bugzilla.suse.com/1238746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21806"
},
{
"cve": "CVE-2025-21808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: xdp: Disallow attaching device-bound programs in generic mode\n\nDevice-bound programs are used to support RX metadata kfuncs. These\nkfuncs are driver-specific and rely on the driver context to read the\nmetadata. This means they can\u0027t work in generic XDP mode. However, there\nis no check to disallow such programs from being attached in generic\nmode, in which case the metadata kfuncs will be called in an invalid\ncontext, leading to crashes.\n\nFix this by adding a check to disallow attaching device-bound programs\nin generic mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21808",
"url": "https://www.suse.com/security/cve/CVE-2025-21808"
},
{
"category": "external",
"summary": "SUSE Bug 1238742 for CVE-2025-21808",
"url": "https://bugzilla.suse.com/1238742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21808"
},
{
"cve": "CVE-2025-21810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndriver core: class: Fix wild pointer dereferences in API class_dev_iter_next()\n\nThere are a potential wild pointer dereferences issue regarding APIs\nclass_dev_iter_(init|next|exit)(), as explained by below typical usage:\n\n// All members of @iter are wild pointers.\nstruct class_dev_iter iter;\n\n// class_dev_iter_init(@iter, @class, ...) checks parameter @class for\n// potential class_to_subsys() error, and it returns void type and does\n// not initialize its output parameter @iter, so caller can not detect\n// the error and continues to invoke class_dev_iter_next(@iter) even if\n// @iter still contains wild pointers.\nclass_dev_iter_init(\u0026iter, ...);\n\n// Dereference these wild pointers in @iter here once suffer the error.\nwhile (dev = class_dev_iter_next(\u0026iter)) { ... };\n\n// Also dereference these wild pointers here.\nclass_dev_iter_exit(\u0026iter);\n\nActually, all callers of these APIs have such usage pattern in kernel tree.\nFix by:\n- Initialize output parameter @iter by memset() in class_dev_iter_init()\n and give callers prompt by pr_crit() for the error.\n- Check if @iter is valid in class_dev_iter_next().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21810",
"url": "https://www.suse.com/security/cve/CVE-2025-21810"
},
{
"category": "external",
"summary": "SUSE Bug 1238757 for CVE-2025-21810",
"url": "https://bugzilla.suse.com/1238757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: rcu protect dev-\u003eax25_ptr\n\nsyzbot found a lockdep issue [1].\n\nWe should remove ax25 RTNL dependency in ax25_setsockopt()\n\nThis should also fix a variety of possible UAF in ax25.\n\n[1]\n\nWARNING: possible circular locking dependency detected\n6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0 Not tainted\n------------------------------------------------------\nsyz.5.1818/12806 is trying to acquire lock:\n ffffffff8fcb3988 (rtnl_mutex){+.+.}-{4:4}, at: ax25_setsockopt+0xa55/0xe90 net/ax25/af_ax25.c:680\n\nbut task is already holding lock:\n ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1618 [inline]\n ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: ax25_setsockopt+0x209/0xe90 net/ax25/af_ax25.c:574\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (sk_lock-AF_AX25){+.+.}-{0:0}:\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n lock_sock_nested+0x48/0x100 net/core/sock.c:3642\n lock_sock include/net/sock.h:1618 [inline]\n ax25_kill_by_device net/ax25/af_ax25.c:101 [inline]\n ax25_device_event+0x24d/0x580 net/ax25/af_ax25.c:146\n notifier_call_chain+0x1a5/0x3f0 kernel/notifier.c:85\n __dev_notify_flags+0x207/0x400\n dev_change_flags+0xf0/0x1a0 net/core/dev.c:9026\n dev_ifsioc+0x7c8/0xe70 net/core/dev_ioctl.c:563\n dev_ioctl+0x719/0x1340 net/core/dev_ioctl.c:820\n sock_do_ioctl+0x240/0x460 net/socket.c:1234\n sock_ioctl+0x626/0x8e0 net/socket.c:1339\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl+0xf5/0x170 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n-\u003e #0 (rtnl_mutex){+.+.}-{4:4}:\n check_prev_add kernel/locking/lockdep.c:3161 [inline]\n check_prevs_add kernel/locking/lockdep.c:3280 [inline]\n validate_chain+0x18ef/0x5920 kernel/locking/lockdep.c:3904\n __lock_acquire+0x1397/0x2100 kernel/locking/lockdep.c:5226\n lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5849\n __mutex_lock_common kernel/locking/mutex.c:585 [inline]\n __mutex_lock+0x1ac/0xee0 kernel/locking/mutex.c:735\n ax25_setsockopt+0xa55/0xe90 net/ax25/af_ax25.c:680\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2324\n __sys_setsockopt net/socket.c:2349 [inline]\n __do_sys_setsockopt net/socket.c:2355 [inline]\n __se_sys_setsockopt net/socket.c:2352 [inline]\n __x64_sys_setsockopt+0x1ee/0x280 net/socket.c:2352\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(sk_lock-AF_AX25);\n lock(rtnl_mutex);\n lock(sk_lock-AF_AX25);\n lock(rtnl_mutex);\n\n *** DEADLOCK ***\n\n1 lock held by syz.5.1818/12806:\n #0: ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1618 [inline]\n #0: ffff8880617ac258 (sk_lock-AF_AX25){+.+.}-{0:0}, at: ax25_setsockopt+0x209/0xe90 net/ax25/af_ax25.c:574\n\nstack backtrace:\nCPU: 1 UID: 0 PID: 12806 Comm: syz.5.1818 Not tainted 6.13.0-rc3-syzkaller-00762-g9268abe611b0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_circular_bug+0x13a/0x1b0 kernel/locking/lockdep.c:2074\n check_noncircular+0x36a/0x4a0 kernel/locking/lockdep.c:2206\n check_prev_add kernel/locking/lockdep.c:3161 [inline]\n check_prevs_add kernel/lockin\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21812",
"url": "https://www.suse.com/security/cve/CVE-2025-21812"
},
{
"category": "external",
"summary": "SUSE Bug 1238471 for CVE-2025-21812",
"url": "https://bugzilla.suse.com/1238471"
},
{
"category": "external",
"summary": "SUSE Bug 1240736 for CVE-2025-21812",
"url": "https://bugzilla.suse.com/1240736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21812"
},
{
"cve": "CVE-2025-21814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptp: Ensure info-\u003eenable callback is always set\n\nThe ioctl and sysfs handlers unconditionally call the -\u003eenable callback.\nNot all drivers implement that callback, leading to NULL dereferences.\nExample of affected drivers: ptp_s390.c, ptp_vclock.c and ptp_mock.c.\n\nInstead use a dummy callback if no better was specified by the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21814",
"url": "https://www.suse.com/security/cve/CVE-2025-21814"
},
{
"category": "external",
"summary": "SUSE Bug 1238473 for CVE-2025-21814",
"url": "https://bugzilla.suse.com/1238473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/compaction: fix UBSAN shift-out-of-bounds warning\n\nsyzkaller reported a UBSAN shift-out-of-bounds warning of (1UL \u003c\u003c order)\nin isolate_freepages_block(). The bogus compound_order can be any value\nbecause it is union with flags. Add back the MAX_PAGE_ORDER check to fix\nthe warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21815",
"url": "https://www.suse.com/security/cve/CVE-2025-21815"
},
{
"category": "external",
"summary": "SUSE Bug 1238474 for CVE-2025-21815",
"url": "https://bugzilla.suse.com/1238474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/display: Use HW lock mgr for PSR1\"\n\nThis reverts commit\na2b5a9956269 (\"drm/amd/display: Use HW lock mgr for PSR1\")\n\nBecause it may cause system hang while connect with two edp panel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21819",
"url": "https://www.suse.com/security/cve/CVE-2025-21819"
},
{
"category": "external",
"summary": "SUSE Bug 1238994 for CVE-2025-21819",
"url": "https://bugzilla.suse.com/1238994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: xilinx_uartps: split sysrq handling\n\nlockdep detects the following circular locking dependency:\n\nCPU 0 CPU 1\n========================== ============================\ncdns_uart_isr() printk()\n uart_port_lock(port) console_lock()\n\t\t\t cdns_uart_console_write()\n if (!port-\u003esysrq)\n uart_port_lock(port)\n uart_handle_break()\n port-\u003esysrq = ...\n uart_handle_sysrq_char()\n printk()\n console_lock()\n\nThe fixed commit attempts to avoid this situation by only taking the\nport lock in cdns_uart_console_write if port-\u003esysrq unset. However, if\n(as shown above) cdns_uart_console_write runs before port-\u003esysrq is set,\nthen it will try to take the port lock anyway. This may result in a\ndeadlock.\n\nFix this by splitting sysrq handling into two parts. We use the prepare\nhelper under the port lock and defer handling until we release the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21820",
"url": "https://www.suse.com/security/cve/CVE-2025-21820"
},
{
"category": "external",
"summary": "SUSE Bug 1238479 for CVE-2025-21820",
"url": "https://bugzilla.suse.com/1238479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omap: use threaded IRQ for LCD DMA\n\nWhen using touchscreen and framebuffer, Nokia 770 crashes easily with:\n\n BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000\n Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether libcomposite configfs omap_udc ohci_omap ohci_hcd\n CPU: 0 UID: 0 PID: 82 Comm: irq/144-ads7846 Not tainted 6.12.7-770 #2\n Hardware name: Nokia 770\n Call trace:\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x54/0x5c\n dump_stack_lvl from __schedule_bug+0x50/0x70\n __schedule_bug from __schedule+0x4d4/0x5bc\n __schedule from schedule+0x34/0xa0\n schedule from schedule_preempt_disabled+0xc/0x10\n schedule_preempt_disabled from __mutex_lock.constprop.0+0x218/0x3b4\n __mutex_lock.constprop.0 from clk_prepare_lock+0x38/0xe4\n clk_prepare_lock from clk_set_rate+0x18/0x154\n clk_set_rate from sossi_read_data+0x4c/0x168\n sossi_read_data from hwa742_read_reg+0x5c/0x8c\n hwa742_read_reg from send_frame_handler+0xfc/0x300\n send_frame_handler from process_pending_requests+0x74/0xd0\n process_pending_requests from lcd_dma_irq_handler+0x50/0x74\n lcd_dma_irq_handler from __handle_irq_event_percpu+0x44/0x130\n __handle_irq_event_percpu from handle_irq_event+0x28/0x68\n handle_irq_event from handle_level_irq+0x9c/0x170\n handle_level_irq from generic_handle_domain_irq+0x2c/0x3c\n generic_handle_domain_irq from omap1_handle_irq+0x40/0x8c\n omap1_handle_irq from generic_handle_arch_irq+0x28/0x3c\n generic_handle_arch_irq from call_with_stack+0x1c/0x24\n call_with_stack from __irq_svc+0x94/0xa8\n Exception stack(0xc5255da0 to 0xc5255de8)\n 5da0: 00000001 c22fc620 00000000 00000000 c08384a8 c106fc00 00000000 c240c248\n 5dc0: c113a600 c3f6ec30 00000001 00000000 c22fc620 c5255df0 c22fc620 c0279a94\n 5de0: 60000013 ffffffff\n __irq_svc from clk_prepare_lock+0x4c/0xe4\n clk_prepare_lock from clk_get_rate+0x10/0x74\n clk_get_rate from uwire_setup_transfer+0x40/0x180\n uwire_setup_transfer from spi_bitbang_transfer_one+0x2c/0x9c\n spi_bitbang_transfer_one from spi_transfer_one_message+0x2d0/0x664\n spi_transfer_one_message from __spi_pump_transfer_message+0x29c/0x498\n __spi_pump_transfer_message from __spi_sync+0x1f8/0x2e8\n __spi_sync from spi_sync+0x24/0x40\n spi_sync from ads7846_halfd_read_state+0x5c/0x1c0\n ads7846_halfd_read_state from ads7846_irq+0x58/0x348\n ads7846_irq from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x120/0x228\n irq_thread from kthread+0xc8/0xe8\n kthread from ret_from_fork+0x14/0x28\n\nAs a quick fix, switch to a threaded IRQ which provides a stable system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21821",
"url": "https://www.suse.com/security/cve/CVE-2025-21821"
},
{
"category": "external",
"summary": "SUSE Bug 1239174 for CVE-2025-21821",
"url": "https://bugzilla.suse.com/1239174"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Drop unmanaged ELP metric worker\n\nThe ELP worker needs to calculate new metric values for all neighbors\n\"reachable\" over an interface. Some of the used metric sources require\nlocks which might need to sleep. This sleep is incompatible with the RCU\nlist iterator used for the recorded neighbors. The initial approach to work\naround of this problem was to queue another work item per neighbor and then\nrun this in a new context.\n\nEven when this solved the RCU vs might_sleep() conflict, it has a major\nproblems: Nothing was stopping the work item in case it is not needed\nanymore - for example because one of the related interfaces was removed or\nthe batman-adv module was unloaded - resulting in potential invalid memory\naccesses.\n\nDirectly canceling the metric worker also has various problems:\n\n* cancel_work_sync for a to-be-deactivated interface is called with\n rtnl_lock held. But the code in the ELP metric worker also tries to use\n rtnl_lock() - which will never return in this case. This also means that\n cancel_work_sync would never return because it is waiting for the worker\n to finish.\n* iterating over the neighbor list for the to-be-deactivated interface is\n currently done using the RCU specific methods. Which means that it is\n possible to miss items when iterating over it without the associated\n spinlock - a behaviour which is acceptable for a periodic metric check\n but not for a cleanup routine (which must \"stop\" all still running\n workers)\n\nThe better approch is to get rid of the per interface neighbor metric\nworker and handle everything in the interface worker. The original problems\nare solved by:\n\n* creating a list of neighbors which require new metric information inside\n the RCU protected context, gathering the metric according to the new list\n outside the RCU protected context\n* only use rcu_trylock inside metric gathering code to avoid a deadlock\n when the cancel_delayed_work_sync is called in the interface removal code\n (which is called with the rtnl_lock held)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21823",
"url": "https://www.suse.com/security/cve/CVE-2025-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1238475 for CVE-2025-21823",
"url": "https://bugzilla.suse.com/1238475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Cancel the running bpf_timer through kworker for PREEMPT_RT\n\nDuring the update procedure, when overwrite element in a pre-allocated\nhtab, the freeing of old_element is protected by the bucket lock. The\nreason why the bucket lock is necessary is that the old_element has\nalready been stashed in htab-\u003eextra_elems after alloc_htab_elem()\nreturns. If freeing the old_element after the bucket lock is unlocked,\nthe stashed element may be reused by concurrent update procedure and the\nfreeing of old_element will run concurrently with the reuse of the\nold_element. However, the invocation of check_and_free_fields() may\nacquire a spin-lock which violates the lockdep rule because its caller\nhas already held a raw-spin-lock (bucket lock). The following warning\nwill be reported when such race happens:\n\n BUG: scheduling while atomic: test_progs/676/0x00000003\n 3 locks held by test_progs/676:\n #0: ffffffff864b0240 (rcu_read_lock_trace){....}-{0:0}, at: bpf_prog_test_run_syscall+0x2c0/0x830\n #1: ffff88810e961188 (\u0026htab-\u003elockdep_key){....}-{2:2}, at: htab_map_update_elem+0x306/0x1500\n #2: ffff8881f4eac1b8 (\u0026base-\u003esoftirq_expiry_lock){....}-{2:2}, at: hrtimer_cancel_wait_running+0xe9/0x1b0\n Modules linked in: bpf_testmod(O)\n Preemption disabled at:\n [\u003cffffffff817837a3\u003e] htab_map_update_elem+0x293/0x1500\n CPU: 0 UID: 0 PID: 676 Comm: test_progs Tainted: G ... 6.12.0+ #11\n Tainted: [W]=WARN, [O]=OOT_MODULE\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)...\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x57/0x70\n dump_stack+0x10/0x20\n __schedule_bug+0x120/0x170\n __schedule+0x300c/0x4800\n schedule_rtlock+0x37/0x60\n rtlock_slowlock_locked+0x6d9/0x54c0\n rt_spin_lock+0x168/0x230\n hrtimer_cancel_wait_running+0xe9/0x1b0\n hrtimer_cancel+0x24/0x30\n bpf_timer_delete_work+0x1d/0x40\n bpf_timer_cancel_and_free+0x5e/0x80\n bpf_obj_free_fields+0x262/0x4a0\n check_and_free_fields+0x1d0/0x280\n htab_map_update_elem+0x7fc/0x1500\n bpf_prog_9f90bc20768e0cb9_overwrite_cb+0x3f/0x43\n bpf_prog_ea601c4649694dbd_overwrite_timer+0x5d/0x7e\n bpf_prog_test_run_syscall+0x322/0x830\n __sys_bpf+0x135d/0x3ca0\n __x64_sys_bpf+0x75/0xb0\n x64_sys_call+0x1b5/0xa10\n do_syscall_64+0x3b/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n ...\n \u003c/TASK\u003e\n\nIt seems feasible to break the reuse and refill of per-cpu extra_elems\ninto two independent parts: reuse the per-cpu extra_elems with bucket\nlock being held and refill the old_element as per-cpu extra_elems after\nthe bucket lock is unlocked. However, it will make the concurrent\noverwrite procedures on the same CPU return unexpected -E2BIG error when\nthe map is full.\n\nTherefore, the patch fixes the lock problem by breaking the cancelling\nof bpf_timer into two steps for PREEMPT_RT:\n1) use hrtimer_try_to_cancel() and check its return value\n2) if the timer is running, use hrtimer_cancel() through a kworker to\n cancel it again\nConsidering that the current implementation of hrtimer_cancel() will try\nto acquire a being held softirq_expiry_lock when the current timer is\nrunning, these steps above are reasonable. However, it also has\ndownside. When the timer is running, the cancelling of the timer is\ndelayed when releasing the last map uref. The delay is also fixable\n(e.g., break the cancelling of bpf timer into two parts: one part in\nlocked scope, another one in unlocked scope), it can be revised later if\nnecessary.\n\nIt is a bit hard to decide the right fix tag. One reason is that the\nproblem depends on PREEMPT_RT which is enabled in v6.12. Considering the\nsoftirq_expiry_lock lock exists since v5.4 and bpf_timer is introduced\nin v5.15, the bpf_timer commit is used in the fixes tag and an extra\ndepends-on tag is added to state the dependency on PREEMPT_RT.\n\nDepends-on: v6.12+ with PREEMPT_RT enabled",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21825",
"url": "https://www.suse.com/security/cve/CVE-2025-21825"
},
{
"category": "external",
"summary": "SUSE Bug 1238971 for CVE-2025-21825",
"url": "https://bugzilla.suse.com/1238971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t flush non-uploaded STAs\n\nIf STA state is pre-moved to AUTHORIZED (such as in IBSS\nscenarios) and insertion fails, the station is freed.\nIn this case, the driver never knew about the station,\nso trying to flush it is unexpected and may crash.\n\nCheck if the sta was uploaded to the driver before and\nfix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21828",
"url": "https://www.suse.com/security/cve/CVE-2025-21828"
},
{
"category": "external",
"summary": "SUSE Bug 1238958 for CVE-2025-21828",
"url": "https://bugzilla.suse.com/1238958"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix the warning \"__rxe_cleanup+0x12c/0x170 [rdma_rxe]\"\n\nThe Call Trace is as below:\n\"\n \u003cTASK\u003e\n ? show_regs.cold+0x1a/0x1f\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __warn+0x84/0xd0\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? report_bug+0x105/0x180\n ? handle_bug+0x46/0x80\n ? exc_invalid_op+0x19/0x70\n ? asm_exc_invalid_op+0x1b/0x20\n ? __rxe_cleanup+0x12c/0x170 [rdma_rxe]\n ? __rxe_cleanup+0x124/0x170 [rdma_rxe]\n rxe_destroy_qp.cold+0x24/0x29 [rdma_rxe]\n ib_destroy_qp_user+0x118/0x190 [ib_core]\n rdma_destroy_qp.cold+0x43/0x5e [rdma_cm]\n rtrs_cq_qp_destroy.cold+0x1d/0x2b [rtrs_core]\n rtrs_srv_close_work.cold+0x1b/0x31 [rtrs_server]\n process_one_work+0x21d/0x3f0\n worker_thread+0x4a/0x3c0\n ? process_one_work+0x3f0/0x3f0\n kthread+0xf0/0x120\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x22/0x30\n \u003c/TASK\u003e\n\"\nWhen too many rdma resources are allocated, rxe needs more time to\nhandle these rdma resources. Sometimes with the current timeout, rxe\ncan not release the rdma resources correctly.\n\nCompared with other rdma drivers, a bigger timeout is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21829",
"url": "https://www.suse.com/security/cve/CVE-2025-21829"
},
{
"category": "external",
"summary": "SUSE Bug 1239030 for CVE-2025-21829",
"url": "https://bugzilla.suse.com/1239030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlandlock: Handle weird files\n\nA corrupted filesystem (e.g. bcachefs) might return weird files.\nInstead of throwing a warning and allowing access to such file, treat\nthem as regular files.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21830",
"url": "https://www.suse.com/security/cve/CVE-2025-21830"
},
{
"category": "external",
"summary": "SUSE Bug 1239033 for CVE-2025-21830",
"url": "https://bugzilla.suse.com/1239033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1\n\ncommit 9d26d3a8f1b0 (\"PCI: Put PCIe ports into D3 during suspend\") sets the\npolicy that all PCIe ports are allowed to use D3. When the system is\nsuspended if the port is not power manageable by the platform and won\u0027t be\nused for wakeup via a PME this sets up the policy for these ports to go\ninto D3hot.\n\nThis policy generally makes sense from an OSPM perspective but it leads to\nproblems with wakeup from suspend on the TUXEDO Sirius 16 Gen 1 with a\nspecific old BIOS. This manifests as a system hang.\n\nOn the affected Device + BIOS combination, add a quirk for the root port of\nthe problematic controller to ensure that these root ports are not put into\nD3hot at suspend.\n\nThis patch is based on\n\n https://lore.kernel.org/linux-pci/20230708214457.1229-2-mario.limonciello@amd.com\n\nbut with the added condition both in the documentation and in the code to\napply only to the TUXEDO Sirius 16 Gen 1 with a specific old BIOS and only\nthe affected root ports.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21831",
"url": "https://www.suse.com/security/cve/CVE-2025-21831"
},
{
"category": "external",
"summary": "SUSE Bug 1239039 for CVE-2025-21831",
"url": "https://bugzilla.suse.com/1239039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: don\u0027t revert iter for -EIOCBQUEUED\n\nblkdev_read_iter() has a few odd checks, like gating the position and\ncount adjustment on whether or not the result is bigger-than-or-equal to\nzero (where bigger than makes more sense), and not checking the return\nvalue of blkdev_direct_IO() before doing an iov_iter_revert(). The\nlatter can lead to attempting to revert with a negative value, which\nwhen passed to iov_iter_revert() as an unsigned value will lead to\nthrowing a WARN_ON() because unroll is bigger than MAX_RW_COUNT.\n\nBe sane and don\u0027t revert for -EIOCBQUEUED, like what is done in other\nspots.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21832",
"url": "https://www.suse.com/security/cve/CVE-2025-21832"
},
{
"category": "external",
"summary": "SUSE Bug 1239105 for CVE-2025-21832",
"url": "https://bugzilla.suse.com/1239105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Avoid use of NULL after WARN_ON_ONCE\n\nThere is a WARN_ON_ONCE to catch an unlikely situation when\ndomain_remove_dev_pasid can\u0027t find the `pasid`. In case it nevertheless\nhappens we must avoid using a NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21833",
"url": "https://www.suse.com/security/cve/CVE-2025-21833"
},
{
"category": "external",
"summary": "SUSE Bug 1239108 for CVE-2025-21833",
"url": "https://bugzilla.suse.com/1239108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21833"
},
{
"cve": "CVE-2025-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_midi: fix MIDI Streaming descriptor lengths\n\nWhile the MIDI jacks are configured correctly, and the MIDIStreaming\nendpoint descriptors are filled with the correct information,\nbNumEmbMIDIJack and bLength are set incorrectly in these descriptors.\n\nThis does not matter when the numbers of in and out ports are equal, but\nwhen they differ the host will receive broken descriptors with\nuninitialized stack memory leaking into the descriptor for whichever\nvalue is smaller.\n\nThe precise meaning of \"in\" and \"out\" in the port counts is not clearly\ndefined and can be confusing. But elsewhere the driver consistently\nuses this to match the USB meaning of IN and OUT viewed from the host,\nso that \"in\" ports send data to the host and \"out\" ports receive data\nfrom it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21835",
"url": "https://www.suse.com/security/cve/CVE-2025-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1239068 for CVE-2025-21835",
"url": "https://bugzilla.suse.com/1239068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: reallocate buf lists on upgrade\n\nIORING_REGISTER_PBUF_RING can reuse an old struct io_buffer_list if it\nwas created for legacy selected buffer and has been emptied. It violates\nthe requirement that most of the field should stay stable after publish.\nAlways reallocate it instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21836",
"url": "https://www.suse.com/security/cve/CVE-2025-21836"
},
{
"category": "external",
"summary": "SUSE Bug 1239066 for CVE-2025-21836",
"url": "https://bugzilla.suse.com/1239066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21836"
},
{
"cve": "CVE-2025-21838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: core: flush gadget workqueue after device removal\n\ndevice_del() can lead to new work being scheduled in gadget-\u003ework\nworkqueue. This is observed, for example, with the dwc3 driver with the\nfollowing call stack:\n device_del()\n gadget_unbind_driver()\n usb_gadget_disconnect_locked()\n dwc3_gadget_pullup()\n\t dwc3_gadget_soft_disconnect()\n\t usb_gadget_set_state()\n\t schedule_work(\u0026gadget-\u003ework)\n\nMove flush_work() after device_del() to ensure the workqueue is cleaned\nup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21838",
"url": "https://www.suse.com/security/cve/CVE-2025-21838"
},
{
"category": "external",
"summary": "SUSE Bug 1239065 for CVE-2025-21838",
"url": "https://bugzilla.suse.com/1239065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Add check for next_buffer in receive_encrypted_standard()\n\nAdd check for the return value of cifs_buf_get() and cifs_small_buf_get()\nin receive_encrypted_standard() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21844",
"url": "https://www.suse.com/security/cve/CVE-2025-21844"
},
{
"category": "external",
"summary": "SUSE Bug 1239512 for CVE-2025-21844",
"url": "https://bugzilla.suse.com/1239512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacct: perform last write from workqueue\n\nIn [1] it was reported that the acct(2) system call can be used to\ntrigger NULL deref in cases where it is set to write to a file that\ntriggers an internal lookup. This can e.g., happen when pointing acc(2)\nto /sys/power/resume. At the point the where the write to this file\nhappens the calling task has already exited and called exit_fs(). A\nlookup will thus trigger a NULL-deref when accessing current-\u003efs.\n\nReorganize the code so that the the final write happens from the\nworkqueue but with the caller\u0027s credentials. This preserves the\n(strange) permission model and has almost no regression risk.\n\nThis api should stop to exist though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21846",
"url": "https://www.suse.com/security/cve/CVE-2025-21846"
},
{
"category": "external",
"summary": "SUSE Bug 1239508 for CVE-2025-21846",
"url": "https://bugzilla.suse.com/1239508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data()\n\nThe nullity of sps-\u003ecstream should be checked similarly as it is done in\nsof_set_stream_data_offset() function.\nAssuming that it is not NULL if sps-\u003estream is NULL is incorrect and can\nlead to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21847",
"url": "https://www.suse.com/security/cve/CVE-2025-21847"
},
{
"category": "external",
"summary": "SUSE Bug 1239471 for CVE-2025-21847",
"url": "https://bugzilla.suse.com/1239471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\n\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21848",
"url": "https://www.suse.com/security/cve/CVE-2025-21848"
},
{
"category": "external",
"summary": "SUSE Bug 1239479 for CVE-2025-21848",
"url": "https://bugzilla.suse.com/1239479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: Fix crash when a namespace is disabled\n\nThe namespace percpu counter protects pending I/O, and we can\nonly safely diable the namespace once the counter drop to zero.\nOtherwise we end up with a crash when running blktests/nvme/058\n(eg for loop transport):\n\n[ 2352.930426] [ T53909] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] PREEMPT SMP KASAN PTI\n[ 2352.930431] [ T53909] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n[ 2352.930434] [ T53909] CPU: 3 UID: 0 PID: 53909 Comm: kworker/u16:5 Tainted: G W 6.13.0-rc6 #232\n[ 2352.930438] [ T53909] Tainted: [W]=WARN\n[ 2352.930440] [ T53909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014\n[ 2352.930443] [ T53909] Workqueue: nvmet-wq nvme_loop_execute_work [nvme_loop]\n[ 2352.930449] [ T53909] RIP: 0010:blkcg_set_ioprio+0x44/0x180\n\nas the queue is already torn down when calling submit_bio();\n\nSo we need to init the percpu counter in nvmet_ns_enable(), and\nwait for it to drop to zero in nvmet_ns_disable() to avoid having\nI/O pending after the namespace has been disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21850",
"url": "https://www.suse.com/security/cve/CVE-2025-21850"
},
{
"category": "external",
"summary": "SUSE Bug 1239477 for CVE-2025-21850",
"url": "https://bugzilla.suse.com/1239477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: Add rx_skb of kfree_skb to raw_tp_null_args[].\n\nYan Zhai reported a BPF prog could trigger a null-ptr-deref [0]\nin trace_kfree_skb if the prog does not check if rx_sk is NULL.\n\nCommit c53795d48ee8 (\"net: add rx_sk to trace_kfree_skb\") added\nrx_sk to trace_kfree_skb, but rx_sk is optional and could be NULL.\n\nLet\u0027s add kfree_skb to raw_tp_null_args[] to let the BPF verifier\nvalidate such a prog and prevent the issue.\n\nNow we fail to load such a prog:\n\n libbpf: prog \u0027drop\u0027: -- BEGIN PROG LOAD LOG --\n 0: R1=ctx() R10=fp0\n ; int BPF_PROG(drop, struct sk_buff *skb, void *location, @ kfree_skb_sk_null.bpf.c:21\n 0: (79) r3 = *(u64 *)(r1 +24)\n func \u0027kfree_skb\u0027 arg3 has btf_id 5253 type STRUCT \u0027sock\u0027\n 1: R1=ctx() R3_w=trusted_ptr_or_null_sock(id=1)\n ; bpf_printk(\"sk: %d, %d\\n\", sk, sk-\u003e__sk_common.skc_family); @ kfree_skb_sk_null.bpf.c:24\n 1: (69) r4 = *(u16 *)(r3 +16)\n R3 invalid mem access \u0027trusted_ptr_or_null_\u0027\n processed 2 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0\n -- END PROG LOAD LOG --\n\nNote this fix requires commit 838a10bd2ebf (\"bpf: Augment raw_tp\narguments with PTR_MAYBE_NULL\").\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000010\n PF: supervisor read access in kernel mode\n PF: error_code(0x0000) - not-present page\nPGD 0 P4D 0\nPREEMPT SMP\nRIP: 0010:bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x1f/0x60\n ? page_fault_oops+0x148/0x420\n ? search_bpf_extables+0x5b/0x70\n ? fixup_exception+0x27/0x2c0\n ? exc_page_fault+0x75/0x170\n ? asm_exc_page_fault+0x22/0x30\n ? bpf_prog_5e21a6db8fcff1aa_drop+0x10/0x2d\n bpf_trace_run4+0x68/0xd0\n ? unix_stream_connect+0x1f4/0x6f0\n sk_skb_reason_drop+0x90/0x120\n unix_stream_connect+0x1f4/0x6f0\n __sys_connect+0x7f/0xb0\n __x64_sys_connect+0x14/0x20\n do_syscall_64+0x47/0xc30\n entry_SYSCALL_64_after_hwframe+0x4b/0x53",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21852",
"url": "https://www.suse.com/security/cve/CVE-2025-21852"
},
{
"category": "external",
"summary": "SUSE Bug 1239487 for CVE-2025-21852",
"url": "https://bugzilla.suse.com/1239487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21852"
},
{
"cve": "CVE-2025-21853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: avoid holding freeze_mutex during mmap operation\n\nWe use map-\u003efreeze_mutex to prevent races between map_freeze() and\nmemory mapping BPF map contents with writable permissions. The way we\nnaively do this means we\u0027ll hold freeze_mutex for entire duration of all\nthe mm and VMA manipulations, which is completely unnecessary. This can\npotentially also lead to deadlocks, as reported by syzbot in [0].\n\nSo, instead, hold freeze_mutex only during writeability checks, bump\n(proactively) \"write active\" count for the map, unlock the mutex and\nproceed with mmap logic. And only if something went wrong during mmap\nlogic, then undo that \"write active\" counter increment.\n\n [0] https://lore.kernel.org/bpf/678dcbc9.050a0220.303755.0066.GAE@google.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21853",
"url": "https://www.suse.com/security/cve/CVE-2025-21853"
},
{
"category": "external",
"summary": "SUSE Bug 1239476 for CVE-2025-21853",
"url": "https://bugzilla.suse.com/1239476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21853"
},
{
"cve": "CVE-2025-21854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsockmap, vsock: For connectible sockets allow only connected\n\nsockmap expects all vsocks to have a transport assigned, which is expressed\nin vsock_proto::psock_update_sk_prot(). However, there is an edge case\nwhere an unconnected (connectible) socket may lose its previously assigned\ntransport. This is handled with a NULL check in the vsock/BPF recv path.\n\nAnother design detail is that listening vsocks are not supposed to have any\ntransport assigned at all. Which implies they are not supported by the\nsockmap. But this is complicated by the fact that a socket, before\nswitching to TCP_LISTEN, may have had some transport assigned during a\nfailed connect() attempt. Hence, we may end up with a listening vsock in a\nsockmap, which blows up quickly:\n\nKASAN: null-ptr-deref in range [0x0000000000000120-0x0000000000000127]\nCPU: 7 UID: 0 PID: 56 Comm: kworker/7:0 Not tainted 6.14.0-rc1+\nWorkqueue: vsock-loopback vsock_loopback_work\nRIP: 0010:vsock_read_skb+0x4b/0x90\nCall Trace:\n sk_psock_verdict_data_ready+0xa4/0x2e0\n virtio_transport_recv_pkt+0x1ca8/0x2acc\n vsock_loopback_work+0x27d/0x3f0\n process_one_work+0x846/0x1420\n worker_thread+0x5b3/0xf80\n kthread+0x35a/0x700\n ret_from_fork+0x2d/0x70\n ret_from_fork_asm+0x1a/0x30\n\nFor connectible sockets, instead of relying solely on the state of\nvsk-\u003etransport, tell sockmap to only allow those representing established\nconnections. This aligns with the behaviour for AF_INET and AF_UNIX.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21854",
"url": "https://www.suse.com/security/cve/CVE-2025-21854"
},
{
"category": "external",
"summary": "SUSE Bug 1239470 for CVE-2025-21854",
"url": "https://bugzilla.suse.com/1239470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21854"
},
{
"cve": "CVE-2025-21855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Don\u0027t reference skb after sending to VIOS\n\nPreviously, after successfully flushing the xmit buffer to VIOS,\nthe tx_bytes stat was incremented by the length of the skb.\n\nIt is invalid to access the skb memory after sending the buffer to\nthe VIOS because, at any point after sending, the VIOS can trigger\nan interrupt to free this memory. A race between reading skb-\u003elen\nand freeing the skb is possible (especially during LPM) and will\nresult in use-after-free:\n ==================================================================\n BUG: KASAN: slab-use-after-free in ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n Read of size 4 at addr c00000024eb48a70 by task hxecom/14495\n \u003c...\u003e\n Call Trace:\n [c000000118f66cf0] [c0000000018cba6c] dump_stack_lvl+0x84/0xe8 (unreliable)\n [c000000118f66d20] [c0000000006f0080] print_report+0x1a8/0x7f0\n [c000000118f66df0] [c0000000006f08f0] kasan_report+0x128/0x1f8\n [c000000118f66f00] [c0000000006f2868] __asan_load4+0xac/0xe0\n [c000000118f66f20] [c0080000046eac84] ibmvnic_xmit+0x75c/0x1808 [ibmvnic]\n [c000000118f67340] [c0000000014be168] dev_hard_start_xmit+0x150/0x358\n \u003c...\u003e\n Freed by task 0:\n kasan_save_stack+0x34/0x68\n kasan_save_track+0x2c/0x50\n kasan_save_free_info+0x64/0x108\n __kasan_mempool_poison_object+0x148/0x2d4\n napi_skb_cache_put+0x5c/0x194\n net_tx_action+0x154/0x5b8\n handle_softirqs+0x20c/0x60c\n do_softirq_own_stack+0x6c/0x88\n \u003c...\u003e\n The buggy address belongs to the object at c00000024eb48a00 which\n belongs to the cache skbuff_head_cache of size 224\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21855",
"url": "https://www.suse.com/security/cve/CVE-2025-21855"
},
{
"category": "external",
"summary": "SUSE Bug 1239484 for CVE-2025-21855",
"url": "https://bugzilla.suse.com/1239484"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ism: add release function for struct device\n\nAccording to device_release() in /drivers/base/core.c,\na device without a release function is a broken device\nand must be fixed.\n\nThe current code directly frees the device after calling device_add()\nwithout waiting for other kernel parts to release their references.\nThus, a reference could still be held to a struct device,\ne.g., by sysfs, leading to potential use-after-free\nissues if a proper release function is not set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21856",
"url": "https://www.suse.com/security/cve/CVE-2025-21856"
},
{
"category": "external",
"summary": "SUSE Bug 1239486 for CVE-2025-21856",
"url": "https://bugzilla.suse.com/1239486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: cls_api: fix error handling causing NULL dereference\n\ntcf_exts_miss_cookie_base_alloc() calls xa_alloc_cyclic() which can\nreturn 1 if the allocation succeeded after wrapping. This was treated as\nan error, with value 1 returned to caller tcf_exts_init_ex() which sets\nexts-\u003eactions to NULL and returns 1 to caller fl_change().\n\nfl_change() treats err == 1 as success, calling tcf_exts_validate_ex()\nwhich calls tcf_action_init() with exts-\u003eactions as argument, where it\nis dereferenced.\n\nExample trace:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nCPU: 114 PID: 16151 Comm: handler114 Kdump: loaded Not tainted 5.14.0-503.16.1.el9_5.x86_64 #1\nRIP: 0010:tcf_action_init+0x1f8/0x2c0\nCall Trace:\n tcf_action_init+0x1f8/0x2c0\n tcf_exts_validate_ex+0x175/0x190\n fl_change+0x537/0x1120 [cls_flower]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21857",
"url": "https://www.suse.com/security/cve/CVE-2025-21857"
},
{
"category": "external",
"summary": "SUSE Bug 1239478 for CVE-2025-21857",
"url": "https://bugzilla.suse.com/1239478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: Fix use-after-free in geneve_find_dev().\n\nsyzkaller reported a use-after-free in geneve_find_dev() [0]\nwithout repro.\n\ngeneve_configure() links struct geneve_dev.next to\nnet_generic(net, geneve_net_id)-\u003egeneve_list.\n\nThe net here could differ from dev_net(dev) if IFLA_NET_NS_PID,\nIFLA_NET_NS_FD, or IFLA_TARGET_NETNSID is set.\n\nWhen dev_net(dev) is dismantled, geneve_exit_batch_rtnl() finally\ncalls unregister_netdevice_queue() for each dev in the netns,\nand later the dev is freed.\n\nHowever, its geneve_dev.next is still linked to the backend UDP\nsocket netns.\n\nThen, use-after-free will occur when another geneve dev is created\nin the netns.\n\nLet\u0027s call geneve_dellink() instead in geneve_destroy_tunnels().\n\n[0]:\nBUG: KASAN: slab-use-after-free in geneve_find_dev drivers/net/geneve.c:1295 [inline]\nBUG: KASAN: slab-use-after-free in geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\nRead of size 2 at addr ffff000054d6ee24 by task syz.1.4029/13441\n\nCPU: 1 UID: 0 PID: 13441 Comm: syz.1.4029 Not tainted 6.13.0-g0ad9617c78ac #24 dc35ca22c79fb82e8e7bc5c9c9adafea898b1e3d\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x38/0x50 arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xbc/0x108 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x16c/0x6f0 mm/kasan/report.c:489\n kasan_report+0xc0/0x120 mm/kasan/report.c:602\n __asan_report_load2_noabort+0x20/0x30 mm/kasan/report_generic.c:379\n geneve_find_dev drivers/net/geneve.c:1295 [inline]\n geneve_configure+0x234/0x858 drivers/net/geneve.c:1343\n geneve_newlink+0xb8/0x128 drivers/net/geneve.c:1634\n rtnl_newlink_create+0x23c/0x868 net/core/rtnetlink.c:3795\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x618/0x838 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x5fc/0x8b0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:713 [inline]\n __sock_sendmsg net/socket.c:728 [inline]\n ____sys_sendmsg+0x410/0x6f8 net/socket.c:2568\n ___sys_sendmsg+0x178/0x1d8 net/socket.c:2622\n __sys_sendmsg net/socket.c:2654 [inline]\n __do_sys_sendmsg net/socket.c:2659 [inline]\n __se_sys_sendmsg net/socket.c:2657 [inline]\n __arm64_sys_sendmsg+0x12c/0x1c8 net/socket.c:2657\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x90/0x278 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x13c/0x250 arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x54/0x70 arch/arm64/kernel/syscall.c:151\n el0_svc+0x4c/0xa8 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x78/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x1a0 arch/arm64/kernel/entry.S:600\n\nAllocated by task 13247:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x30/0x68 mm/kasan/common.c:68\n kasan_save_alloc_info+0x44/0x58 mm/kasan/generic.c:568\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x84/0xa0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4298 [inline]\n __kmalloc_node_noprof+0x2a0/0x560 mm/slub.c:4304\n __kvmalloc_node_noprof+0x9c/0x230 mm/util.c:645\n alloc_netdev_mqs+0xb8/0x11a0 net/core/dev.c:11470\n rtnl_create_link+0x2b8/0xb50 net/core/rtnetlink.c:3604\n rtnl_newlink_create+0x19c/0x868 net/core/rtnetlink.c:3780\n __rtnl_newlink net/core/rtnetlink.c:3906 [inline]\n rtnl_newlink+0x1054/0x1630 net/core/rtnetlink.c:4021\n rtnetlink_rcv_msg+0x61c/0x918 net/core/rtnetlink.c:6911\n netlink_rcv_skb+0x1dc/0x398 net/netlink/af_netlink.c:2543\n rtnetlink_rcv+0x34/0x50 net/core/rtnetlink.c:6938\n netlink_unicast_kernel net/netlink/af_n\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21858",
"url": "https://www.suse.com/security/cve/CVE-2025-21858"
},
{
"category": "external",
"summary": "SUSE Bug 1239468 for CVE-2025-21858",
"url": "https://bugzilla.suse.com/1239468"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21859"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: f_midi: f_midi_complete to call queue_work\n\nWhen using USB MIDI, a lock is attempted to be acquired twice through a\nre-entrant call to f_midi_transmit, causing a deadlock.\n\nFix it by using queue_work() to schedule the inner f_midi_transmit() via\na high priority work queue from the completion handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21859",
"url": "https://www.suse.com/security/cve/CVE-2025-21859"
},
{
"category": "external",
"summary": "SUSE Bug 1239467 for CVE-2025-21859",
"url": "https://bugzilla.suse.com/1239467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate_device: don\u0027t add folio to be freed to LRU in migrate_device_finalize()\n\nIf migration succeeded, we called\nfolio_migrate_flags()-\u003emem_cgroup_migrate() to migrate the memcg from the\nold to the new folio. This will set memcg_data of the old folio to 0.\n\nSimilarly, if migration failed, memcg_data of the dst folio is left unset.\n\nIf we call folio_putback_lru() on such folios (memcg_data == 0), we will\nadd the folio to be freed to the LRU, making memcg code unhappy. Running\nthe hmm selftests:\n\n # ./hmm-tests\n ...\n # RUN hmm.hmm_device_private.migrate ...\n [ 102.078007][T14893] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x7ff27d200 pfn:0x13cc00\n [ 102.079974][T14893] anon flags: 0x17ff00000020018(uptodate|dirty|swapbacked|node=0|zone=2|lastcpupid=0x7ff)\n [ 102.082037][T14893] raw: 017ff00000020018 dead000000000100 dead000000000122 ffff8881353896c9\n [ 102.083687][T14893] raw: 00000007ff27d200 0000000000000000 00000001ffffffff 0000000000000000\n [ 102.085331][T14893] page dumped because: VM_WARN_ON_ONCE_FOLIO(!memcg \u0026\u0026 !mem_cgroup_disabled())\n [ 102.087230][T14893] ------------[ cut here ]------------\n [ 102.088279][T14893] WARNING: CPU: 0 PID: 14893 at ./include/linux/memcontrol.h:726 folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.090478][T14893] Modules linked in:\n [ 102.091244][T14893] CPU: 0 UID: 0 PID: 14893 Comm: hmm-tests Not tainted 6.13.0-09623-g6c216bc522fd #151\n [ 102.093089][T14893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n [ 102.094848][T14893] RIP: 0010:folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.096104][T14893] Code: ...\n [ 102.099908][T14893] RSP: 0018:ffffc900236c37b0 EFLAGS: 00010293\n [ 102.101152][T14893] RAX: 0000000000000000 RBX: ffffea0004f30000 RCX: ffffffff8183f426\n [ 102.102684][T14893] RDX: ffff8881063cb880 RSI: ffffffff81b8117f RDI: ffff8881063cb880\n [ 102.104227][T14893] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000\n [ 102.105757][T14893] R10: 0000000000000001 R11: 0000000000000002 R12: ffffc900236c37d8\n [ 102.107296][T14893] R13: ffff888277a2bcb0 R14: 000000000000001f R15: 0000000000000000\n [ 102.108830][T14893] FS: 00007ff27dbdd740(0000) GS:ffff888277a00000(0000) knlGS:0000000000000000\n [ 102.110643][T14893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 102.111924][T14893] CR2: 00007ff27d400000 CR3: 000000010866e000 CR4: 0000000000750ef0\n [ 102.113478][T14893] PKRU: 55555554\n [ 102.114172][T14893] Call Trace:\n [ 102.114805][T14893] \u003cTASK\u003e\n [ 102.115397][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.116547][T14893] ? __warn.cold+0x110/0x210\n [ 102.117461][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.118667][T14893] ? report_bug+0x1b9/0x320\n [ 102.119571][T14893] ? handle_bug+0x54/0x90\n [ 102.120494][T14893] ? exc_invalid_op+0x17/0x50\n [ 102.121433][T14893] ? asm_exc_invalid_op+0x1a/0x20\n [ 102.122435][T14893] ? __wake_up_klogd.part.0+0x76/0xd0\n [ 102.123506][T14893] ? dump_page+0x4f/0x60\n [ 102.124352][T14893] ? folio_lruvec_lock_irqsave+0x10e/0x170\n [ 102.125500][T14893] folio_batch_move_lru+0xd4/0x200\n [ 102.126577][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.127505][T14893] __folio_batch_add_and_move+0x391/0x720\n [ 102.128633][T14893] ? __pfx_lru_add+0x10/0x10\n [ 102.129550][T14893] folio_putback_lru+0x16/0x80\n [ 102.130564][T14893] migrate_device_finalize+0x9b/0x530\n [ 102.131640][T14893] dmirror_migrate_to_device.constprop.0+0x7c5/0xad0\n [ 102.133047][T14893] dmirror_fops_unlocked_ioctl+0x89b/0xc80\n\nLikely, nothing else goes wrong: putting the last folio reference will\nremove the folio from the LRU again. So besides memcg complaining, adding\nthe folio to be freed to the LRU is just an unnecessary step.\n\nThe new flow resembles what we have in migrate_folio_move(): add the dst\nto the lru, rem\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21861",
"url": "https://www.suse.com/security/cve/CVE-2025-21861"
},
{
"category": "external",
"summary": "SUSE Bug 1239483 for CVE-2025-21861",
"url": "https://bugzilla.suse.com/1239483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrop_monitor: fix incorrect initialization order\n\nSyzkaller reports the following bug:\n\nBUG: spinlock bad magic on CPU#1, syz-executor.0/7995\n lock: 0xffff88805303f3e0, .magic: 00000000, .owner: \u003cnone\u003e/-1, .owner_cpu: 0\nCPU: 1 PID: 7995 Comm: syz-executor.0 Tainted: G E 5.10.209+ #1\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nCall Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x119/0x179 lib/dump_stack.c:118\n debug_spin_lock_before kernel/locking/spinlock_debug.c:83 [inline]\n do_raw_spin_lock+0x1f6/0x270 kernel/locking/spinlock_debug.c:112\n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]\n _raw_spin_lock_irqsave+0x50/0x70 kernel/locking/spinlock.c:159\n reset_per_cpu_data+0xe6/0x240 [drop_monitor]\n net_dm_cmd_trace+0x43d/0x17a0 [drop_monitor]\n genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2497\n genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x914/0xe00 net/netlink/af_netlink.c:1916\n sock_sendmsg_nosec net/socket.c:651 [inline]\n __sock_sendmsg+0x157/0x190 net/socket.c:663\n ____sys_sendmsg+0x712/0x870 net/socket.c:2378\n ___sys_sendmsg+0xf8/0x170 net/socket.c:2432\n __sys_sendmsg+0xea/0x1b0 net/socket.c:2461\n do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\nRIP: 0033:0x7f3f9815aee9\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f3f972bf0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f3f9826d050 RCX: 00007f3f9815aee9\nRDX: 0000000020000000 RSI: 0000000020001300 RDI: 0000000000000007\nRBP: 00007f3f981b63bd R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000006e R14: 00007f3f9826d050 R15: 00007ffe01ee6768\n\nIf drop_monitor is built as a kernel module, syzkaller may have time\nto send a netlink NET_DM_CMD_START message during the module loading.\nThis will call the net_dm_monitor_start() function that uses\na spinlock that has not yet been initialized.\n\nTo fix this, let\u0027s place resource initialization above the registration\nof a generic netlink family.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21862",
"url": "https://www.suse.com/security/cve/CVE-2025-21862"
},
{
"category": "external",
"summary": "SUSE Bug 1239474 for CVE-2025-21862",
"url": "https://bugzilla.suse.com/1239474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: prevent opcode speculation\n\nsqe-\u003eopcode is used for different tables, make sure we santitise it\nagainst speculations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21863",
"url": "https://www.suse.com/security/cve/CVE-2025-21863"
},
{
"category": "external",
"summary": "SUSE Bug 1239475 for CVE-2025-21863",
"url": "https://bugzilla.suse.com/1239475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21863"
},
{
"cve": "CVE-2025-21864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: drop secpath at the same time as we currently drop dst\n\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\nrunning tests that boil down to:\n - create a pair of netns\n - run a basic TCP test over ipcomp6\n - delete the pair of netns\n\nThe xfrm_state found on spi_byaddr was not deleted at the time we\ndelete the netns, because we still have a reference on it. This\nlingering reference comes from a secpath (which holds a ref on the\nxfrm_state), which is still attached to an skb. This skb is not\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\nskb_attempt_defer_free.\n\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\nthat case, we still have a reference on the xfrm_state that we don\u0027t\nexpect at this point.\n\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\nlonger needed, so let\u0027s also drop the secpath. At this point,\ntcp_filter has already called into the LSM hooks that may require the\nsecpath, so it should not be needed anymore. However, in some of those\nplaces, the MPTCP extension has just been attached to the skb, so we\ncannot simply drop all extensions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21864",
"url": "https://www.suse.com/security/cve/CVE-2025-21864"
},
{
"category": "external",
"summary": "SUSE Bug 1239482 for CVE-2025-21864",
"url": "https://bugzilla.suse.com/1239482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl().\n\nBrad Spengler reported the list_del() corruption splat in\ngtp_net_exit_batch_rtnl(). [0]\n\nCommit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns\ndismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl()\nto destroy devices in each netns as done in geneve and ip tunnels.\n\nHowever, this could trigger -\u003edellink() twice for the same device during\n-\u003eexit_batch_rtnl().\n\nSay we have two netns A \u0026 B and gtp device B that resides in netns B but\nwhose UDP socket is in netns A.\n\n 1. cleanup_net() processes netns A and then B.\n\n 2. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns A\u0027s gn-\u003egtp_dev_list and calls -\u003edellink().\n\n [ device B is not yet unlinked from netns B\n as unregister_netdevice_many() has not been called. ]\n\n 3. gtp_net_exit_batch_rtnl() finds the device B while iterating\n netns B\u0027s for_each_netdev() and calls -\u003edellink().\n\ngtp_dellink() cleans up the device\u0027s hash table, unlinks the dev from\ngn-\u003egtp_dev_list, and calls unregister_netdevice_queue().\n\nBasically, calling gtp_dellink() multiple times is fine unless\nCONFIG_DEBUG_LIST is enabled.\n\nLet\u0027s remove for_each_netdev() in gtp_net_exit_batch_rtnl() and\ndelegate the destruction to default_device_exit_batch() as done\nin bareudp.\n\n[0]:\nlist_del corruption, ffff8880aaa62c00-\u003enext (autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]) is LIST_POISON1 (ffffffffffffff02) (prev is 0xffffffffffffff04)\nkernel BUG at lib/list_debug.c:58!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 UID: 0 PID: 1804 Comm: kworker/u8:7 Tainted: G T 6.12.13-grsec-full-20250211091339 #1\nTainted: [T]=RANDSTRUCT\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nWorkqueue: netns cleanup_net\nRIP: 0010:[\u003cffffffff84947381\u003e] __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nCode: c2 76 91 31 c0 e8 9f b1 f7 fc 0f 0b 4d 89 f0 48 c7 c1 02 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 e0 c2 76 91 31 c0 e8 7f b1 f7 fc \u003c0f\u003e 0b 4d 89 e8 48 c7 c1 04 ff ff ff 48 89 ea 48 89 ee 48 c7 c7 60\nRSP: 0018:fffffe8040b4fbd0 EFLAGS: 00010283\nRAX: 00000000000000cc RBX: dffffc0000000000 RCX: ffffffff818c4054\nRDX: ffffffff84947381 RSI: ffffffff818d1512 RDI: 0000000000000000\nRBP: ffff8880aaa62c00 R08: 0000000000000001 R09: fffffbd008169f32\nR10: fffffe8040b4f997 R11: 0000000000000001 R12: a1988d84f24943e4\nR13: ffffffffffffff02 R14: ffffffffffffff04 R15: ffff8880aaa62c08\nRBX: kasan shadow of 0x0\nRCX: __wake_up_klogd.part.0+0x74/0xe0 kernel/printk/printk.c:4554\nRDX: __list_del_entry_valid_or_report+0x141/0x200 lib/list_debug.c:58\nRSI: vprintk+0x72/0x100 kernel/printk/printk_safe.c:71\nRBP: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc00/0x1000 [slab object]\nRSP: process kstack fffffe8040b4fbd0+0x7bd0/0x8000 [kworker/u8:7+netns 1804 ]\nR09: kasan shadow of process kstack fffffe8040b4f990+0x7990/0x8000 [kworker/u8:7+netns 1804 ]\nR10: process kstack fffffe8040b4f997+0x7997/0x8000 [kworker/u8:7+netns 1804 ]\nR15: autoslab_size_M_dev_P_net_core_dev_11127_8_1328_8_S_4096_A_64_n_139+0xc08/0x1000 [slab object]\nFS: 0000000000000000(0000) GS:ffff888116000000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000748f5372c000 CR3: 0000000015408000 CR4: 00000000003406f0 shadow CR4: 00000000003406f0\nStack:\n 0000000000000000 ffffffff8a0c35e7 ffffffff8a0c3603 ffff8880aaa62c00\n ffff8880aaa62c00 0000000000000004 ffff88811145311c 0000000000000005\n 0000000000000001 ffff8880aaa62000 fffffe8040b4fd40 ffffffff8a0c360d\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff8a0c360d\u003e] __list_del_entry_valid include/linux/list.h:131 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] __list_del_entry include/linux/list.h:248 [inline] fffffe8040b4fc28\n [\u003cffffffff8a0c360d\u003e] list_del include/linux/list.h:262 [inl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21865",
"url": "https://www.suse.com/security/cve/CVE-2025-21865"
},
{
"category": "external",
"summary": "SUSE Bug 1239481 for CVE-2025-21865",
"url": "https://bugzilla.suse.com/1239481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC\n\nErhard reported the following KASAN hit while booting his PowerMac G4\nwith a KASAN-enabled kernel 6.13-rc6:\n\n BUG: KASAN: vmalloc-out-of-bounds in copy_to_kernel_nofault+0xd8/0x1c8\n Write of size 8 at addr f1000000 by task chronyd/1293\n\n CPU: 0 UID: 123 PID: 1293 Comm: chronyd Tainted: G W 6.13.0-rc6-PMacG4 #2\n Tainted: [W]=WARN\n Hardware name: PowerMac3,6 7455 0x80010303 PowerMac\n Call Trace:\n [c2437590] [c1631a84] dump_stack_lvl+0x70/0x8c (unreliable)\n [c24375b0] [c0504998] print_report+0xdc/0x504\n [c2437610] [c050475c] kasan_report+0xf8/0x108\n [c2437690] [c0505a3c] kasan_check_range+0x24/0x18c\n [c24376a0] [c03fb5e4] copy_to_kernel_nofault+0xd8/0x1c8\n [c24376c0] [c004c014] patch_instructions+0x15c/0x16c\n [c2437710] [c00731a8] bpf_arch_text_copy+0x60/0x7c\n [c2437730] [c0281168] bpf_jit_binary_pack_finalize+0x50/0xac\n [c2437750] [c0073cf4] bpf_int_jit_compile+0xb30/0xdec\n [c2437880] [c0280394] bpf_prog_select_runtime+0x15c/0x478\n [c24378d0] [c1263428] bpf_prepare_filter+0xbf8/0xc14\n [c2437990] [c12677ec] bpf_prog_create_from_user+0x258/0x2b4\n [c24379d0] [c027111c] do_seccomp+0x3dc/0x1890\n [c2437ac0] [c001d8e0] system_call_exception+0x2dc/0x420\n [c2437f30] [c00281ac] ret_from_syscall+0x0/0x2c\n --- interrupt: c00 at 0x5a1274\n NIP: 005a1274 LR: 006a3b3c CTR: 005296c8\n REGS: c2437f40 TRAP: 0c00 Tainted: G W (6.13.0-rc6-PMacG4)\n MSR: 0200f932 \u003cVEC,EE,PR,FP,ME,IR,DR,RI\u003e CR: 24004422 XER: 00000000\n\n GPR00: 00000166 af8f3fa0 a7ee3540 00000001 00000000 013b6500 005a5858 0200f932\n GPR08: 00000000 00001fe9 013d5fc8 005296c8 2822244c 00b2fcd8 00000000 af8f4b57\n GPR16: 00000000 00000001 00000000 00000000 00000000 00000001 00000000 00000002\n GPR24: 00afdbb0 00000000 00000000 00000000 006e0004 013ce060 006e7c1c 00000001\n NIP [005a1274] 0x5a1274\n LR [006a3b3c] 0x6a3b3c\n --- interrupt: c00\n\n The buggy address belongs to the virtual mapping at\n [f1000000, f1002000) created by:\n text_area_cpu_up+0x20/0x190\n\n The buggy address belongs to the physical page:\n page: refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x76e30\n flags: 0x80000000(zone=2)\n raw: 80000000 00000000 00000122 00000000 00000000 00000000 ffffffff 00000001\n raw: 00000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n f0ffff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n f0ffff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003ef1000000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ^\n f1000080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n f1000100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8\n ==================================================================\n\nf8 corresponds to KASAN_VMALLOC_INVALID which means the area is not\ninitialised hence not supposed to be used yet.\n\nPowerpc text patching infrastructure allocates a virtual memory area\nusing get_vm_area() and flags it as VM_ALLOC. But that flag is meant\nto be used for vmalloc() and vmalloc() allocated memory is not\nsupposed to be used before a call to __vmalloc_node_range() which is\nnever called for that area.\n\nThat went undetected until commit e4137f08816b (\"mm, kasan, kmsan:\ninstrument copy_from/to_kernel_nofault\")\n\nThe area allocated by text_area_cpu_up() is not vmalloc memory, it is\nmapped directly on demand when needed by map_kernel_page(). There is\nno VM flag corresponding to such usage, so just pass no flag. That way\nthe area will be unpoisonned and usable immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21866",
"url": "https://www.suse.com/security/cve/CVE-2025-21866"
},
{
"category": "external",
"summary": "SUSE Bug 1239473 for CVE-2025-21866",
"url": "https://bugzilla.suse.com/1239473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, test_run: Fix use-after-free issue in eth_skb_pkt_type()\n\nKMSAN reported a use-after-free issue in eth_skb_pkt_type()[1]. The\ncause of the issue was that eth_skb_pkt_type() accessed skb\u0027s data\nthat didn\u0027t contain an Ethernet header. This occurs when\nbpf_prog_test_run_xdp() passes an invalid value as the user_data\nargument to bpf_test_init().\n\nFix this by returning an error when user_data is less than ETH_HLEN in\nbpf_test_init(). Additionally, remove the check for \"if (user_size \u003e\nsize)\" as it is unnecessary.\n\n[1]\nBUG: KMSAN: use-after-free in eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\nBUG: KMSAN: use-after-free in eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n eth_skb_pkt_type include/linux/etherdevice.h:627 [inline]\n eth_type_trans+0x4ee/0x980 net/ethernet/eth.c:165\n __xdp_build_skb_from_frame+0x5a8/0xa50 net/core/xdp.c:635\n xdp_recv_frames net/bpf/test_run.c:272 [inline]\n xdp_test_run_batch net/bpf/test_run.c:361 [inline]\n bpf_test_run_xdp_live+0x2954/0x3330 net/bpf/test_run.c:390\n bpf_prog_test_run_xdp+0x148e/0x1b10 net/bpf/test_run.c:1318\n bpf_prog_test_run+0x5b7/0xa30 kernel/bpf/syscall.c:4371\n __sys_bpf+0x6a6/0xe20 kernel/bpf/syscall.c:5777\n __do_sys_bpf kernel/bpf/syscall.c:5866 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5864 [inline]\n __x64_sys_bpf+0xa4/0xf0 kernel/bpf/syscall.c:5864\n x64_sys_call+0x2ea0/0x3d90 arch/x86/include/generated/asm/syscalls_64.h:322\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd9/0x1d0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1056 [inline]\n free_unref_page+0x156/0x1320 mm/page_alloc.c:2657\n __free_pages+0xa3/0x1b0 mm/page_alloc.c:4838\n bpf_ringbuf_free kernel/bpf/ringbuf.c:226 [inline]\n ringbuf_map_free+0xff/0x1e0 kernel/bpf/ringbuf.c:235\n bpf_map_free kernel/bpf/syscall.c:838 [inline]\n bpf_map_free_deferred+0x17c/0x310 kernel/bpf/syscall.c:862\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa2b/0x1b60 kernel/workqueue.c:3310\n worker_thread+0xedf/0x1550 kernel/workqueue.c:3391\n kthread+0x535/0x6b0 kernel/kthread.c:389\n ret_from_fork+0x6e/0x90 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nCPU: 1 UID: 0 PID: 17276 Comm: syz.1.16450 Not tainted 6.12.0-05490-g9bb88c659673 #8\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-3.fc41 04/01/2014",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21867",
"url": "https://www.suse.com/security/cve/CVE-2025-21867"
},
{
"category": "external",
"summary": "SUSE Bug 1240181 for CVE-2025-21867",
"url": "https://bugzilla.suse.com/1240181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21867"
},
{
"cve": "CVE-2025-21869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/code-patching: Disable KASAN report during patching via temporary mm\n\nErhard reports the following KASAN hit on Talos II (power9) with kernel 6.13:\n\n[ 12.028126] ==================================================================\n[ 12.028198] BUG: KASAN: user-memory-access in copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028260] Write of size 8 at addr 0000187e458f2000 by task systemd/1\n\n[ 12.028346] CPU: 87 UID: 0 PID: 1 Comm: systemd Tainted: G T 6.13.0-P9-dirty #3\n[ 12.028408] Tainted: [T]=RANDSTRUCT\n[ 12.028446] Hardware name: T2P9D01 REV 1.01 POWER9 0x4e1202 opal:skiboot-bc106a0 PowerNV\n[ 12.028500] Call Trace:\n[ 12.028536] [c000000008dbf3b0] [c000000001656a48] dump_stack_lvl+0xbc/0x110 (unreliable)\n[ 12.028609] [c000000008dbf3f0] [c0000000006e2fc8] print_report+0x6b0/0x708\n[ 12.028666] [c000000008dbf4e0] [c0000000006e2454] kasan_report+0x164/0x300\n[ 12.028725] [c000000008dbf600] [c0000000006e54d4] kasan_check_range+0x314/0x370\n[ 12.028784] [c000000008dbf640] [c0000000006e6310] __kasan_check_write+0x20/0x40\n[ 12.028842] [c000000008dbf660] [c000000000578e8c] copy_to_kernel_nofault+0x8c/0x1a0\n[ 12.028902] [c000000008dbf6a0] [c0000000000acfe4] __patch_instructions+0x194/0x210\n[ 12.028965] [c000000008dbf6e0] [c0000000000ade80] patch_instructions+0x150/0x590\n[ 12.029026] [c000000008dbf7c0] [c0000000001159bc] bpf_arch_text_copy+0x6c/0xe0\n[ 12.029085] [c000000008dbf800] [c000000000424250] bpf_jit_binary_pack_finalize+0x40/0xc0\n[ 12.029147] [c000000008dbf830] [c000000000115dec] bpf_int_jit_compile+0x3bc/0x930\n[ 12.029206] [c000000008dbf990] [c000000000423720] bpf_prog_select_runtime+0x1f0/0x280\n[ 12.029266] [c000000008dbfa00] [c000000000434b18] bpf_prog_load+0xbb8/0x1370\n[ 12.029324] [c000000008dbfb70] [c000000000436ebc] __sys_bpf+0x5ac/0x2e00\n[ 12.029379] [c000000008dbfd00] [c00000000043a228] sys_bpf+0x28/0x40\n[ 12.029435] [c000000008dbfd20] [c000000000038eb4] system_call_exception+0x334/0x610\n[ 12.029497] [c000000008dbfe50] [c00000000000c270] system_call_vectored_common+0xf0/0x280\n[ 12.029561] --- interrupt: 3000 at 0x3fff82f5cfa8\n[ 12.029608] NIP: 00003fff82f5cfa8 LR: 00003fff82f5cfa8 CTR: 0000000000000000\n[ 12.029660] REGS: c000000008dbfe80 TRAP: 3000 Tainted: G T (6.13.0-P9-dirty)\n[ 12.029735] MSR: 900000000280f032 \u003cSF,HV,VEC,VSX,EE,PR,FP,ME,IR,DR,RI\u003e CR: 42004848 XER: 00000000\n[ 12.029855] IRQMASK: 0\n GPR00: 0000000000000169 00003fffdcf789a0 00003fff83067100 0000000000000005\n GPR04: 00003fffdcf78a98 0000000000000090 0000000000000000 0000000000000008\n GPR08: 0000000000000000 0000000000000000 0000000000000000 0000000000000000\n GPR12: 0000000000000000 00003fff836ff7e0 c000000000010678 0000000000000000\n GPR16: 0000000000000000 0000000000000000 00003fffdcf78f28 00003fffdcf78f90\n GPR20: 0000000000000000 0000000000000000 0000000000000000 00003fffdcf78f80\n GPR24: 00003fffdcf78f70 00003fffdcf78d10 00003fff835c7239 00003fffdcf78bd8\n GPR28: 00003fffdcf78a98 0000000000000000 0000000000000000 000000011f547580\n[ 12.030316] NIP [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030361] LR [00003fff82f5cfa8] 0x3fff82f5cfa8\n[ 12.030405] --- interrupt: 3000\n[ 12.030444] ==================================================================\n\nCommit c28c15b6d28a (\"powerpc/code-patching: Use temporary mm for\nRadix MMU\") is inspired from x86 but unlike x86 is doesn\u0027t disable\nKASAN reports during patching. This wasn\u0027t a problem at the begining\nbecause __patch_mem() is not instrumented.\n\nCommit 465cabc97b42 (\"powerpc/code-patching: introduce\npatch_instructions()\") use copy_to_kernel_nofault() to copy several\ninstructions at once. But when using temporary mm the destination is\nnot regular kernel memory but a kind of kernel-like memory located\nin user address space. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21869",
"url": "https://www.suse.com/security/cve/CVE-2025-21869"
},
{
"category": "external",
"summary": "SUSE Bug 1240182 for CVE-2025-21869",
"url": "https://bugzilla.suse.com/1240182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers\n\nOther, non DAI copier widgets could have the same stream name (sname) as\nthe ALH copier and in that case the copier-\u003edata is NULL, no alh_data is\nattached, which could lead to NULL pointer dereference.\nWe could check for this NULL pointer in sof_ipc4_prepare_copier_module()\nand avoid the crash, but a similar loop in sof_ipc4_widget_setup_comp_dai()\nwill miscalculate the ALH device count, causing broken audio.\n\nThe correct fix is to harden the matching logic by making sure that the\n1. widget is a DAI widget - so dai = w-\u003eprivate is valid\n2. the dai (and thus the copier) is ALH copier",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21870",
"url": "https://www.suse.com/security/cve/CVE-2025-21870"
},
{
"category": "external",
"summary": "SUSE Bug 1240191 for CVE-2025-21870",
"url": "https://bugzilla.suse.com/1240191"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: optee: Fix supplicant wait loop\n\nOP-TEE supplicant is a user-space daemon and it\u0027s possible for it\nbe hung or crashed or killed in the middle of processing an OP-TEE\nRPC call. It becomes more complicated when there is incorrect shutdown\nordering of the supplicant process vs the OP-TEE client application which\ncan eventually lead to system hang-up waiting for the closure of the\nclient application.\n\nAllow the client process waiting in kernel for supplicant response to\nbe killed rather than indefinitely waiting in an unkillable state. Also,\na normal uninterruptible wait should not have resulted in the hung-task\nwatchdog getting triggered, but the endless loop would.\n\nThis fixes issues observed during system reboot/shutdown when supplicant\ngot hung for some reason or gets crashed/killed which lead to client\ngetting hung in an unkillable state. It in turn lead to system being in\nhung up state requiring hard power off/on to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21871",
"url": "https://www.suse.com/security/cve/CVE-2025-21871"
},
{
"category": "external",
"summary": "SUSE Bug 1240183 for CVE-2025-21871",
"url": "https://bugzilla.suse.com/1240183"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ufs: core: bsg: Fix crash when arpmb command fails\n\nIf the device doesn\u0027t support arpmb we\u0027ll crash due to copying user data in\nbsg_transport_sg_io_fn().\n\nIn the case where ufs_bsg_exec_advanced_rpmb_req() returns an error, do not\nset the job\u0027s reply_len.\n\nMemory crash backtrace:\n3,1290,531166405,-;ufshcd 0000:00:12.5: ARPMB OP failed: error code -22\n\n4,1308,531166555,-;Call Trace:\n\n4,1309,531166559,-; \u003cTASK\u003e\n\n4,1310,531166565,-; ? show_regs+0x6d/0x80\n\n4,1311,531166575,-; ? die+0x37/0xa0\n\n4,1312,531166583,-; ? do_trap+0xd4/0xf0\n\n4,1313,531166593,-; ? do_error_trap+0x71/0xb0\n\n4,1314,531166601,-; ? usercopy_abort+0x6c/0x80\n\n4,1315,531166610,-; ? exc_invalid_op+0x52/0x80\n\n4,1316,531166622,-; ? usercopy_abort+0x6c/0x80\n\n4,1317,531166630,-; ? asm_exc_invalid_op+0x1b/0x20\n\n4,1318,531166643,-; ? usercopy_abort+0x6c/0x80\n\n4,1319,531166652,-; __check_heap_object+0xe3/0x120\n\n4,1320,531166661,-; check_heap_object+0x185/0x1d0\n\n4,1321,531166670,-; __check_object_size.part.0+0x72/0x150\n\n4,1322,531166679,-; __check_object_size+0x23/0x30\n\n4,1323,531166688,-; bsg_transport_sg_io_fn+0x314/0x3b0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21873",
"url": "https://www.suse.com/security/cve/CVE-2025-21873"
},
{
"category": "external",
"summary": "SUSE Bug 1240184 for CVE-2025-21873",
"url": "https://bugzilla.suse.com/1240184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21873"
},
{
"cve": "CVE-2025-21875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: always handle address removal under msk socket lock\n\nSyzkaller reported a lockdep splat in the PM control path:\n\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Modules linked in:\n CPU: 0 UID: 0 PID: 6693 Comm: syz.0.205 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0\n Hardware name: Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024\n RIP: 0010:sock_owned_by_me include/net/sock.h:1711 [inline]\n RIP: 0010:msk_owned_by_me net/mptcp/protocol.h:363 [inline]\n RIP: 0010:mptcp_pm_nl_addr_send_ack+0x57c/0x610 net/mptcp/pm_netlink.c:788\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 ca 7b d3 f5 eb b9 e8 c3 7b d3 f5 90 0f 0b 90 e9 dd fb ff ff e8 b5 7b d3 f5 90 \u003c0f\u003e 0b 90 e9 3e fb ff ff 44 89 f1 80 e1 07 38 c1 0f 8c eb fb ff ff\n RSP: 0000:ffffc900034f6f60 EFLAGS: 00010283\n RAX: ffffffff8bee3c2b RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc90004d42000 RSI: 000000000000a407 RDI: 000000000000a408\n RBP: ffffc900034f7030 R08: ffffffff8bee37f6 R09: 0100000000000000\n R10: dffffc0000000000 R11: ffffed100bcc62e4 R12: ffff88805e6316e0\n R13: ffff88805e630c00 R14: dffffc0000000000 R15: ffff88805e630c00\n FS: 00007f7e9a7e96c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000001b2fd18ff8 CR3: 0000000032c24000 CR4: 00000000003526f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_remove_addr+0x103/0x1d0 net/mptcp/pm.c:59\n mptcp_pm_remove_anno_addr+0x1f4/0x2f0 net/mptcp/pm_netlink.c:1486\n mptcp_nl_remove_subflow_and_signal_addr net/mptcp/pm_netlink.c:1518 [inline]\n mptcp_pm_nl_del_addr_doit+0x118d/0x1af0 net/mptcp/pm_netlink.c:1629\n genl_family_rcv_msg_doit net/netlink/genetlink.c:1115 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0xb1f/0xec0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x206/0x480 net/netlink/af_netlink.c:2543\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1322 [inline]\n netlink_unicast+0x7f6/0x990 net/netlink/af_netlink.c:1348\n netlink_sendmsg+0x8de/0xcb0 net/netlink/af_netlink.c:1892\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:733\n ____sys_sendmsg+0x53a/0x860 net/socket.c:2573\n ___sys_sendmsg net/socket.c:2627 [inline]\n __sys_sendmsg+0x269/0x350 net/socket.c:2659\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f7e9998cde9\n Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f7e9a7e9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007f7e99ba5fa0 RCX: 00007f7e9998cde9\n RDX: 000000002000c094 RSI: 0000400000000000 RDI: 0000000000000007\n RBP: 00007f7e99a0e2a0 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f7e99ba5fa0 R15: 00007fff49231088\n\nIndeed the PM can try to send a RM_ADDR over a msk without acquiring\nfirst the msk socket lock.\n\nThe bugged code-path comes from an early optimization: when there\nare no subflows, the PM should (usually) not send RM_ADDR\nnotifications.\n\nThe above statement is incorrect, as without locks another process\ncould concur\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21875",
"url": "https://www.suse.com/security/cve/CVE-2025-21875"
},
{
"category": "external",
"summary": "SUSE Bug 1240168 for CVE-2025-21875",
"url": "https://bugzilla.suse.com/1240168"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21875"
},
{
"cve": "CVE-2025-21876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix suspicious RCU usage\n\nCommit \u003cd74169ceb0d2\u003e (\"iommu/vt-d: Allocate DMAR fault interrupts\nlocally\") moved the call to enable_drhd_fault_handling() to a code\npath that does not hold any lock while traversing the drhd list. Fix\nit by ensuring the dmar_global_lock lock is held when traversing the\ndrhd list.\n\nWithout this fix, the following warning is triggered:\n =============================\n WARNING: suspicious RCU usage\n 6.14.0-rc3 #55 Not tainted\n -----------------------------\n drivers/iommu/intel/dmar.c:2046 RCU-list traversed in non-reader section!!\n other info that might help us debug this:\n rcu_scheduler_active = 1, debug_locks = 1\n 2 locks held by cpuhp/1/23:\n #0: ffffffff84a67c50 (cpu_hotplug_lock){++++}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n #1: ffffffff84a6a380 (cpuhp_state-up){+.+.}-{0:0}, at: cpuhp_thread_fun+0x87/0x2c0\n stack backtrace:\n CPU: 1 UID: 0 PID: 23 Comm: cpuhp/1 Not tainted 6.14.0-rc3 #55\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xb7/0xd0\n lockdep_rcu_suspicious+0x159/0x1f0\n ? __pfx_enable_drhd_fault_handling+0x10/0x10\n enable_drhd_fault_handling+0x151/0x180\n cpuhp_invoke_callback+0x1df/0x990\n cpuhp_thread_fun+0x1ea/0x2c0\n smpboot_thread_fn+0x1f5/0x2e0\n ? __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x12a/0x2d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x4a/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nHolding the lock in enable_drhd_fault_handling() triggers a lockdep splat\nabout a possible deadlock between dmar_global_lock and cpu_hotplug_lock.\nThis is avoided by not holding dmar_global_lock when calling\niommu_device_register(), which initiates the device probe process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21876",
"url": "https://www.suse.com/security/cve/CVE-2025-21876"
},
{
"category": "external",
"summary": "SUSE Bug 1240179 for CVE-2025-21876",
"url": "https://bugzilla.suse.com/1240179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet: gl620a: fix endpoint checking in genelink_bind()\n\nSyzbot reports [1] a warning in usb_submit_urb() triggered by\ninconsistencies between expected and actually present endpoints\nin gl620a driver. Since genelink_bind() does not properly\nverify whether specified eps are in fact provided by the device,\nin this case, an artificially manufactured one, one may get a\nmismatch.\n\nFix the issue by resorting to a usbnet utility function\nusbnet_get_endpoints(), usually reserved for this very problem.\nCheck for endpoints and return early before proceeding further if\nany are missing.\n\n[1] Syzbot report:\nusb 5-1: Manufacturer: syz\nusb 5-1: SerialNumber: syz\nusb 5-1: config 0 descriptor??\ngl620a 5-1:0.23 usb0: register \u0027gl620a\u0027 at usb-dummy_hcd.0-1, ...\n------------[ cut here ]------------\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 2 PID: 1841 at drivers/usb/core/urb.c:503 usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\nModules linked in:\nCPU: 2 UID: 0 PID: 1841 Comm: kworker/2:2 Not tainted 6.12.0-syzkaller-07834-g06afb0f36106 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xe4b/0x1730 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0x6be/0x2780 drivers/net/usb/usbnet.c:1467\n __netdev_start_xmit include/linux/netdevice.h:5002 [inline]\n netdev_start_xmit include/linux/netdevice.h:5011 [inline]\n xmit_one net/core/dev.c:3590 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3606\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:3827 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4400\n dev_queue_xmit include/linux/netdevice.h:3168 [inline]\n neigh_resolve_output net/core/neighbour.c:1514 [inline]\n neigh_resolve_output+0x5bc/0x950 net/core/neighbour.c:1494\n neigh_output include/net/neighbour.h:539 [inline]\n ip6_finish_output2+0xb1b/0x2070 net/ipv6/ip6_output.c:141\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\n ip6_finish_output+0x3f9/0x1360 net/ipv6/ip6_output.c:226\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\n ip6_output+0x1f8/0x540 net/ipv6/ip6_output.c:247\n dst_output include/net/dst.h:450 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n NF_HOOK include/linux/netfilter.h:308 [inline]\n mld_sendpack+0x9f0/0x11d0 net/ipv6/mcast.c:1819\n mld_send_cr net/ipv6/mcast.c:2120 [inline]\n mld_ifc_work+0x740/0xca0 net/ipv6/mcast.c:2651\n process_one_work+0x9c5/0x1ba0 kernel/workqueue.c:3229\n process_scheduled_works kernel/workqueue.c:3310 [inline]\n worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391\n kthread+0x2c1/0x3a0 kernel/kthread.c:389\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21877",
"url": "https://www.suse.com/security/cve/CVE-2025-21877"
},
{
"category": "external",
"summary": "SUSE Bug 1240172 for CVE-2025-21877",
"url": "https://bugzilla.suse.com/1240172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: npcm: disable interrupt enable bit before devm_request_irq\n\nThe customer reports that there is a soft lockup issue related to\nthe i2c driver. After checking, the i2c module was doing a tx transfer\nand the bmc machine reboots in the middle of the i2c transaction, the i2c\nmodule keeps the status without being reset.\n\nDue to such an i2c module status, the i2c irq handler keeps getting\ntriggered since the i2c irq handler is registered in the kernel booting\nprocess after the bmc machine is doing a warm rebooting.\nThe continuous triggering is stopped by the soft lockup watchdog timer.\n\nDisable the interrupt enable bit in the i2c module before calling\ndevm_request_irq to fix this issue since the i2c relative status bit\nis read-only.\n\nHere is the soft lockup log.\n[ 28.176395] watchdog: BUG: soft lockup - CPU#0 stuck for 26s! [swapper/0:1]\n[ 28.183351] Modules linked in:\n[ 28.186407] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.15.120-yocto-s-dirty-bbebc78 #1\n[ 28.201174] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 28.208128] pc : __do_softirq+0xb0/0x368\n[ 28.212055] lr : __do_softirq+0x70/0x368\n[ 28.215972] sp : ffffff8035ebca00\n[ 28.219278] x29: ffffff8035ebca00 x28: 0000000000000002 x27: ffffff80071a3780\n[ 28.226412] x26: ffffffc008bdc000 x25: ffffffc008bcc640 x24: ffffffc008be50c0\n[ 28.233546] x23: ffffffc00800200c x22: 0000000000000000 x21: 000000000000001b\n[ 28.240679] x20: 0000000000000000 x19: ffffff80001c3200 x18: ffffffffffffffff\n[ 28.247812] x17: ffffffc02d2e0000 x16: ffffff8035eb8b40 x15: 00001e8480000000\n[ 28.254945] x14: 02c3647e37dbfcb6 x13: 02c364f2ab14200c x12: 0000000002c364f2\n[ 28.262078] x11: 00000000fa83b2da x10: 000000000000b67e x9 : ffffffc008010250\n[ 28.269211] x8 : 000000009d983d00 x7 : 7fffffffffffffff x6 : 0000036d74732434\n[ 28.276344] x5 : 00ffffffffffffff x4 : 0000000000000015 x3 : 0000000000000198\n[ 28.283476] x2 : ffffffc02d2e0000 x1 : 00000000000000e0 x0 : ffffffc008bdcb40\n[ 28.290611] Call trace:\n[ 28.293052] __do_softirq+0xb0/0x368\n[ 28.296625] __irq_exit_rcu+0xe0/0x100\n[ 28.300374] irq_exit+0x14/0x20\n[ 28.303513] handle_domain_irq+0x68/0x90\n[ 28.307440] gic_handle_irq+0x78/0xb0\n[ 28.311098] call_on_irq_stack+0x20/0x38\n[ 28.315019] do_interrupt_handler+0x54/0x5c\n[ 28.319199] el1_interrupt+0x2c/0x4c\n[ 28.322777] el1h_64_irq_handler+0x14/0x20\n[ 28.326872] el1h_64_irq+0x74/0x78\n[ 28.330269] __setup_irq+0x454/0x780\n[ 28.333841] request_threaded_irq+0xd0/0x1b4\n[ 28.338107] devm_request_threaded_irq+0x84/0x100\n[ 28.342809] npcm_i2c_probe_bus+0x188/0x3d0\n[ 28.346990] platform_probe+0x6c/0xc4\n[ 28.350653] really_probe+0xcc/0x45c\n[ 28.354227] __driver_probe_device+0x8c/0x160\n[ 28.358578] driver_probe_device+0x44/0xe0\n[ 28.362670] __driver_attach+0x124/0x1d0\n[ 28.366589] bus_for_each_dev+0x7c/0xe0\n[ 28.370426] driver_attach+0x28/0x30\n[ 28.373997] bus_add_driver+0x124/0x240\n[ 28.377830] driver_register+0x7c/0x124\n[ 28.381662] __platform_driver_register+0x2c/0x34\n[ 28.386362] npcm_i2c_init+0x3c/0x5c\n[ 28.389937] do_one_initcall+0x74/0x230\n[ 28.393768] kernel_init_freeable+0x24c/0x2b4\n[ 28.398126] kernel_init+0x28/0x130\n[ 28.401614] ret_from_fork+0x10/0x20\n[ 28.405189] Kernel panic - not syncing: softlockup: hung tasks\n[ 28.411011] SMP: stopping secondary CPUs\n[ 28.414933] Kernel Offset: disabled\n[ 28.418412] CPU features: 0x00000000,00000802\n[ 28.427644] Rebooting in 20 seconds..",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21878",
"url": "https://www.suse.com/security/cve/CVE-2025-21878"
},
{
"category": "external",
"summary": "SUSE Bug 1240192 for CVE-2025-21878",
"url": "https://bugzilla.suse.com/1240192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuprobes: Reject the shared zeropage in uprobe_write_opcode()\n\nWe triggered the following crash in syzkaller tests:\n\n BUG: Bad page state in process syz.7.38 pfn:1eff3\n page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1eff3\n flags: 0x3fffff00004004(referenced|reserved|node=0|zone=1|lastcpupid=0x1fffff)\n raw: 003fffff00004004 ffffe6c6c07bfcc8 ffffe6c6c07bfcc8 0000000000000000\n raw: 0000000000000000 0000000000000000 00000000fffffffe 0000000000000000\n page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x32/0x50\n bad_page+0x69/0xf0\n free_unref_page_prepare+0x401/0x500\n free_unref_page+0x6d/0x1b0\n uprobe_write_opcode+0x460/0x8e0\n install_breakpoint.part.0+0x51/0x80\n register_for_each_vma+0x1d9/0x2b0\n __uprobe_register+0x245/0x300\n bpf_uprobe_multi_link_attach+0x29b/0x4f0\n link_create+0x1e2/0x280\n __sys_bpf+0x75f/0xac0\n __x64_sys_bpf+0x1a/0x30\n do_syscall_64+0x56/0x100\n entry_SYSCALL_64_after_hwframe+0x78/0xe2\n\n BUG: Bad rss-counter state mm:00000000452453e0 type:MM_FILEPAGES val:-1\n\nThe following syzkaller test case can be used to reproduce:\n\n r2 = creat(\u0026(0x7f0000000000)=\u0027./file0\\x00\u0027, 0x8)\n write$nbd(r2, \u0026(0x7f0000000580)=ANY=[], 0x10)\n r4 = openat(0xffffffffffffff9c, \u0026(0x7f0000000040)=\u0027./file0\\x00\u0027, 0x42, 0x0)\n mmap$IORING_OFF_SQ_RING(\u0026(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x12, r4, 0x0)\n r5 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r5, 0xc018aa3f, \u0026(0x7f0000000040)={0xaa, 0x20})\n r6 = userfaultfd(0x80801)\n ioctl$UFFDIO_API(r6, 0xc018aa3f, \u0026(0x7f0000000140))\n ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, \u0026(0x7f0000000100)={{\u0026(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x2})\n ioctl$UFFDIO_ZEROPAGE(r5, 0xc020aa04, \u0026(0x7f0000000000)={{\u0026(0x7f0000ffd000/0x1000)=nil, 0x1000}})\n r7 = bpf$PROG_LOAD(0x5, \u0026(0x7f0000000140)={0x2, 0x3, \u0026(0x7f0000000200)=ANY=[@ANYBLOB=\"1800000000120000000000000000000095\"], \u0026(0x7f0000000000)=\u0027GPL\\x00\u0027, 0x7, 0x0, 0x0, 0x0, 0x0, \u0027\\x00\u0027, 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)\n bpf$BPF_LINK_CREATE_XDP(0x1c, \u0026(0x7f0000000040)={r7, 0x0, 0x30, 0x1e, @val=@uprobe_multi={\u0026(0x7f0000000080)=\u0027./file0\\x00\u0027, \u0026(0x7f0000000100)=[0x2], 0x0, 0x0, 0x1}}, 0x40)\n\nThe cause is that zero pfn is set to the PTE without increasing the RSS\ncount in mfill_atomic_pte_zeropage() and the refcount of zero folio does\nnot increase accordingly. Then, the operation on the same pfn is performed\nin uprobe_write_opcode()-\u003e__replace_page() to unconditional decrease the\nRSS count and old_folio\u0027s refcount.\n\nTherefore, two bugs are introduced:\n\n 1. The RSS count is incorrect, when process exit, the check_mm() report\n error \"Bad rss-count\".\n\n 2. The reserved folio (zero folio) is freed when folio-\u003erefcount is zero,\n then free_pages_prepare-\u003efree_page_is_bad() report error\n \"Bad page state\".\n\nThere is more, the following warning could also theoretically be triggered:\n\n __replace_page()\n -\u003e ...\n -\u003e folio_remove_rmap_pte()\n -\u003e VM_WARN_ON_FOLIO(is_zero_folio(folio), folio)\n\nConsidering that uprobe hit on the zero folio is a very rare case, just\nreject zero old folio immediately after get_user_page_vma_remote().\n\n[ mingo: Cleaned up the changelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21881",
"url": "https://www.suse.com/security/cve/CVE-2025-21881"
},
{
"category": "external",
"summary": "SUSE Bug 1240185 for CVE-2025-21881",
"url": "https://bugzilla.suse.com/1240185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21881"
},
{
"cve": "CVE-2025-21883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix deinitializing VF in error path\n\nIf ice_ena_vfs() fails after calling ice_create_vf_entries(), it frees\nall VFs without removing them from snapshot PF-VF mailbox list, leading\nto list corruption.\n\nReproducer:\n devlink dev eswitch set $PF1_PCI mode switchdev\n ip l s $PF1 up\n ip l s $PF1 promisc on\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n sleep 1\n echo 1 \u003e /sys/class/net/$PF1/device/sriov_numvfs\n\nTrace (minimized):\n list_add corruption. next-\u003eprev should be prev (ffff8882e241c6f0), but was 0000000000000000. (next=ffff888455da1330).\n kernel BUG at lib/list_debug.c:29!\n RIP: 0010:__list_add_valid_or_report+0xa6/0x100\n ice_mbx_init_vf_info+0xa7/0x180 [ice]\n ice_initialize_vf_entry+0x1fa/0x250 [ice]\n ice_sriov_configure+0x8d7/0x1520 [ice]\n ? __percpu_ref_switch_mode+0x1b1/0x5d0\n ? __pfx_ice_sriov_configure+0x10/0x10 [ice]\n\nSometimes a KASAN report can be seen instead with a similar stack trace:\n BUG: KASAN: use-after-free in __list_add_valid_or_report+0xf1/0x100\n\nVFs are added to this list in ice_mbx_init_vf_info(), but only removed\nin ice_free_vfs(). Move the removing to ice_free_vf_entries(), which is\nalso being called in other places where VFs are being removed (including\nice_free_vfs() itself).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21883",
"url": "https://www.suse.com/security/cve/CVE-2025-21883"
},
{
"category": "external",
"summary": "SUSE Bug 1240189 for CVE-2025-21883",
"url": "https://bugzilla.suse.com/1240189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: better track kernel sockets lifetime\n\nWhile kernel sockets are dismantled during pernet_operations-\u003eexit(),\ntheir freeing can be delayed by any tx packets still held in qdisc\nor device queues, due to skb_set_owner_w() prior calls.\n\nThis then trigger the following warning from ref_tracker_dir_exit() [1]\n\nTo fix this, make sure that kernel sockets own a reference on net-\u003epassive.\n\nAdd sk_net_refcnt_upgrade() helper, used whenever a kernel socket\nis converted to a refcounted one.\n\n[1]\n\n[ 136.263918][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.263918][ T35] sk_alloc+0x2b3/0x370\n[ 136.263918][ T35] inet6_create+0x6ce/0x10f0\n[ 136.263918][ T35] __sock_create+0x4c0/0xa30\n[ 136.263918][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.263918][ T35] igmp6_net_init+0x39/0x390\n[ 136.263918][ T35] ops_init+0x31e/0x590\n[ 136.263918][ T35] setup_net+0x287/0x9e0\n[ 136.263918][ T35] copy_net_ns+0x33f/0x570\n[ 136.263918][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.263918][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.263918][ T35] ksys_unshare+0x57d/0xa70\n[ 136.263918][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.263918][ T35] do_syscall_64+0xf3/0x230\n[ 136.263918][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 136.263918][ T35]\n[ 136.343488][ T35] ref_tracker: net notrefcnt@ffff8880638f01e0 has 1/2 users at\n[ 136.343488][ T35] sk_alloc+0x2b3/0x370\n[ 136.343488][ T35] inet6_create+0x6ce/0x10f0\n[ 136.343488][ T35] __sock_create+0x4c0/0xa30\n[ 136.343488][ T35] inet_ctl_sock_create+0xc2/0x250\n[ 136.343488][ T35] ndisc_net_init+0xa7/0x2b0\n[ 136.343488][ T35] ops_init+0x31e/0x590\n[ 136.343488][ T35] setup_net+0x287/0x9e0\n[ 136.343488][ T35] copy_net_ns+0x33f/0x570\n[ 136.343488][ T35] create_new_namespaces+0x425/0x7b0\n[ 136.343488][ T35] unshare_nsproxy_namespaces+0x124/0x180\n[ 136.343488][ T35] ksys_unshare+0x57d/0xa70\n[ 136.343488][ T35] __x64_sys_unshare+0x38/0x40\n[ 136.343488][ T35] do_syscall_64+0xf3/0x230\n[ 136.343488][ T35] entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21884",
"url": "https://www.suse.com/security/cve/CVE-2025-21884"
},
{
"category": "external",
"summary": "SUSE Bug 1240171 for CVE-2025-21884",
"url": "https://bugzilla.suse.com/1240171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21884"
},
{
"cve": "CVE-2025-21885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/bnxt_re: Fix the page details for the srq created by kernel consumers\n\nWhile using nvme target with use_srq on, below kernel panic is noticed.\n\n[ 549.698111] bnxt_en 0000:41:00.0 enp65s0np0: FEC autoneg off encoding: Clause 91 RS(544,514)\n[ 566.393619] Oops: divide error: 0000 [#1] PREEMPT SMP NOPTI\n..\n[ 566.393799] \u003cTASK\u003e\n[ 566.393807] ? __die_body+0x1a/0x60\n[ 566.393823] ? die+0x38/0x60\n[ 566.393835] ? do_trap+0xe4/0x110\n[ 566.393847] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393867] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393881] ? do_error_trap+0x7c/0x120\n[ 566.393890] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393911] ? exc_divide_error+0x34/0x50\n[ 566.393923] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393939] ? asm_exc_divide_error+0x16/0x20\n[ 566.393966] ? bnxt_qplib_alloc_init_hwq+0x1d4/0x580 [bnxt_re]\n[ 566.393997] bnxt_qplib_create_srq+0xc9/0x340 [bnxt_re]\n[ 566.394040] bnxt_re_create_srq+0x335/0x3b0 [bnxt_re]\n[ 566.394057] ? srso_return_thunk+0x5/0x5f\n[ 566.394068] ? __init_swait_queue_head+0x4a/0x60\n[ 566.394090] ib_create_srq_user+0xa7/0x150 [ib_core]\n[ 566.394147] nvmet_rdma_queue_connect+0x7d0/0xbe0 [nvmet_rdma]\n[ 566.394174] ? lock_release+0x22c/0x3f0\n[ 566.394187] ? srso_return_thunk+0x5/0x5f\n\nPage size and shift info is set only for the user space SRQs.\nSet page size and page shift for kernel space SRQs also.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21885",
"url": "https://www.suse.com/security/cve/CVE-2025-21885"
},
{
"category": "external",
"summary": "SUSE Bug 1240169 for CVE-2025-21885",
"url": "https://bugzilla.suse.com/1240169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix implicit ODP hang on parent deregistration\n\nFix the destroy_unused_implicit_child_mr() to prevent hanging during\nparent deregistration as of below [1].\n\nUpon entering destroy_unused_implicit_child_mr(), the reference count\nfor the implicit MR parent is incremented using:\nrefcount_inc_not_zero().\n\nA corresponding decrement must be performed if\nfree_implicit_child_mr_work() is not called.\n\nThe code has been updated to properly manage the reference count that\nwas incremented.\n\n[1]\nINFO: task python3:2157 blocked for more than 120 seconds.\nNot tainted 6.12.0-rc7+ #1633\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:python3 state:D stack:0 pid:2157 tgid:2157 ppid:1685 flags:0x00000000\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\n__mlx5_ib_dereg_mr+0x379/0x5d0 [mlx5_ib]\n? __pfx_autoremove_wake_function+0x10/0x10\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n __x64_sys_ioctl+0x1b0/0xa70\n? kmem_cache_free+0x221/0x400\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f20f21f017b\nRSP: 002b:00007ffcfc4a77c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffcfc4a78d8 RCX: 00007f20f21f017b\nRDX: 00007ffcfc4a78c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffcfc4a78a0 R08: 000056147d125190 R09: 00007f20f1f14c60\nR10: 0000000000000001 R11: 0000000000000246 R12: 00007ffcfc4a7890\nR13: 000000000000001c R14: 000056147d100fc0 R15: 00007f20e365c9d0\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21886",
"url": "https://www.suse.com/security/cve/CVE-2025-21886"
},
{
"category": "external",
"summary": "SUSE Bug 1240188 for CVE-2025-21886",
"url": "https://bugzilla.suse.com/1240188"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up\n\nThe issue was caused by dput(upper) being called before\novl_dentry_update_reval(), while upper-\u003ed_flags was still\naccessed in ovl_dentry_remote().\n\nMove dput(upper) after its last use to prevent use-after-free.\n\nBUG: KASAN: slab-use-after-free in ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\nBUG: KASAN: slab-use-after-free in ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc3/0x620 mm/kasan/report.c:488\n kasan_report+0xd9/0x110 mm/kasan/report.c:601\n ovl_dentry_remote fs/overlayfs/util.c:162 [inline]\n ovl_dentry_update_reval+0xd2/0xf0 fs/overlayfs/util.c:167\n ovl_link_up fs/overlayfs/copy_up.c:610 [inline]\n ovl_copy_up_one+0x2105/0x3490 fs/overlayfs/copy_up.c:1170\n ovl_copy_up_flags+0x18d/0x200 fs/overlayfs/copy_up.c:1223\n ovl_rename+0x39e/0x18c0 fs/overlayfs/dir.c:1136\n vfs_rename+0xf84/0x20a0 fs/namei.c:4893\n...\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21887",
"url": "https://www.suse.com/security/cve/CVE-2025-21887"
},
{
"category": "external",
"summary": "SUSE Bug 1240176 for CVE-2025-21887",
"url": "https://bugzilla.suse.com/1240176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21887"
},
{
"cve": "CVE-2025-21888",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21888"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix a WARN during dereg_mr for DM type\n\nMemory regions (MR) of type DM (device memory) do not have an associated\numem.\n\nIn the __mlx5_ib_dereg_mr() -\u003e mlx5_free_priv_descs() flow, the code\nincorrectly takes the wrong branch, attempting to call\ndma_unmap_single() on a DMA address that is not mapped.\n\nThis results in a WARN [1], as shown below.\n\nThe issue is resolved by properly accounting for the DM type and\nensuring the correct branch is selected in mlx5_free_priv_descs().\n\n[1]\nWARNING: CPU: 12 PID: 1346 at drivers/iommu/dma-iommu.c:1230 iommu_dma_unmap_page+0x79/0x90\nModules linked in: ip6table_mangle ip6table_nat ip6table_filter ip6_tables iptable_mangle xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry ovelay rpcrdma rdma_ucm ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm ib_ipoib iw_cm ib_cm mlx5_ib ib_uverbs ib_core fuse mlx5_core\nCPU: 12 UID: 0 PID: 1346 Comm: ibv_rc_pingpong Not tainted 6.12.0-rc7+ #1631\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:iommu_dma_unmap_page+0x79/0x90\nCode: 2b 49 3b 29 72 26 49 3b 69 08 73 20 4d 89 f0 44 89 e9 4c 89 e2 48 89 ee 48 89 df 5b 5d 41 5c 41 5d 41 5e 41 5f e9 07 b8 88 ff \u003c0f\u003e 0b 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 66 0f 1f 44 00\nRSP: 0018:ffffc90001913a10 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88810194b0a8 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001\nRBP: ffff88810194b0a8 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000\nR13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000000\nFS: 00007f537abdd740(0000) GS:ffff88885fb00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f537aeb8000 CR3: 000000010c248001 CR4: 0000000000372eb0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n? __warn+0x84/0x190\n? iommu_dma_unmap_page+0x79/0x90\n? report_bug+0xf8/0x1c0\n? handle_bug+0x55/0x90\n? exc_invalid_op+0x13/0x60\n? asm_exc_invalid_op+0x16/0x20\n? iommu_dma_unmap_page+0x79/0x90\ndma_unmap_page_attrs+0xe6/0x290\nmlx5_free_priv_descs+0xb0/0xe0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x37e/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0x116/0x170 [ib_uverbs]\n? lock_release+0xc6/0x280\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f537adaf17b\nCode: 0f 1e fa 48 8b 05 1d ad 0c 00 64 c7 00 26 00 00 00 48 c7 c0 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ed ac 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007ffff218f0b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffff218f1d8 RCX: 00007f537adaf17b\nRDX: 00007ffff218f1c0 RSI: 00000000c0181b01 RDI: 0000000000000003\nRBP: 00007ffff218f1a0 R08: 00007f537aa8d010 R09: 0000561ee2e4f270\nR10: 00007f537aace3a8 R11: 0000000000000246 R12: 00007ffff218f190\nR13: 000000000000001c R14: 0000561ee2e4d7c0 R15: 00007ffff218f450\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21888",
"url": "https://www.suse.com/security/cve/CVE-2025-21888"
},
{
"category": "external",
"summary": "SUSE Bug 1240177 for CVE-2025-21888",
"url": "https://bugzilla.suse.com/1240177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Add RCU read lock protection to perf_iterate_ctx()\n\nThe perf_iterate_ctx() function performs RCU list traversal but\ncurrently lacks RCU read lock protection. This causes lockdep warnings\nwhen running perf probe with unshare(1) under CONFIG_PROVE_RCU_LIST=y:\n\n\tWARNING: suspicious RCU usage\n\tkernel/events/core.c:8168 RCU-list traversed in non-reader section!!\n\n\t Call Trace:\n\t lockdep_rcu_suspicious\n\t ? perf_event_addr_filters_apply\n\t perf_iterate_ctx\n\t perf_event_exec\n\t begin_new_exec\n\t ? load_elf_phdrs\n\t load_elf_binary\n\t ? lock_acquire\n\t ? find_held_lock\n\t ? bprm_execve\n\t bprm_execve\n\t do_execveat_common.isra.0\n\t __x64_sys_execve\n\t do_syscall_64\n\t entry_SYSCALL_64_after_hwframe\n\nThis protection was previously present but was removed in commit\nbd2756811766 (\"perf: Rewrite core context handling\"). Add back the\nnecessary rcu_read_lock()/rcu_read_unlock() pair around\nperf_iterate_ctx() call in perf_event_exec().\n\n[ mingo: Use scoped_guard() as suggested by Peter ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21889",
"url": "https://www.suse.com/security/cve/CVE-2025-21889"
},
{
"category": "external",
"summary": "SUSE Bug 1240167 for CVE-2025-21889",
"url": "https://bugzilla.suse.com/1240167"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21889"
},
{
"cve": "CVE-2025-21890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix checksums set in idpf_rx_rsc()\n\nidpf_rx_rsc() uses skb_transport_offset(skb) while the transport header\nis not set yet.\n\nThis triggers the following warning for CONFIG_DEBUG_NET=y builds.\n\nDEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb))\n\n[ 69.261620] WARNING: CPU: 7 PID: 0 at ./include/linux/skbuff.h:3020 idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261629] Modules linked in: vfat fat dummy bridge intel_uncore_frequency_tpmi intel_uncore_frequency_common intel_vsec_tpmi idpf intel_vsec cdc_ncm cdc_eem cdc_ether usbnet mii xhci_pci xhci_hcd ehci_pci ehci_hcd libeth\n[ 69.261644] CPU: 7 UID: 0 PID: 0 Comm: swapper/7 Tainted: G S W 6.14.0-smp-DEV #1697\n[ 69.261648] Tainted: [S]=CPU_OUT_OF_SPEC, [W]=WARN\n[ 69.261650] RIP: 0010:idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261677] ? __warn (kernel/panic.c:242 kernel/panic.c:748)\n[ 69.261682] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261687] ? report_bug (lib/bug.c:?)\n[ 69.261690] ? handle_bug (arch/x86/kernel/traps.c:285)\n[ 69.261694] ? exc_invalid_op (arch/x86/kernel/traps.c:309)\n[ 69.261697] ? asm_exc_invalid_op (arch/x86/include/asm/idtentry.h:621)\n[ 69.261700] ? __pfx_idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:4011) idpf\n[ 69.261704] ? idpf_vport_splitq_napi_poll (include/linux/skbuff.h:3020) idpf\n[ 69.261708] ? idpf_vport_splitq_napi_poll (drivers/net/ethernet/intel/idpf/idpf_txrx.c:3072) idpf\n[ 69.261712] __napi_poll (net/core/dev.c:7194)\n[ 69.261716] net_rx_action (net/core/dev.c:7265)\n[ 69.261718] ? __qdisc_run (net/sched/sch_generic.c:293)\n[ 69.261721] ? sched_clock (arch/x86/include/asm/preempt.h:84 arch/x86/kernel/tsc.c:288)\n[ 69.261726] handle_softirqs (kernel/softirq.c:561)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21890",
"url": "https://www.suse.com/security/cve/CVE-2025-21890"
},
{
"category": "external",
"summary": "SUSE Bug 1240173 for CVE-2025-21890",
"url": "https://bugzilla.suse.com/1240173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: ensure network headers are in skb linear part\n\nsyzbot found that ipvlan_process_v6_outbound() was assuming\nthe IPv6 network header isis present in skb-\u003ehead [1]\n\nAdd the needed pskb_network_may_pull() calls for both\nIPv4 and IPv6 handlers.\n\n[1]\nBUG: KMSAN: uninit-value in __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n __ipv6_addr_type+0xa2/0x490 net/ipv6/addrconf_core.c:47\n ipv6_addr_type include/net/ipv6.h:555 [inline]\n ip6_route_output_flags_noref net/ipv6/route.c:2616 [inline]\n ip6_route_output_flags+0x51/0x720 net/ipv6/route.c:2651\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ipvlan_route_v6_outbound+0x24e/0x520 drivers/net/ipvlan/ipvlan_core.c:476\n ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:491 [inline]\n ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:541 [inline]\n ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:605 [inline]\n ipvlan_queue_xmit+0xd72/0x1780 drivers/net/ipvlan/ipvlan_core.c:671\n ipvlan_start_xmit+0x5b/0x210 drivers/net/ipvlan/ipvlan_main.c:223\n __netdev_start_xmit include/linux/netdevice.h:5150 [inline]\n netdev_start_xmit include/linux/netdevice.h:5159 [inline]\n xmit_one net/core/dev.c:3735 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3751\n sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343\n qdisc_restart net/sched/sch_generic.c:408 [inline]\n __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416\n qdisc_run+0x141/0x4d0 include/net/pkt_sched.h:127\n net_tx_action+0x78b/0x940 net/core/dev.c:5484\n handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561\n __do_softirq+0x14/0x1a kernel/softirq.c:595\n do_softirq+0x9a/0x100 kernel/softirq.c:462\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:389\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline]\n __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4611\n dev_queue_xmit include/linux/netdevice.h:3311 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3132 [inline]\n packet_sendmsg+0x93e0/0xa7e0 net/packet/af_packet.c:3164\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21891",
"url": "https://www.suse.com/security/cve/CVE-2025-21891"
},
{
"category": "external",
"summary": "SUSE Bug 1240186 for CVE-2025-21891",
"url": "https://bugzilla.suse.com/1240186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix the recovery flow of the UMR QP\n\nThis patch addresses an issue in the recovery flow of the UMR QP,\nensuring tasks do not get stuck, as highlighted by the call trace [1].\n\nDuring recovery, before transitioning the QP to the RESET state, the\nsoftware must wait for all outstanding WRs to complete.\n\nFailing to do so can cause the firmware to skip sending some flushed\nCQEs with errors and simply discard them upon the RESET, as per the IB\nspecification.\n\nThis race condition can result in lost CQEs and tasks becoming stuck.\n\nTo resolve this, the patch sends a final WR which serves only as a\nbarrier before moving the QP state to RESET.\n\nOnce a CQE is received for that final WR, it guarantees that no\noutstanding WRs remain, making it safe to transition the QP to RESET and\nsubsequently back to RTS, restoring proper functionality.\n\nNote:\nFor the barrier WR, we simply reuse the failed and ready WR.\nSince the QP is in an error state, it will only receive\nIB_WC_WR_FLUSH_ERR. However, as it serves only as a barrier we don\u0027t\ncare about its status.\n\n[1]\nINFO: task rdma_resource_l:1922 blocked for more than 120 seconds.\nTainted: G W 6.12.0-rc7+ #1626\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\ntask:rdma_resource_l state:D stack:0 pid:1922 tgid:1922 ppid:1369\n flags:0x00004004\nCall Trace:\n\u003cTASK\u003e\n__schedule+0x420/0xd30\nschedule+0x47/0x130\nschedule_timeout+0x280/0x300\n? mark_held_locks+0x48/0x80\n? lockdep_hardirqs_on_prepare+0xe5/0x1a0\nwait_for_completion+0x75/0x130\nmlx5r_umr_post_send_wait+0x3c2/0x5b0 [mlx5_ib]\n? __pfx_mlx5r_umr_done+0x10/0x10 [mlx5_ib]\nmlx5r_umr_revoke_mr+0x93/0xc0 [mlx5_ib]\n__mlx5_ib_dereg_mr+0x299/0x520 [mlx5_ib]\n? _raw_spin_unlock_irq+0x24/0x40\n? wait_for_completion+0xfe/0x130\n? rdma_restrack_put+0x63/0xe0 [ib_core]\nib_dereg_mr_user+0x5f/0x120 [ib_core]\n? lock_release+0xc6/0x280\ndestroy_hw_idr_uobject+0x1d/0x60 [ib_uverbs]\nuverbs_destroy_uobject+0x58/0x1d0 [ib_uverbs]\nuobj_destroy+0x3f/0x70 [ib_uverbs]\nib_uverbs_cmd_verbs+0x3e4/0xbb0 [ib_uverbs]\n? __pfx_uverbs_destroy_def_handler+0x10/0x10 [ib_uverbs]\n? __lock_acquire+0x64e/0x2080\n? mark_held_locks+0x48/0x80\n? find_held_lock+0x2d/0xa0\n? lock_acquire+0xc1/0x2f0\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n? __fget_files+0xc3/0x1b0\nib_uverbs_ioctl+0xe7/0x170 [ib_uverbs]\n? ib_uverbs_ioctl+0xcb/0x170 [ib_uverbs]\n__x64_sys_ioctl+0x1b0/0xa70\ndo_syscall_64+0x6b/0x140\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\nRIP: 0033:0x7f99c918b17b\nRSP: 002b:00007ffc766d0468 EFLAGS: 00000246 ORIG_RAX:\n 0000000000000010\nRAX: ffffffffffffffda RBX: 00007ffc766d0578 RCX:\n 00007f99c918b17b\nRDX: 00007ffc766d0560 RSI: 00000000c0181b01 RDI:\n 0000000000000003\nRBP: 00007ffc766d0540 R08: 00007f99c8f99010 R09:\n 000000000000bd7e\nR10: 00007f99c94c1c70 R11: 0000000000000246 R12:\n 00007ffc766d0530\nR13: 000000000000001c R14: 0000000040246a80 R15:\n 0000000000000000\n\u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21892",
"url": "https://www.suse.com/security/cve/CVE-2025-21892"
},
{
"category": "external",
"summary": "SUSE Bug 1240175 for CVE-2025-21892",
"url": "https://bugzilla.suse.com/1240175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21892"
},
{
"cve": "CVE-2025-21894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: enetc: VFs do not support HWTSTAMP_TX_ONESTEP_SYNC\n\nActually ENETC VFs do not support HWTSTAMP_TX_ONESTEP_SYNC because only\nENETC PF can access PMa_SINGLE_STEP registers. And there will be a crash\nif VFs are used to test one-step timestamp, the crash log as follows.\n\n[ 129.110909] Unable to handle kernel paging request at virtual address 00000000000080c0\n[ 129.287769] Call trace:\n[ 129.290219] enetc_port_mac_wr+0x30/0xec (P)\n[ 129.294504] enetc_start_xmit+0xda4/0xe74\n[ 129.298525] enetc_xmit+0x70/0xec\n[ 129.301848] dev_hard_start_xmit+0x98/0x118",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21894",
"url": "https://www.suse.com/security/cve/CVE-2025-21894"
},
{
"category": "external",
"summary": "SUSE Bug 1240581 for CVE-2025-21894",
"url": "https://bugzilla.suse.com/1240581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21894"
},
{
"cve": "CVE-2025-21895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Order the PMU list to fix warning about unordered pmu_ctx_list\n\nSyskaller triggers a warning due to prev_epc-\u003epmu != next_epc-\u003epmu in\nperf_event_swap_task_ctx_data(). vmcore shows that two lists have the same\nperf_event_pmu_context, but not in the same order.\n\nThe problem is that the order of pmu_ctx_list for the parent is impacted by\nthe time when an event/PMU is added. While the order for a child is\nimpacted by the event order in the pinned_groups and flexible_groups. So\nthe order of pmu_ctx_list in the parent and child may be different.\n\nTo fix this problem, insert the perf_event_pmu_context to its proper place\nafter iteration of the pmu_ctx_list.\n\nThe follow testcase can trigger above warning:\n\n # perf record -e cycles --call-graph lbr -- taskset -c 3 ./a.out \u0026\n # perf stat -e cpu-clock,cs -p xxx // xxx is the pid of a.out\n\n test.c\n\n void main() {\n int count = 0;\n pid_t pid;\n\n printf(\"%d running\\n\", getpid());\n sleep(30);\n printf(\"running\\n\");\n\n pid = fork();\n if (pid == -1) {\n printf(\"fork error\\n\");\n return;\n }\n if (pid == 0) {\n while (1) {\n count++;\n }\n } else {\n while (1) {\n count++;\n }\n }\n }\n\nThe testcase first opens an LBR event, so it will allocate task_ctx_data,\nand then open tracepoint and software events, so the parent context will\nhave 3 different perf_event_pmu_contexts. On inheritance, child ctx will\ninsert the perf_event_pmu_context in another order and the warning will\ntrigger.\n\n[ mingo: Tidied up the changelog. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21895",
"url": "https://www.suse.com/security/cve/CVE-2025-21895"
},
{
"category": "external",
"summary": "SUSE Bug 1240585 for CVE-2025-21895",
"url": "https://bugzilla.suse.com/1240585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21895"
},
{
"cve": "CVE-2025-21904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncaif_virtio: fix wrong pointer check in cfv_probe()\n\ndel_vqs() frees virtqueues, therefore cfv-\u003evq_tx pointer should be checked\nfor NULL before calling it, not cfv-\u003evdev. Also the current implementation\nis redundant because the pointer cfv-\u003evdev is dereferenced before it is\nchecked for NULL.\n\nFix this by checking cfv-\u003evq_tx for NULL instead of cfv-\u003evdev before\ncalling del_vqs().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21904",
"url": "https://www.suse.com/security/cve/CVE-2025-21904"
},
{
"category": "external",
"summary": "SUSE Bug 1240576 for CVE-2025-21904",
"url": "https://bugzilla.suse.com/1240576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21904"
},
{
"cve": "CVE-2025-21905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: limit printed string from FW file\n\nThere\u0027s no guarantee here that the file is always with a\nNUL-termination, so reading the string may read beyond the\nend of the TLV. If that\u0027s the last TLV in the file, it can\nperhaps even read beyond the end of the file buffer.\n\nFix that by limiting the print format to the size of the\nbuffer we have.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21905",
"url": "https://www.suse.com/security/cve/CVE-2025-21905"
},
{
"category": "external",
"summary": "SUSE Bug 1240575 for CVE-2025-21905",
"url": "https://bugzilla.suse.com/1240575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21905"
},
{
"cve": "CVE-2025-21906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: clean up ROC on failure\n\nIf the firmware fails to start the session protection, then we\ndo call iwl_mvm_roc_finished() here, but that won\u0027t do anything\nat all because IWL_MVM_STATUS_ROC_P2P_RUNNING was never set.\nSet IWL_MVM_STATUS_ROC_P2P_RUNNING in the failure/stop path.\nIf it started successfully before, it\u0027s already set, so that\ndoesn\u0027t matter, and if it didn\u0027t start it needs to be set to\nclean up.\n\nNot doing so will lead to a WARN_ON() later on a fresh remain-\non-channel, since the link is already active when activated as\nit was never deactivated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21906",
"url": "https://www.suse.com/security/cve/CVE-2025-21906"
},
{
"category": "external",
"summary": "SUSE Bug 1240587 for CVE-2025-21906",
"url": "https://bugzilla.suse.com/1240587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21906"
},
{
"cve": "CVE-2025-21908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21908"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: fix nfs_release_folio() to not deadlock via kcompactd writeback\n\nAdd PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it so\nnfs_release_folio() can skip calling nfs_wb_folio() from kcompactd.\n\nOtherwise NFS can deadlock waiting for kcompactd enduced writeback which\nrecurses back to NFS (which triggers writeback to NFSD via NFS loopback\nmount on the same host, NFSD blocks waiting for XFS\u0027s call to\n__filemap_get_folio):\n\n6070.550357] INFO: task kcompactd0:58 blocked for more than 4435 seconds.\n\n{---\n[58] \"kcompactd0\"\n[\u003c0\u003e] folio_wait_bit+0xe8/0x200\n[\u003c0\u003e] folio_wait_writeback+0x2b/0x80\n[\u003c0\u003e] nfs_wb_folio+0x80/0x1b0 [nfs]\n[\u003c0\u003e] nfs_release_folio+0x68/0x130 [nfs]\n[\u003c0\u003e] split_huge_page_to_list_to_order+0x362/0x840\n[\u003c0\u003e] migrate_pages_batch+0x43d/0xb90\n[\u003c0\u003e] migrate_pages_sync+0x9a/0x240\n[\u003c0\u003e] migrate_pages+0x93c/0x9f0\n[\u003c0\u003e] compact_zone+0x8e2/0x1030\n[\u003c0\u003e] compact_node+0xdb/0x120\n[\u003c0\u003e] kcompactd+0x121/0x2e0\n[\u003c0\u003e] kthread+0xcf/0x100\n[\u003c0\u003e] ret_from_fork+0x31/0x40\n[\u003c0\u003e] ret_from_fork_asm+0x1a/0x30\n---}\n\n[akpm@linux-foundation.org: fix build]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21908",
"url": "https://www.suse.com/security/cve/CVE-2025-21908"
},
{
"category": "external",
"summary": "SUSE Bug 1240600 for CVE-2025-21908",
"url": "https://bugzilla.suse.com/1240600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21908"
},
{
"cve": "CVE-2025-21909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject cooked mode if it is set along with other flags\n\nIt is possible to set both MONITOR_FLAG_COOK_FRAMES and MONITOR_FLAG_ACTIVE\nflags simultaneously on the same monitor interface from the userspace. This\ncauses a sub-interface to be created with no IEEE80211_SDATA_IN_DRIVER bit\nset because the monitor interface is in the cooked state and it takes\nprecedence over all other states. When the interface is then being deleted\nthe kernel calls WARN_ONCE() from check_sdata_in_driver() because of missing\nthat bit.\n\nFix this by rejecting MONITOR_FLAG_COOK_FRAMES if it is set along with\nother flags.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21909",
"url": "https://www.suse.com/security/cve/CVE-2025-21909"
},
{
"category": "external",
"summary": "SUSE Bug 1240590 for CVE-2025-21909",
"url": "https://bugzilla.suse.com/1240590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21909"
},
{
"cve": "CVE-2025-21910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: regulatory: improve invalid hints checking\n\nSyzbot keeps reporting an issue [1] that occurs when erroneous symbols\nsent from userspace get through into user_alpha2[] via\nregulatory_hint_user() call. Such invalid regulatory hints should be\nrejected.\n\nWhile a sanity check from commit 47caf685a685 (\"cfg80211: regulatory:\nreject invalid hints\") looks to be enough to deter these very cases,\nthere is a way to get around it due to 2 reasons.\n\n1) The way isalpha() works, symbols other than latin lower and\nupper letters may be used to determine a country/domain.\nFor instance, greek letters will also be considered upper/lower\nletters and for such characters isalpha() will return true as well.\nHowever, ISO-3166-1 alpha2 codes should only hold latin\ncharacters.\n\n2) While processing a user regulatory request, between\nreg_process_hint_user() and regulatory_hint_user() there happens to\nbe a call to queue_regulatory_request() which modifies letters in\nrequest-\u003ealpha2[] with toupper(). This works fine for latin symbols,\nless so for weird letter characters from the second part of _ctype[].\n\nSyzbot triggers a warning in is_user_regdom_saved() by first sending\nover an unexpected non-latin letter that gets malformed by toupper()\ninto a character that ends up failing isalpha() check.\n\nPrevent this by enhancing is_an_alpha2() to ensure that incoming\nsymbols are latin letters and nothing else.\n\n[1] Syzbot report:\n------------[ cut here ]------------\nUnexpected user alpha2: A\ufffd\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 is_user_regdom_saved net/wireless/reg.c:440 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_alpha2 net/wireless/reg.c:3424 [inline]\nWARNING: CPU: 1 PID: 964 at net/wireless/reg.c:442 restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\nModules linked in:\nCPU: 1 UID: 0 PID: 964 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00044-gc1e939a21eb1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: events_power_efficient crda_timeout_work\nRIP: 0010:is_user_regdom_saved net/wireless/reg.c:440 [inline]\nRIP: 0010:restore_alpha2 net/wireless/reg.c:3424 [inline]\nRIP: 0010:restore_regulatory_settings+0x3c0/0x1e50 net/wireless/reg.c:3516\n...\nCall Trace:\n \u003cTASK\u003e\n crda_timeout_work+0x27/0x50 net/wireless/reg.c:542\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa65/0x1850 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f2/0x390 kernel/kthread.c:389\n ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21910",
"url": "https://www.suse.com/security/cve/CVE-2025-21910"
},
{
"category": "external",
"summary": "SUSE Bug 1240583 for CVE-2025-21910",
"url": "https://bugzilla.suse.com/1240583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21910"
},
{
"cve": "CVE-2025-21912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: rcar: Use raw_spinlock to protect register access\n\nUse raw_spinlock in order to fix spurious messages about invalid context\nwhen spinlock debugging is enabled. The lock is only used to serialize\nregister access.\n\n [ 4.239592] =============================\n [ 4.239595] [ BUG: Invalid wait context ]\n [ 4.239599] 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35 Not tainted\n [ 4.239603] -----------------------------\n [ 4.239606] kworker/u8:5/76 is trying to lock:\n [ 4.239609] ffff0000091898a0 (\u0026p-\u003elock){....}-{3:3}, at: gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.239641] other info that might help us debug this:\n [ 4.239643] context-{5:5}\n [ 4.239646] 5 locks held by kworker/u8:5/76:\n [ 4.239651] #0: ffff0000080fb148 ((wq_completion)async){+.+.}-{0:0}, at: process_one_work+0x190/0x62c\n [ 4.250180] OF: /soc/sound@ec500000/ports/port@0/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.254094] #1: ffff80008299bd80 ((work_completion)(\u0026entry-\u003ework)){+.+.}-{0:0}, at: process_one_work+0x1b8/0x62c\n [ 4.254109] #2: ffff00000920c8f8\n [ 4.258345] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027bitclock-master\u0027 with a value.\n [ 4.264803] (\u0026dev-\u003emutex){....}-{4:4}, at: __device_attach_async_helper+0x3c/0xdc\n [ 4.264820] #3: ffff00000a50ca40 (request_class#2){+.+.}-{4:4}, at: __setup_irq+0xa0/0x690\n [ 4.264840] #4:\n [ 4.268872] OF: /soc/sound@ec500000/ports/port@1/endpoint: Read of boolean property \u0027frame-master\u0027 with a value.\n [ 4.273275] ffff00000a50c8c8 (lock_class){....}-{2:2}, at: __setup_irq+0xc4/0x690\n [ 4.296130] renesas_sdhi_internal_dmac ee100000.mmc: mmc1 base at 0x00000000ee100000, max clock rate 200 MHz\n [ 4.304082] stack backtrace:\n [ 4.304086] CPU: 1 UID: 0 PID: 76 Comm: kworker/u8:5 Not tainted 6.13.0-rc7-arm64-renesas-05496-gd088502a519f #35\n [ 4.304092] Hardware name: Renesas Salvator-X 2nd version board based on r8a77965 (DT)\n [ 4.304097] Workqueue: async async_run_entry_fn\n [ 4.304106] Call trace:\n [ 4.304110] show_stack+0x14/0x20 (C)\n [ 4.304122] dump_stack_lvl+0x6c/0x90\n [ 4.304131] dump_stack+0x14/0x1c\n [ 4.304138] __lock_acquire+0xdfc/0x1584\n [ 4.426274] lock_acquire+0x1c4/0x33c\n [ 4.429942] _raw_spin_lock_irqsave+0x5c/0x80\n [ 4.434307] gpio_rcar_config_interrupt_input_mode+0x34/0x164\n [ 4.440061] gpio_rcar_irq_set_type+0xd4/0xd8\n [ 4.444422] __irq_set_trigger+0x5c/0x178\n [ 4.448435] __setup_irq+0x2e4/0x690\n [ 4.452012] request_threaded_irq+0xc4/0x190\n [ 4.456285] devm_request_threaded_irq+0x7c/0xf4\n [ 4.459398] ata1: link resume succeeded after 1 retries\n [ 4.460902] mmc_gpiod_request_cd_irq+0x68/0xe0\n [ 4.470660] mmc_start_host+0x50/0xac\n [ 4.474327] mmc_add_host+0x80/0xe4\n [ 4.477817] tmio_mmc_host_probe+0x2b0/0x440\n [ 4.482094] renesas_sdhi_probe+0x488/0x6f4\n [ 4.486281] renesas_sdhi_internal_dmac_probe+0x60/0x78\n [ 4.491509] platform_probe+0x64/0xd8\n [ 4.495178] really_probe+0xb8/0x2a8\n [ 4.498756] __driver_probe_device+0x74/0x118\n [ 4.503116] driver_probe_device+0x3c/0x154\n [ 4.507303] __device_attach_driver+0xd4/0x160\n [ 4.511750] bus_for_each_drv+0x84/0xe0\n [ 4.515588] __device_attach_async_helper+0xb0/0xdc\n [ 4.520470] async_run_entry_fn+0x30/0xd8\n [ 4.524481] process_one_work+0x210/0x62c\n [ 4.528494] worker_thread+0x1ac/0x340\n [ 4.532245] kthread+0x10c/0x110\n [ 4.535476] ret_from_fork+0x10/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21912",
"url": "https://www.suse.com/security/cve/CVE-2025-21912"
},
{
"category": "external",
"summary": "SUSE Bug 1240584 for CVE-2025-21912",
"url": "https://bugzilla.suse.com/1240584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21912"
},
{
"cve": "CVE-2025-21913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/amd_nb: Use rdmsr_safe() in amd_get_mmconfig_range()\n\nXen doesn\u0027t offer MSR_FAM10H_MMIO_CONF_BASE to all guests. This results\nin the following warning:\n\n unchecked MSR access error: RDMSR from 0xc0010058 at rIP: 0xffffffff8101d19f (xen_do_read_msr+0x7f/0xa0)\n Call Trace:\n xen_read_msr+0x1e/0x30\n amd_get_mmconfig_range+0x2b/0x80\n quirk_amd_mmconfig_area+0x28/0x100\n pnp_fixup_device+0x39/0x50\n __pnp_add_device+0xf/0x150\n pnp_add_device+0x3d/0x100\n pnpacpi_add_device_handler+0x1f9/0x280\n acpi_ns_get_device_callback+0x104/0x1c0\n acpi_ns_walk_namespace+0x1d0/0x260\n acpi_get_devices+0x8a/0xb0\n pnpacpi_init+0x50/0x80\n do_one_initcall+0x46/0x2e0\n kernel_init_freeable+0x1da/0x2f0\n kernel_init+0x16/0x1b0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\n\nbased on quirks for a \"PNP0c01\" device. Treating MMCFG as disabled is the\nright course of action, so no change is needed there.\n\nThis was most likely exposed by fixing the Xen MSR accessors to not be\nsilently-safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21913",
"url": "https://www.suse.com/security/cve/CVE-2025-21913"
},
{
"category": "external",
"summary": "SUSE Bug 1240591 for CVE-2025-21913",
"url": "https://bugzilla.suse.com/1240591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21913"
},
{
"cve": "CVE-2025-21914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslimbus: messaging: Free transaction ID in delayed interrupt scenario\n\nIn case of interrupt delay for any reason, slim_do_transfer()\nreturns timeout error but the transaction ID (TID) is not freed.\nThis results into invalid memory access inside\nqcom_slim_ngd_rx_msgq_cb() due to invalid TID.\n\nFix the issue by freeing the TID in slim_do_transfer() before\nreturning timeout error to avoid invalid memory access.\n\nCall trace:\n__memcpy_fromio+0x20/0x190\nqcom_slim_ngd_rx_msgq_cb+0x130/0x290 [slim_qcom_ngd_ctrl]\nvchan_complete+0x2a0/0x4a0\ntasklet_action_common+0x274/0x700\ntasklet_action+0x28/0x3c\n_stext+0x188/0x620\nrun_ksoftirqd+0x34/0x74\nsmpboot_thread_fn+0x1d8/0x464\nkthread+0x178/0x238\nret_from_fork+0x10/0x20\nCode: aa0003e8 91000429 f100044a 3940002b (3800150b)\n---[ end trace 0fe00bec2b975c99 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21914",
"url": "https://www.suse.com/security/cve/CVE-2025-21914"
},
{
"category": "external",
"summary": "SUSE Bug 1240595 for CVE-2025-21914",
"url": "https://bugzilla.suse.com/1240595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21914"
},
{
"cve": "CVE-2025-21915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncdx: Fix possible UAF error in driver_override_show()\n\nFixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c\n\nThis function driver_override_show() is part of DEVICE_ATTR_RW, which\nincludes both driver_override_show() and driver_override_store().\nThese functions can be executed concurrently in sysfs.\n\nThe driver_override_store() function uses driver_set_override() to\nupdate the driver_override value, and driver_set_override() internally\nlocks the device (device_lock(dev)). If driver_override_show() reads\ncdx_dev-\u003edriver_override without locking, it could potentially access\na freed pointer if driver_override_store() frees the string\nconcurrently. This could lead to printing a kernel address, which is a\nsecurity risk since DEVICE_ATTR can be read by all users.\n\nAdditionally, a similar pattern is used in drivers/amba/bus.c, as well\nas many other bus drivers, where device_lock() is taken in the show\nfunction, and it has been working without issues.\n\nThis potential bug was detected by our experimental static analysis\ntool, which analyzes locking APIs and paired functions to identify\ndata races and atomicity violations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21915",
"url": "https://www.suse.com/security/cve/CVE-2025-21915"
},
{
"category": "external",
"summary": "SUSE Bug 1240594 for CVE-2025-21915",
"url": "https://bugzilla.suse.com/1240594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21915"
},
{
"cve": "CVE-2025-21916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: atm: cxacru: fix a flaw in existing endpoint checks\n\nSyzbot once again identified a flaw in usb endpoint checking, see [1].\nThis time the issue stems from a commit authored by me (2eabb655a968\n(\"usb: atm: cxacru: fix endpoint checking in cxacru_bind()\")).\n\nWhile using usb_find_common_endpoints() may usually be enough to\ndiscard devices with wrong endpoints, in this case one needs more\nthan just finding and identifying the sufficient number of endpoints\nof correct types - one needs to check the endpoint\u0027s address as well.\n\nSince cxacru_bind() fills URBs with CXACRU_EP_CMD address in mind,\nswitch the endpoint verification approach to usb_check_XXX_endpoints()\ninstead to fix incomplete ep testing.\n\n[1] Syzbot report:\nusb 5-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 1378 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nRIP: 0010:usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n cxacru_cm+0x3c8/0xe50 drivers/usb/atm/cxacru.c:649\n cxacru_card_status drivers/usb/atm/cxacru.c:760 [inline]\n cxacru_bind+0xcf9/0x1150 drivers/usb/atm/cxacru.c:1223\n usbatm_usb_probe+0x314/0x1d30 drivers/usb/atm/usbatm.c:1058\n cxacru_usb_probe+0x184/0x220 drivers/usb/atm/cxacru.c:1377\n usb_probe_interface+0x641/0xbb0 drivers/usb/core/driver.c:396\n really_probe+0x2b9/0xad0 drivers/base/dd.c:658\n __driver_probe_device+0x1a2/0x390 drivers/base/dd.c:800\n driver_probe_device+0x50/0x430 drivers/base/dd.c:830\n...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21916",
"url": "https://www.suse.com/security/cve/CVE-2025-21916"
},
{
"category": "external",
"summary": "SUSE Bug 1240582 for CVE-2025-21916",
"url": "https://bugzilla.suse.com/1240582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21916"
},
{
"cve": "CVE-2025-21917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: renesas_usbhs: Flush the notify_hotplug_work\n\nWhen performing continuous unbind/bind operations on the USB drivers\navailable on the Renesas RZ/G2L SoC, a kernel crash with the message\n\"Unable to handle kernel NULL pointer dereference at virtual address\"\nmay occur. This issue points to the usbhsc_notify_hotplug() function.\n\nFlush the delayed work to avoid its execution when driver resources are\nunavailable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21917",
"url": "https://www.suse.com/security/cve/CVE-2025-21917"
},
{
"category": "external",
"summary": "SUSE Bug 1240596 for CVE-2025-21917",
"url": "https://bugzilla.suse.com/1240596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21917"
},
{
"cve": "CVE-2025-21918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Fix NULL pointer access\n\nResources should be released only after all threads that utilize them\nhave been destroyed.\nThis commit ensures that resources are not released prematurely by waiting\nfor the associated workqueue to complete before deallocating them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21918",
"url": "https://www.suse.com/security/cve/CVE-2025-21918"
},
{
"category": "external",
"summary": "SUSE Bug 1240592 for CVE-2025-21918",
"url": "https://bugzilla.suse.com/1240592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21918"
},
{
"cve": "CVE-2025-21919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/fair: Fix potential memory corruption in child_cfs_rq_on_list\n\nchild_cfs_rq_on_list attempts to convert a \u0027prev\u0027 pointer to a cfs_rq.\nThis \u0027prev\u0027 pointer can originate from struct rq\u0027s leaf_cfs_rq_list,\nmaking the conversion invalid and potentially leading to memory\ncorruption. Depending on the relative positions of leaf_cfs_rq_list and\nthe task group (tg) pointer within the struct, this can cause a memory\nfault or access garbage data.\n\nThe issue arises in list_add_leaf_cfs_rq, where both\ncfs_rq-\u003eleaf_cfs_rq_list and rq-\u003eleaf_cfs_rq_list are added to the same\nleaf list. Also, rq-\u003etmp_alone_branch can be set to rq-\u003eleaf_cfs_rq_list.\n\nThis adds a check `if (prev == \u0026rq-\u003eleaf_cfs_rq_list)` after the main\nconditional in child_cfs_rq_on_list. This ensures that the container_of\noperation will convert a correct cfs_rq struct.\n\nThis check is sufficient because only cfs_rqs on the same CPU are added\nto the list, so verifying the \u0027prev\u0027 pointer against the current rq\u0027s list\nhead is enough.\n\nFixes a potential memory corruption issue that due to current struct\nlayout might not be manifesting as a crash but could lead to unpredictable\nbehavior when the layout changes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21919",
"url": "https://www.suse.com/security/cve/CVE-2025-21919"
},
{
"category": "external",
"summary": "SUSE Bug 1240593 for CVE-2025-21919",
"url": "https://bugzilla.suse.com/1240593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21919"
},
{
"cve": "CVE-2025-21922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: Fix KMSAN uninit-value warning with bpf\n\nSyzbot caught an \"KMSAN: uninit-value\" warning [1], which is caused by the\nppp driver not initializing a 2-byte header when using socket filter.\n\nThe following code can generate a PPP filter BPF program:\n\u0027\u0027\u0027\nstruct bpf_program fp;\npcap_t *handle;\nhandle = pcap_open_dead(DLT_PPP_PPPD, 65535);\npcap_compile(handle, \u0026fp, \"ip and outbound\", 0, 0);\nbpf_dump(\u0026fp, 1);\n\u0027\u0027\u0027\nIts output is:\n\u0027\u0027\u0027\n(000) ldh [2]\n(001) jeq #0x21 jt 2 jf 5\n(002) ldb [0]\n(003) jeq #0x1 jt 4 jf 5\n(004) ret #65535\n(005) ret #0\n\u0027\u0027\u0027\nWen can find similar code at the following link:\nhttps://github.com/ppp-project/ppp/blob/master/pppd/options.c#L1680\nThe maintainer of this code repository is also the original maintainer\nof the ppp driver.\n\nAs you can see the BPF program skips 2 bytes of data and then reads the\n\u0027Protocol\u0027 field to determine if it\u0027s an IP packet. Then it read the first\nbyte of the first 2 bytes to determine the direction.\n\nThe issue is that only the first byte indicating direction is initialized\nin current ppp driver code while the second byte is not initialized.\n\nFor normal BPF programs generated by libpcap, uninitialized data won\u0027t be\nused, so it\u0027s not a problem. However, for carefully crafted BPF programs,\nsuch as those generated by syzkaller [2], which start reading from offset\n0, the uninitialized data will be used and caught by KMSAN.\n\n[1] https://syzkaller.appspot.com/bug?extid=853242d9c9917165d791\n[2] https://syzkaller.appspot.com/text?tag=ReproC\u0026x=11994913980000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21922",
"url": "https://www.suse.com/security/cve/CVE-2025-21922"
},
{
"category": "external",
"summary": "SUSE Bug 1240639 for CVE-2025-21922",
"url": "https://bugzilla.suse.com/1240639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21922"
},
{
"cve": "CVE-2025-21923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hid-steam: Fix use-after-free when detaching device\n\nWhen a hid-steam device is removed it must clean up the client_hdev used for\nintercepting hidraw access. This can lead to scheduling deferred work to\nreattach the input device. Though the cleanup cancels the deferred work, this\nwas done before the client_hdev itself is cleaned up, so it gets rescheduled.\nThis patch fixes the ordering to make sure the deferred work is properly\ncanceled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21923",
"url": "https://www.suse.com/security/cve/CVE-2025-21923"
},
{
"category": "external",
"summary": "SUSE Bug 1240691 for CVE-2025-21923",
"url": "https://bugzilla.suse.com/1240691"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21923"
},
{
"cve": "CVE-2025-21924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: make sure ptp clock is unregister and freed if hclge_ptp_get_cycle returns an error\n\nDuring the initialization of ptp, hclge_ptp_get_cycle might return an error\nand returned directly without unregister clock and free it. To avoid that,\ncall hclge_ptp_destroy_clock to unregist and free clock if\nhclge_ptp_get_cycle failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21924",
"url": "https://www.suse.com/security/cve/CVE-2025-21924"
},
{
"category": "external",
"summary": "SUSE Bug 1240720 for CVE-2025-21924",
"url": "https://bugzilla.suse.com/1240720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21924"
},
{
"cve": "CVE-2025-21925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: do not use skb_get() before dev_queue_xmit()\n\nsyzbot is able to crash hosts [1], using llc and devices\nnot supporting IFF_TX_SKB_SHARING.\n\nIn this case, e1000 driver calls eth_skb_pad(), while\nthe skb is shared.\n\nSimply replace skb_get() by skb_clone() in net/llc/llc_s_ac.c\n\nNote that e1000 driver might have an issue with pktgen,\nbecause it does not clear IFF_TX_SKB_SHARING, this is an\northogonal change.\n\nWe need to audit other skb_get() uses in net/llc.\n\n[1]\n\nkernel BUG at net/core/skbuff.c:2178 !\nOops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 16371 Comm: syz.2.2764 Not tainted 6.14.0-rc4-syzkaller-00052-gac9c34d1e45a #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:pskb_expand_head+0x6ce/0x1240 net/core/skbuff.c:2178\nCall Trace:\n \u003cTASK\u003e\n __skb_pad+0x18a/0x610 net/core/skbuff.c:2466\n __skb_put_padto include/linux/skbuff.h:3843 [inline]\n skb_put_padto include/linux/skbuff.h:3862 [inline]\n eth_skb_pad include/linux/etherdevice.h:656 [inline]\n e1000_xmit_frame+0x2d99/0x5800 drivers/net/ethernet/intel/e1000/e1000_main.c:3128\n __netdev_start_xmit include/linux/netdevice.h:5151 [inline]\n netdev_start_xmit include/linux/netdevice.h:5160 [inline]\n xmit_one net/core/dev.c:3806 [inline]\n dev_hard_start_xmit+0x9a/0x7b0 net/core/dev.c:3822\n sch_direct_xmit+0x1ae/0xc30 net/sched/sch_generic.c:343\n __dev_xmit_skb net/core/dev.c:4045 [inline]\n __dev_queue_xmit+0x13d4/0x43e0 net/core/dev.c:4621\n dev_queue_xmit include/linux/netdevice.h:3313 [inline]\n llc_sap_action_send_test_c+0x268/0x320 net/llc/llc_s_ac.c:144\n llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline]\n llc_sap_next_state net/llc/llc_sap.c:182 [inline]\n llc_sap_state_process+0x239/0x510 net/llc/llc_sap.c:209\n llc_ui_sendmsg+0xd0d/0x14e0 net/llc/af_llc.c:993\n sock_sendmsg_nosec net/socket.c:718 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21925",
"url": "https://www.suse.com/security/cve/CVE-2025-21925"
},
{
"category": "external",
"summary": "SUSE Bug 1240713 for CVE-2025-21925",
"url": "https://bugzilla.suse.com/1240713"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21925"
},
{
"cve": "CVE-2025-21926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: fix ownership in __udp_gso_segment\n\nIn __udp_gso_segment the skb destructor is removed before segmenting the\nskb but the socket reference is kept as-is. This is an issue if the\noriginal skb is later orphaned as we can hit the following bug:\n\n kernel BUG at ./include/linux/skbuff.h:3312! (skb_orphan)\n RIP: 0010:ip_rcv_core+0x8b2/0xca0\n Call Trace:\n ip_rcv+0xab/0x6e0\n __netif_receive_skb_one_core+0x168/0x1b0\n process_backlog+0x384/0x1100\n __napi_poll.constprop.0+0xa1/0x370\n net_rx_action+0x925/0xe50\n\nThe above can happen following a sequence of events when using\nOpenVSwitch, when an OVS_ACTION_ATTR_USERSPACE action precedes an\nOVS_ACTION_ATTR_OUTPUT action:\n\n1. OVS_ACTION_ATTR_USERSPACE is handled (in do_execute_actions): the skb\n goes through queue_gso_packets and then __udp_gso_segment, where its\n destructor is removed.\n2. The segments\u0027 data are copied and sent to userspace.\n3. OVS_ACTION_ATTR_OUTPUT is handled (in do_execute_actions) and the\n same original skb is sent to its path.\n4. If it later hits skb_orphan, we hit the bug.\n\nFix this by also removing the reference to the socket in\n__udp_gso_segment.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21926",
"url": "https://www.suse.com/security/cve/CVE-2025-21926"
},
{
"category": "external",
"summary": "SUSE Bug 1240712 for CVE-2025-21926",
"url": "https://bugzilla.suse.com/1240712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21926"
},
{
"cve": "CVE-2025-21927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()\n\nnvme_tcp_recv_pdu() doesn\u0027t check the validity of the header length.\nWhen header digests are enabled, a target might send a packet with an\ninvalid header length (e.g. 255), causing nvme_tcp_verify_hdgst()\nto access memory outside the allocated area and cause memory corruptions\nby overwriting it with the calculated digest.\n\nFix this by rejecting packets with an unexpected header length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21927",
"url": "https://www.suse.com/security/cve/CVE-2025-21927"
},
{
"category": "external",
"summary": "SUSE Bug 1240714 for CVE-2025-21927",
"url": "https://bugzilla.suse.com/1240714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21927"
},
{
"cve": "CVE-2025-21928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()\n\nThe system can experience a random crash a few minutes after the driver is\nremoved. This issue occurs due to improper handling of memory freeing in\nthe ishtp_hid_remove() function.\n\nThe function currently frees the `driver_data` directly within the loop\nthat destroys the HID devices, which can lead to accessing freed memory.\nSpecifically, `hid_destroy_device()` uses `driver_data` when it calls\n`hid_ishtp_set_feature()` to power off the sensor, so freeing\n`driver_data` beforehand can result in accessing invalid memory.\n\nThis patch resolves the issue by storing the `driver_data` in a temporary\nvariable before calling `hid_destroy_device()`, and then freeing the\n`driver_data` after the device is destroyed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21928",
"url": "https://www.suse.com/security/cve/CVE-2025-21928"
},
{
"category": "external",
"summary": "SUSE Bug 1240722 for CVE-2025-21928",
"url": "https://bugzilla.suse.com/1240722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21928"
},
{
"cve": "CVE-2025-21930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t try to talk to a dead firmware\n\nThis fixes:\n\n bad state = 0\n WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi]\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xca/0x1c0\n ? iwl_trans_send_cmd+0xba/0xe0 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n iwl_fw_dbg_clear_monitor_buf+0xd7/0x110 [iwlwifi 64fa9ad799a0e0d2ba53d4af93a53ad9a531f8d4]\n _iwl_dbgfs_fw_dbg_clear_write+0xe2/0x120 [iwlmvm 0e8adb18cea92d2c341766bcc10b18699290068a]\n\nAsk whether the firmware is alive before sending a command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21930",
"url": "https://www.suse.com/security/cve/CVE-2025-21930"
},
{
"category": "external",
"summary": "SUSE Bug 1240715 for CVE-2025-21930",
"url": "https://bugzilla.suse.com/1240715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21930"
},
{
"cve": "CVE-2025-21931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwpoison, memory_hotplug: lock folio before unmap hwpoisoned folio\n\nCommit b15c87263a69 (\"hwpoison, memory_hotplug: allow hwpoisoned pages to\nbe offlined) add page poison checks in do_migrate_range in order to make\noffline hwpoisoned page possible by introducing isolate_lru_page and\ntry_to_unmap for hwpoisoned page. However folio lock must be held before\ncalling try_to_unmap. Add it to fix this problem.\n\nWarning will be produced if folio is not locked during unmap:\n\n ------------[ cut here ]------------\n kernel BUG at ./include/linux/swapops.h:400!\n Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n Modules linked in:\n CPU: 4 UID: 0 PID: 411 Comm: bash Tainted: G W 6.13.0-rc1-00016-g3c434c7ee82a-dirty #41\n Tainted: [W]=WARN\n Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015\n pstate: 40400005 (nZcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : try_to_unmap_one+0xb08/0xd3c\n lr : try_to_unmap_one+0x3dc/0xd3c\n Call trace:\n try_to_unmap_one+0xb08/0xd3c (P)\n try_to_unmap_one+0x3dc/0xd3c (L)\n rmap_walk_anon+0xdc/0x1f8\n rmap_walk+0x3c/0x58\n try_to_unmap+0x88/0x90\n unmap_poisoned_folio+0x30/0xa8\n do_migrate_range+0x4a0/0x568\n offline_pages+0x5a4/0x670\n memory_block_action+0x17c/0x374\n memory_subsys_offline+0x3c/0x78\n device_offline+0xa4/0xd0\n state_store+0x8c/0xf0\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x44/0x54\n kernfs_fop_write_iter+0x118/0x1a8\n vfs_write+0x3a8/0x4bc\n ksys_write+0x6c/0xf8\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x44/0x100\n el0_svc_common.constprop.0+0x40/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xd0\n el0t_64_sync_handler+0xc8/0xcc\n el0t_64_sync+0x198/0x19c\n Code: f9407be0 b5fff320 d4210000 17ffff97 (d4210000)\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21931",
"url": "https://www.suse.com/security/cve/CVE-2025-21931"
},
{
"category": "external",
"summary": "SUSE Bug 1240709 for CVE-2025-21931",
"url": "https://bugzilla.suse.com/1240709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21931"
},
{
"cve": "CVE-2025-21934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: fix an API misues when rio_add_net() fails\n\nrio_add_net() calls device_register() and fails when device_register()\nfails. Thus, put_device() should be used rather than kfree(). Add\n\"mport-\u003enet = NULL;\" to avoid a use after free issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21934",
"url": "https://www.suse.com/security/cve/CVE-2025-21934"
},
{
"category": "external",
"summary": "SUSE Bug 1240708 for CVE-2025-21934",
"url": "https://bugzilla.suse.com/1240708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21934"
},
{
"cve": "CVE-2025-21935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrapidio: add check for rio_add_net() in rio_scan_alloc_net()\n\nThe return value of rio_add_net() should be checked. If it fails,\nput_device() should be called to free the memory and give up the reference\ninitialized in rio_add_net().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21935",
"url": "https://www.suse.com/security/cve/CVE-2025-21935"
},
{
"category": "external",
"summary": "SUSE Bug 1240700 for CVE-2025-21935",
"url": "https://bugzilla.suse.com/1240700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21935"
},
{
"cve": "CVE-2025-21936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_device_connected()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_device_connected() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21936",
"url": "https://www.suse.com/security/cve/CVE-2025-21936"
},
{
"category": "external",
"summary": "SUSE Bug 1240716 for CVE-2025-21936",
"url": "https://bugzilla.suse.com/1240716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21936"
},
{
"cve": "CVE-2025-21937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name()\n\nAdd check for the return value of mgmt_alloc_skb() in\nmgmt_remote_name() to prevent null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21937",
"url": "https://www.suse.com/security/cve/CVE-2025-21937"
},
{
"category": "external",
"summary": "SUSE Bug 1240643 for CVE-2025-21937",
"url": "https://bugzilla.suse.com/1240643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21937"
},
{
"cve": "CVE-2025-21941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null check for pipe_ctx-\u003eplane_state in resource_build_scaling_params\n\nNull pointer dereference issue could occur when pipe_ctx-\u003eplane_state\nis null. The fix adds a check to ensure \u0027pipe_ctx-\u003eplane_state\u0027 is not\nnull before accessing. This prevents a null pointer dereference.\n\nFound by code review.\n\n(cherry picked from commit 63e6a77ccf239337baa9b1e7787cde9fa0462092)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21941",
"url": "https://www.suse.com/security/cve/CVE-2025-21941"
},
{
"category": "external",
"summary": "SUSE Bug 1240701 for CVE-2025-21941",
"url": "https://bugzilla.suse.com/1240701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21941"
},
{
"cve": "CVE-2025-21943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: aggregator: protect driver attr handlers against module unload\n\nBoth new_device_store and delete_device_store touch module global\nresources (e.g. gpio_aggregator_lock). To prevent race conditions with\nmodule unload, a reference needs to be held.\n\nAdd try_module_get() in these handlers.\n\nFor new_device_store, this eliminates what appears to be the most dangerous\nscenario: if an id is allocated from gpio_aggregator_idr but\nplatform_device_register has not yet been called or completed, a concurrent\nmodule unload could fail to unregister/delete the device, leaving behind a\ndangling platform device/GPIO forwarder. This can result in various issues.\nThe following simple reproducer demonstrates these problems:\n\n #!/bin/bash\n while :; do\n # note: whether \u0027gpiochip0 0\u0027 exists or not does not matter.\n echo \u0027gpiochip0 0\u0027 \u003e /sys/bus/platform/drivers/gpio-aggregator/new_device\n done \u0026\n while :; do\n modprobe gpio-aggregator\n modprobe -r gpio-aggregator\n done \u0026\n wait\n\n Starting with the following warning, several kinds of warnings will appear\n and the system may become unstable:\n\n ------------[ cut here ]------------\n list_del corruption, ffff888103e2e980-\u003enext is LIST_POISON1 (dead000000000100)\n WARNING: CPU: 1 PID: 1327 at lib/list_debug.c:56 __list_del_entry_valid_or_report+0xa3/0x120\n [...]\n RIP: 0010:__list_del_entry_valid_or_report+0xa3/0x120\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? __warn.cold+0x93/0xf2\n ? __list_del_entry_valid_or_report+0xa3/0x120\n ? report_bug+0xe6/0x170\n ? __irq_work_queue_local+0x39/0xe0\n ? handle_bug+0x58/0x90\n ? exc_invalid_op+0x13/0x60\n ? asm_exc_invalid_op+0x16/0x20\n ? __list_del_entry_valid_or_report+0xa3/0x120\n gpiod_remove_lookup_table+0x22/0x60\n new_device_store+0x315/0x350 [gpio_aggregator]\n kernfs_fop_write_iter+0x137/0x1f0\n vfs_write+0x262/0x430\n ksys_write+0x60/0xd0\n do_syscall_64+0x6c/0x180\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21943",
"url": "https://www.suse.com/security/cve/CVE-2025-21943"
},
{
"category": "external",
"summary": "SUSE Bug 1240647 for CVE-2025-21943",
"url": "https://bugzilla.suse.com/1240647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21943"
},
{
"cve": "CVE-2025-21948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: appleir: Fix potential NULL dereference at raw event handle\n\nSyzkaller reports a NULL pointer dereference issue in input_event().\n\nBUG: KASAN: null-ptr-deref in instrument_atomic_read include/linux/instrumented.h:68 [inline]\nBUG: KASAN: null-ptr-deref in _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: null-ptr-deref in is_event_supported drivers/input/input.c:67 [inline]\nBUG: KASAN: null-ptr-deref in input_event+0x42/0xa0 drivers/input/input.c:395\nRead of size 8 at addr 0000000000000028 by task syz-executor199/2949\n\nCPU: 0 UID: 0 PID: 2949 Comm: syz-executor199 Not tainted 6.13.0-rc4-syzkaller-00076-gf097a36ef88d #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nCall Trace:\n \u003cIRQ\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120\n kasan_report+0xd9/0x110 mm/kasan/report.c:602\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189\n instrument_atomic_read include/linux/instrumented.h:68 [inline]\n _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n is_event_supported drivers/input/input.c:67 [inline]\n input_event+0x42/0xa0 drivers/input/input.c:395\n input_report_key include/linux/input.h:439 [inline]\n key_down drivers/hid/hid-appleir.c:159 [inline]\n appleir_raw_event+0x3e5/0x5e0 drivers/hid/hid-appleir.c:232\n __hid_input_report.constprop.0+0x312/0x440 drivers/hid/hid-core.c:2111\n hid_ctrl+0x49f/0x550 drivers/hid/usbhid/hid-core.c:484\n __usb_hcd_giveback_urb+0x389/0x6e0 drivers/usb/core/hcd.c:1650\n usb_hcd_giveback_urb+0x396/0x450 drivers/usb/core/hcd.c:1734\n dummy_timer+0x17f7/0x3960 drivers/usb/gadget/udc/dummy_hcd.c:1993\n __run_hrtimer kernel/time/hrtimer.c:1739 [inline]\n __hrtimer_run_queues+0x20a/0xae0 kernel/time/hrtimer.c:1803\n hrtimer_run_softirq+0x17d/0x350 kernel/time/hrtimer.c:1820\n handle_softirqs+0x206/0x8d0 kernel/softirq.c:561\n __do_softirq kernel/softirq.c:595 [inline]\n invoke_softirq kernel/softirq.c:435 [inline]\n __irq_exit_rcu+0xfa/0x160 kernel/softirq.c:662\n irq_exit_rcu+0x9/0x30 kernel/softirq.c:678\n instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]\n sysvec_apic_timer_interrupt+0x90/0xb0 arch/x86/kernel/apic/apic.c:1049\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702\n __mod_timer+0x8f6/0xdc0 kernel/time/timer.c:1185\n add_timer+0x62/0x90 kernel/time/timer.c:1295\n schedule_timeout+0x11f/0x280 kernel/time/sleep_timeout.c:98\n usbhid_wait_io+0x1c7/0x380 drivers/hid/usbhid/hid-core.c:645\n usbhid_init_reports+0x19f/0x390 drivers/hid/usbhid/hid-core.c:784\n hiddev_ioctl+0x1133/0x15b0 drivers/hid/usbhid/hiddev.c:794\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:906 [inline]\n __se_sys_ioctl fs/ioctl.c:892 [inline]\n __x64_sys_ioctl+0x190/0x200 fs/ioctl.c:892\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThis happens due to the malformed report items sent by the emulated device\nwhich results in a report, that has no fields, being added to the report list.\nDue to this appleir_input_configured() is never called, hidinput_connect()\nfails which results in the HID_CLAIMED_INPUT flag is not being set. However,\nit does not make appleir_probe() fail and lets the event callback to be\ncalled without the associated input device.\n\nThus, add a check for the HID_CLAIMED_INPUT flag and leave the event hook\nearly if the driver didn\u0027t claim any input_dev for some reason. Moreover,\nsome other hid drivers accessing input_dev in their event callbacks do have\nsimilar checks, too.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21948",
"url": "https://www.suse.com/security/cve/CVE-2025-21948"
},
{
"category": "external",
"summary": "SUSE Bug 1240703 for CVE-2025-21948",
"url": "https://bugzilla.suse.com/1240703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21948"
},
{
"cve": "CVE-2025-21950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl\n\nIn the \"pmcmd_ioctl\" function, three memory objects allocated by\nkmalloc are initialized by \"hcall_get_cpu_state\", which are then\ncopied to user space. The initializer is indeed implemented in\n\"acrn_hypercall2\" (arch/x86/include/asm/acrn.h). There is a risk of\ninformation leakage due to uninitialized bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21950",
"url": "https://www.suse.com/security/cve/CVE-2025-21950"
},
{
"category": "external",
"summary": "SUSE Bug 1240719 for CVE-2025-21950",
"url": "https://bugzilla.suse.com/1240719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21950"
},
{
"cve": "CVE-2025-21951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock\n\nThere are multiple places from where the recovery work gets scheduled\nasynchronously. Also, there are multiple places where the caller waits\nsynchronously for the recovery to be completed. One such place is during\nthe PM shutdown() callback.\n\nIf the device is not alive during recovery_work, it will try to reset the\ndevice using pci_reset_function(). This function internally will take the\ndevice_lock() first before resetting the device. By this time, if the lock\nhas already been acquired, then recovery_work will get stalled while\nwaiting for the lock. And if the lock was already acquired by the caller\nwhich waits for the recovery_work to be completed, it will lead to\ndeadlock.\n\nThis is what happened on the X1E80100 CRD device when the device died\nbefore shutdown() callback. Driver core calls the driver\u0027s shutdown()\ncallback while holding the device_lock() leading to deadlock.\n\nAnd this deadlock scenario can occur on other paths as well, like during\nthe PM suspend() callback, where the driver core would hold the\ndevice_lock() before calling driver\u0027s suspend() callback. And if the\nrecovery_work was already started, it could lead to deadlock. This is also\nobserved on the X1E80100 CRD.\n\nSo to fix both issues, use pci_try_reset_function() in recovery_work. This\nfunction first checks for the availability of the device_lock() before\ntrying to reset the device. If the lock is available, it will acquire it\nand reset the device. Otherwise, it will return -EAGAIN. If that happens,\nrecovery_work will fail with the error message \"Recovery failed\" as not\nmuch could be done.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21951",
"url": "https://www.suse.com/security/cve/CVE-2025-21951"
},
{
"category": "external",
"summary": "SUSE Bug 1240718 for CVE-2025-21951",
"url": "https://bugzilla.suse.com/1240718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21951"
},
{
"cve": "CVE-2025-21953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: cleanup mana struct after debugfs_remove()\n\nWhen on a MANA VM hibernation is triggered, as part of hibernate_snapshot(),\nmana_gd_suspend() and mana_gd_resume() are called. If during this\nmana_gd_resume(), a failure occurs with HWC creation, mana_port_debugfs\npointer does not get reinitialized and ends up pointing to older,\ncleaned-up dentry.\nFurther in the hibernation path, as part of power_down(), mana_gd_shutdown()\nis triggered. This call, unaware of the failures in resume, tries to cleanup\nthe already cleaned up mana_port_debugfs value and hits the following bug:\n\n[ 191.359296] mana 7870:00:00.0: Shutdown was called\n[ 191.359918] BUG: kernel NULL pointer dereference, address: 0000000000000098\n[ 191.360584] #PF: supervisor write access in kernel mode\n[ 191.361125] #PF: error_code(0x0002) - not-present page\n[ 191.361727] PGD 1080ea067 P4D 0\n[ 191.362172] Oops: Oops: 0002 [#1] SMP NOPTI\n[ 191.362606] CPU: 11 UID: 0 PID: 1674 Comm: bash Not tainted 6.14.0-rc5+ #2\n[ 191.363292] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 11/21/2024\n[ 191.364124] RIP: 0010:down_write+0x19/0x50\n[ 191.364537] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 53 48 89 fb e8 de cd ff ff 31 c0 ba 01 00 00 00 \u003cf0\u003e 48 0f b1 13 75 16 65 48 8b 05 88 24 4c 6a 48 89 43 08 48 8b 5d\n[ 191.365867] RSP: 0000:ff45fbe0c1c037b8 EFLAGS: 00010246\n[ 191.366350] RAX: 0000000000000000 RBX: 0000000000000098 RCX: ffffff8100000000\n[ 191.366951] RDX: 0000000000000001 RSI: 0000000000000064 RDI: 0000000000000098\n[ 191.367600] RBP: ff45fbe0c1c037c0 R08: 0000000000000000 R09: 0000000000000001\n[ 191.368225] R10: ff45fbe0d2b01000 R11: 0000000000000008 R12: 0000000000000000\n[ 191.368874] R13: 000000000000000b R14: ff43dc27509d67c0 R15: 0000000000000020\n[ 191.369549] FS: 00007dbc5001e740(0000) GS:ff43dc663f380000(0000) knlGS:0000000000000000\n[ 191.370213] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 191.370830] CR2: 0000000000000098 CR3: 0000000168e8e002 CR4: 0000000000b73ef0\n[ 191.371557] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 191.372192] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n[ 191.372906] Call Trace:\n[ 191.373262] \u003cTASK\u003e\n[ 191.373621] ? show_regs+0x64/0x70\n[ 191.374040] ? __die+0x24/0x70\n[ 191.374468] ? page_fault_oops+0x290/0x5b0\n[ 191.374875] ? do_user_addr_fault+0x448/0x800\n[ 191.375357] ? exc_page_fault+0x7a/0x160\n[ 191.375971] ? asm_exc_page_fault+0x27/0x30\n[ 191.376416] ? down_write+0x19/0x50\n[ 191.376832] ? down_write+0x12/0x50\n[ 191.377232] simple_recursive_removal+0x4a/0x2a0\n[ 191.377679] ? __pfx_remove_one+0x10/0x10\n[ 191.378088] debugfs_remove+0x44/0x70\n[ 191.378530] mana_detach+0x17c/0x4f0\n[ 191.378950] ? __flush_work+0x1e2/0x3b0\n[ 191.379362] ? __cond_resched+0x1a/0x50\n[ 191.379787] mana_remove+0xf2/0x1a0\n[ 191.380193] mana_gd_shutdown+0x3b/0x70\n[ 191.380642] pci_device_shutdown+0x3a/0x80\n[ 191.381063] device_shutdown+0x13e/0x230\n[ 191.381480] kernel_power_off+0x35/0x80\n[ 191.381890] hibernate+0x3c6/0x470\n[ 191.382312] state_store+0xcb/0xd0\n[ 191.382734] kobj_attr_store+0x12/0x30\n[ 191.383211] sysfs_kf_write+0x3e/0x50\n[ 191.383640] kernfs_fop_write_iter+0x140/0x1d0\n[ 191.384106] vfs_write+0x271/0x440\n[ 191.384521] ksys_write+0x72/0xf0\n[ 191.384924] __x64_sys_write+0x19/0x20\n[ 191.385313] x64_sys_call+0x2b0/0x20b0\n[ 191.385736] do_syscall_64+0x79/0x150\n[ 191.386146] ? __mod_memcg_lruvec_state+0xe7/0x240\n[ 191.386676] ? __lruvec_stat_mod_folio+0x79/0xb0\n[ 191.387124] ? __pfx_lru_add+0x10/0x10\n[ 191.387515] ? queued_spin_unlock+0x9/0x10\n[ 191.387937] ? do_anonymous_page+0x33c/0xa00\n[ 191.388374] ? __handle_mm_fault+0xcf3/0x1210\n[ 191.388805] ? __count_memcg_events+0xbe/0x180\n[ 191.389235] ? handle_mm_fault+0xae/0x300\n[ 19\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21953",
"url": "https://www.suse.com/security/cve/CVE-2025-21953"
},
{
"category": "external",
"summary": "SUSE Bug 1240727 for CVE-2025-21953",
"url": "https://bugzilla.suse.com/1240727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21953"
},
{
"cve": "CVE-2025-21956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Assign normalized_pix_clk when color depth = 14\n\n[WHY \u0026 HOW]\nA warning message \"WARNING: CPU: 4 PID: 459 at ... /dc_resource.c:3397\ncalculate_phy_pix_clks+0xef/0x100 [amdgpu]\" occurs because the\ndisplay_color_depth == COLOR_DEPTH_141414 is not handled. This is\nobserved in Radeon RX 6600 XT.\n\nIt is fixed by assigning pix_clk * (14 * 3) / 24 - same as the rests.\n\nAlso fixes the indentation in get_norm_pix_clk.\n\n(cherry picked from commit 274a87eb389f58eddcbc5659ab0b180b37e92775)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21956",
"url": "https://www.suse.com/security/cve/CVE-2025-21956"
},
{
"category": "external",
"summary": "SUSE Bug 1240739 for CVE-2025-21956",
"url": "https://bugzilla.suse.com/1240739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21956"
},
{
"cve": "CVE-2025-21957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla1280: Fix kernel oops when debug level \u003e 2\n\nA null dereference or oops exception will eventually occur when qla1280.c\ndriver is compiled with DEBUG_QLA1280 enabled and ql_debug_level \u003e 2. I\nthink its clear from the code that the intention here is sg_dma_len(s) not\nlength of sg_next(s) when printing the debug info.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21957",
"url": "https://www.suse.com/security/cve/CVE-2025-21957"
},
{
"category": "external",
"summary": "SUSE Bug 1240742 for CVE-2025-21957",
"url": "https://bugzilla.suse.com/1240742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21957"
},
{
"cve": "CVE-2025-21960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: do not update checksum in bnxt_xdp_build_skb()\n\nThe bnxt_rx_pkt() updates ip_summed value at the end if checksum offload\nis enabled.\nWhen the XDP-MB program is attached and it returns XDP_PASS, the\nbnxt_xdp_build_skb() is called to update skb_shared_info.\nThe main purpose of bnxt_xdp_build_skb() is to update skb_shared_info,\nbut it updates ip_summed value too if checksum offload is enabled.\nThis is actually duplicate work.\n\nWhen the bnxt_rx_pkt() updates ip_summed value, it checks if ip_summed\nis CHECKSUM_NONE or not.\nIt means that ip_summed should be CHECKSUM_NONE at this moment.\nBut ip_summed may already be updated to CHECKSUM_UNNECESSARY in the\nXDP-MB-PASS path.\nSo the by skb_checksum_none_assert() WARNS about it.\n\nThis is duplicate work and updating ip_summed in the\nbnxt_xdp_build_skb() is not needed.\n\nSplat looks like:\nWARNING: CPU: 3 PID: 5782 at ./include/linux/skbuff.h:5155 bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nModules linked in: bnxt_re bnxt_en rdma_ucm rdma_cm iw_cm ib_cm ib_uverbs veth xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_]\nCPU: 3 UID: 0 PID: 5782 Comm: socat Tainted: G W 6.14.0-rc4+ #27\nTainted: [W]=WARN\nHardware name: ASUS System Product Name/PRIME Z690-P D4, BIOS 0603 11/01/2021\nRIP: 0010:bnxt_rx_pkt+0x479b/0x7610 [bnxt_en]\nCode: 54 24 0c 4c 89 f1 4c 89 ff c1 ea 1f ff d3 0f 1f 00 49 89 c6 48 85 c0 0f 84 4c e5 ff ff 48 89 c7 e8 ca 3d a0 c8 e9 8f f4 ff ff \u003c0f\u003e 0b f\nRSP: 0018:ffff88881ba09928 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000c7590303 RCX: 0000000000000000\nRDX: 1ffff1104e7d1610 RSI: 0000000000000001 RDI: ffff8881c91300b8\nRBP: ffff88881ba09b28 R08: ffff888273e8b0d0 R09: ffff888273e8b070\nR10: ffff888273e8b010 R11: ffff888278b0f000 R12: ffff888273e8b080\nR13: ffff8881c9130e00 R14: ffff8881505d3800 R15: ffff888273e8b000\nFS: 00007f5a2e7be080(0000) GS:ffff88881ba00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fff2e708ff8 CR3: 000000013e3b0000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? __warn+0xcd/0x2f0\n ? bnxt_rx_pkt+0x479b/0x7610\n ? report_bug+0x326/0x3c0\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? bnxt_rx_pkt+0x479b/0x7610\n ? bnxt_rx_pkt+0x3e41/0x7610\n ? __pfx_bnxt_rx_pkt+0x10/0x10\n ? napi_complete_done+0x2cf/0x7d0\n __bnxt_poll_work+0x4e8/0x1220\n ? __pfx___bnxt_poll_work+0x10/0x10\n ? __pfx_mark_lock.part.0+0x10/0x10\n bnxt_poll_p5+0x36a/0xfa0\n ? __pfx_bnxt_poll_p5+0x10/0x10\n __napi_poll.constprop.0+0xa0/0x440\n net_rx_action+0x899/0xd00\n...\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going\nto be able to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21960",
"url": "https://www.suse.com/security/cve/CVE-2025-21960"
},
{
"category": "external",
"summary": "SUSE Bug 1240815 for CVE-2025-21960",
"url": "https://bugzilla.suse.com/1240815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21960"
},
{
"cve": "CVE-2025-21961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix truesize for mb-xdp-pass case\n\nWhen mb-xdp is set and return is XDP_PASS, packet is converted from\nxdp_buff to sk_buff with xdp_update_skb_shared_info() in\nbnxt_xdp_build_skb().\nbnxt_xdp_build_skb() passes incorrect truesize argument to\nxdp_update_skb_shared_info().\nThe truesize is calculated as BNXT_RX_PAGE_SIZE * sinfo-\u003enr_frags but\nthe skb_shared_info was wiped by napi_build_skb() before.\nSo it stores sinfo-\u003enr_frags before bnxt_xdp_build_skb() and use it\ninstead of getting skb_shared_info from xdp_get_shared_info_from_buff().\n\nSplat looks like:\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 0 at net/core/skbuff.c:6072 skb_try_coalesce+0x504/0x590\n Modules linked in: xt_nat xt_tcpudp veth af_packet xt_conntrack nft_chain_nat xt_MASQUERADE nf_conntrack_netlink xfrm_user xt_addrtype nft_coms\n CPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.14.0-rc2+ #3\n RIP: 0010:skb_try_coalesce+0x504/0x590\n Code: 4b fd ff ff 49 8b 34 24 40 80 e6 40 0f 84 3d fd ff ff 49 8b 74 24 48 40 f6 c6 01 0f 84 2e fd ff ff 48 8d 4e ff e9 25 fd ff ff \u003c0f\u003e 0b e99\n RSP: 0018:ffffb62c4120caa8 EFLAGS: 00010287\n RAX: 0000000000000003 RBX: ffffb62c4120cb14 RCX: 0000000000000ec0\n RDX: 0000000000001000 RSI: ffffa06e5d7dc000 RDI: 0000000000000003\n RBP: ffffa06e5d7ddec0 R08: ffffa06e6120a800 R09: ffffa06e7a119900\n R10: 0000000000002310 R11: ffffa06e5d7dcec0 R12: ffffe4360575f740\n R13: ffffe43600000000 R14: 0000000000000002 R15: 0000000000000002\n FS: 0000000000000000(0000) GS:ffffa0755f700000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f147b76b0f8 CR3: 00000001615d4000 CR4: 00000000007506f0\n PKRU: 55555554\n Call Trace:\n \u003cIRQ\u003e\n ? __warn+0x84/0x130\n ? skb_try_coalesce+0x504/0x590\n ? report_bug+0x18a/0x1a0\n ? handle_bug+0x53/0x90\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_try_coalesce+0x504/0x590\n inet_frag_reasm_finish+0x11f/0x2e0\n ip_defrag+0x37a/0x900\n ip_local_deliver+0x51/0x120\n ip_sublist_rcv_finish+0x64/0x70\n ip_sublist_rcv+0x179/0x210\n ip_list_rcv+0xf9/0x130\n\nHow to reproduce:\n\u003cNode A\u003e\nip link set $interface1 xdp obj xdp_pass.o\nip link set $interface1 mtu 9000 up\nip a a 10.0.0.1/24 dev $interface1\n\u003cNode B\u003e\nip link set $interfac2 mtu 9000 up\nip a a 10.0.0.2/24 dev $interface2\nping 10.0.0.1 -s 65000\n\nFollowing ping.py patch adds xdp-mb-pass case. so ping.py is going to be\nable to reproduce this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21961",
"url": "https://www.suse.com/security/cve/CVE-2025-21961"
},
{
"category": "external",
"summary": "SUSE Bug 1240816 for CVE-2025-21961",
"url": "https://bugzilla.suse.com/1240816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21961"
},
{
"cve": "CVE-2025-21962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing closetimeo mount option\n\nUser-provided mount parameter closetimeo of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21962",
"url": "https://www.suse.com/security/cve/CVE-2025-21962"
},
{
"category": "external",
"summary": "SUSE Bug 1240655 for CVE-2025-21962",
"url": "https://bugzilla.suse.com/1240655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21962"
},
{
"cve": "CVE-2025-21963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acdirmax mount option\n\nUser-provided mount parameter acdirmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21963",
"url": "https://www.suse.com/security/cve/CVE-2025-21963"
},
{
"category": "external",
"summary": "SUSE Bug 1240717 for CVE-2025-21963",
"url": "https://bugzilla.suse.com/1240717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21963"
},
{
"cve": "CVE-2025-21964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix integer overflow while processing acregmax mount option\n\nUser-provided mount parameter acregmax of type u32 is intended to have\nan upper limit, but before it is validated, the value is converted from\nseconds to jiffies which can lead to an integer overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21964",
"url": "https://www.suse.com/security/cve/CVE-2025-21964"
},
{
"category": "external",
"summary": "SUSE Bug 1240740 for CVE-2025-21964",
"url": "https://bugzilla.suse.com/1240740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21964"
},
{
"cve": "CVE-2025-21966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-flakey: Fix memory corruption in optional corrupt_bio_byte feature\n\nFix memory corruption due to incorrect parameter being passed to bio_init",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21966",
"url": "https://www.suse.com/security/cve/CVE-2025-21966"
},
{
"category": "external",
"summary": "SUSE Bug 1240779 for CVE-2025-21966",
"url": "https://bugzilla.suse.com/1240779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21966"
},
{
"cve": "CVE-2025-21968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix slab-use-after-free on hdcp_work\n\n[Why]\nA slab-use-after-free is reported when HDCP is destroyed but the\nproperty_validate_dwork queue is still running.\n\n[How]\nCancel the delayed work when destroying workqueue.\n\n(cherry picked from commit 725a04ba5a95e89c89633d4322430cfbca7ce128)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21968",
"url": "https://www.suse.com/security/cve/CVE-2025-21968"
},
{
"category": "external",
"summary": "SUSE Bug 1240783 for CVE-2025-21968",
"url": "https://bugzilla.suse.com/1240783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21968"
},
{
"cve": "CVE-2025-21969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd\n\nAfter the hci sync command releases l2cap_conn, the hci receive data work\nqueue references the released l2cap_conn when sending to the upper layer.\nAdd hci dev lock to the hci receive data work queue to synchronize the two.\n\n[1]\nBUG: KASAN: slab-use-after-free in l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\nRead of size 8 at addr ffff8880271a4000 by task kworker/u9:2/5837\n\nCPU: 0 UID: 0 PID: 5837 Comm: kworker/u9:2 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024\nWorkqueue: hci1 hci_rx_work\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:489\n kasan_report+0x143/0x180 mm/kasan/report.c:602\n l2cap_build_cmd net/bluetooth/l2cap_core.c:2964 [inline]\n l2cap_send_cmd+0x187/0x8d0 net/bluetooth/l2cap_core.c:954\n l2cap_sig_send_rej net/bluetooth/l2cap_core.c:5502 [inline]\n l2cap_sig_channel net/bluetooth/l2cap_core.c:5538 [inline]\n l2cap_recv_frame+0x221f/0x10db0 net/bluetooth/l2cap_core.c:6817\n hci_acldata_packet net/bluetooth/hci_core.c:3797 [inline]\n hci_rx_work+0x508/0xdb0 net/bluetooth/hci_core.c:4040\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n \u003c/TASK\u003e\n\nAllocated by task 5837:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x243/0x390 mm/slub.c:4329\n kmalloc_noprof include/linux/slab.h:901 [inline]\n kzalloc_noprof include/linux/slab.h:1037 [inline]\n l2cap_conn_add+0xa9/0x8e0 net/bluetooth/l2cap_core.c:6860\n l2cap_connect_cfm+0x115/0x1090 net/bluetooth/l2cap_core.c:7239\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_remote_features_evt+0x68e/0xac0 net/bluetooth/hci_event.c:3726\n hci_event_func net/bluetooth/hci_event.c:7473 [inline]\n hci_event_packet+0xac2/0x1540 net/bluetooth/hci_event.c:7525\n hci_rx_work+0x3f3/0xdb0 net/bluetooth/hci_core.c:4035\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244\n\nFreed by task 54:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:582\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x59/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2353 [inline]\n slab_free mm/slub.c:4613 [inline]\n kfree+0x196/0x430 mm/slub.c:4761\n l2cap_connect_cfm+0xcc/0x1090 net/bluetooth/l2cap_core.c:7235\n hci_connect_cfm include/net/bluetooth/hci_core.h:2057 [inline]\n hci_conn_failed+0x287/0x400 net/bluetooth/hci_conn.c:1266\n hci_abort_conn_sync+0x56c/0x11f0 net/bluetooth/hci_sync.c:5603\n hci_cmd_sync_work+0x22b/0x400 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3229 [inline]\n process_scheduled_works+0xa66/0x1840 kernel/workqueue.c:3310\n worker_thread+0x870/0xd30 kernel/workqueue.c:3391\n kthread+0x2f0/0x390 kernel/kthread.c:389\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21969",
"url": "https://www.suse.com/security/cve/CVE-2025-21969"
},
{
"category": "external",
"summary": "SUSE Bug 1240784 for CVE-2025-21969",
"url": "https://bugzilla.suse.com/1240784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21969"
},
{
"cve": "CVE-2025-21970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Bridge, fix the crash caused by LAG state check\n\nWhen removing LAG device from bridge, NETDEV_CHANGEUPPER event is\ntriggered. Driver finds the lower devices (PFs) to flush all the\noffloaded entries. And mlx5_lag_is_shared_fdb is checked, it returns\nfalse if one of PF is unloaded. In such case,\nmlx5_esw_bridge_lag_rep_get() and its caller return NULL, instead of\nthe alive PF, and the flush is skipped.\n\nBesides, the bridge fdb entry\u0027s lastuse is updated in mlx5 bridge\nevent handler. But this SWITCHDEV_FDB_ADD_TO_BRIDGE event can be\nignored in this case because the upper interface for bond is deleted,\nand the entry will never be aged because lastuse is never updated.\n\nTo make things worse, as the entry is alive, mlx5 bridge workqueue\nkeeps sending that event, which is then handled by kernel bridge\nnotifier. It causes the following crash when accessing the passed bond\nnetdev which is already destroyed.\n\nTo fix this issue, remove such checks. LAG state is already checked in\ncommit 15f8f168952f (\"net/mlx5: Bridge, verify LAG state when adding\nbond to bridge\"), driver still need to skip offload if LAG becomes\ninvalid state after initialization.\n\n Oops: stack segment: 0000 [#1] SMP\n CPU: 3 UID: 0 PID: 23695 Comm: kworker/u40:3 Tainted: G OE 6.11.0_mlnx #1\n Tainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: mlx5_bridge_wq mlx5_esw_bridge_update_work [mlx5_core]\n RIP: 0010:br_switchdev_event+0x2c/0x110 [bridge]\n Code: 44 00 00 48 8b 02 48 f7 00 00 02 00 00 74 69 41 54 55 53 48 83 ec 08 48 8b a8 08 01 00 00 48 85 ed 74 4a 48 83 fe 02 48 89 d3 \u003c4c\u003e 8b 65 00 74 23 76 49 48 83 fe 05 74 7e 48 83 fe 06 75 2f 0f b7\n RSP: 0018:ffffc900092cfda0 EFLAGS: 00010297\n RAX: ffff888123bfe000 RBX: ffffc900092cfe08 RCX: 00000000ffffffff\n RDX: ffffc900092cfe08 RSI: 0000000000000001 RDI: ffffffffa0c585f0\n RBP: 6669746f6e690a30 R08: 0000000000000000 R09: ffff888123ae92c8\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888123ae9c60\n R13: 0000000000000001 R14: ffffc900092cfe08 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff88852c980000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f15914c8734 CR3: 0000000002830005 CR4: 0000000000770ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die_body+0x1a/0x60\n ? die+0x38/0x60\n ? do_trap+0x10b/0x120\n ? do_error_trap+0x64/0xa0\n ? exc_stack_segment+0x33/0x50\n ? asm_exc_stack_segment+0x22/0x30\n ? br_switchdev_event+0x2c/0x110 [bridge]\n ? sched_balance_newidle.isra.149+0x248/0x390\n notifier_call_chain+0x4b/0xa0\n atomic_notifier_call_chain+0x16/0x20\n mlx5_esw_bridge_update+0xec/0x170 [mlx5_core]\n mlx5_esw_bridge_update_work+0x19/0x40 [mlx5_core]\n process_scheduled_works+0x81/0x390\n worker_thread+0x106/0x250\n ? bh_worker+0x110/0x110\n kthread+0xb7/0xe0\n ? kthread_park+0x80/0x80\n ret_from_fork+0x2d/0x50\n ? kthread_park+0x80/0x80\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21970",
"url": "https://www.suse.com/security/cve/CVE-2025-21970"
},
{
"category": "external",
"summary": "SUSE Bug 1240819 for CVE-2025-21970",
"url": "https://bugzilla.suse.com/1240819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21970"
},
{
"cve": "CVE-2025-21971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Prevent creation of classes with TC_H_ROOT\n\nThe function qdisc_tree_reduce_backlog() uses TC_H_ROOT as a termination\ncondition when traversing up the qdisc tree to update parent backlog\ncounters. However, if a class is created with classid TC_H_ROOT, the\ntraversal terminates prematurely at this class instead of reaching the\nactual root qdisc, causing parent statistics to be incorrectly maintained.\nIn case of DRR, this could lead to a crash as reported by Mingi Cho.\n\nPrevent the creation of any Qdisc class with classid TC_H_ROOT\n(0xFFFFFFFF) across all qdisc types, as suggested by Jamal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21971",
"url": "https://www.suse.com/security/cve/CVE-2025-21971"
},
{
"category": "external",
"summary": "SUSE Bug 1240799 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1240799"
},
{
"category": "external",
"summary": "SUSE Bug 1245794 for CVE-2025-21971",
"url": "https://bugzilla.suse.com/1245794"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21971"
},
{
"cve": "CVE-2025-21972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: unshare packets when reassembling\n\nEnsure that the frag_list used for reassembly isn\u0027t shared with other\npackets. This avoids incorrect reassembly when packets are cloned, and\nprevents a memory leak due to circular references between fragments and\ntheir skb_shared_info.\n\nThe upcoming MCTP-over-USB driver uses skb_clone which can trigger the\nproblem - other MCTP drivers don\u0027t share SKBs.\n\nA kunit test is added to reproduce the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21972",
"url": "https://www.suse.com/security/cve/CVE-2025-21972"
},
{
"category": "external",
"summary": "SUSE Bug 1240813 for CVE-2025-21972",
"url": "https://bugzilla.suse.com/1240813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21972"
},
{
"cve": "CVE-2025-21975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: handle errors in mlx5_chains_create_table()\n\nIn mlx5_chains_create_table(), the return value of mlx5_get_fdb_sub_ns()\nand mlx5_get_flow_namespace() must be checked to prevent NULL pointer\ndereferences. If either function fails, the function should log error\nmessage with mlx5_core_warn() and return error pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21975",
"url": "https://www.suse.com/security/cve/CVE-2025-21975"
},
{
"category": "external",
"summary": "SUSE Bug 1240812 for CVE-2025-21975",
"url": "https://bugzilla.suse.com/1240812"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21975"
},
{
"cve": "CVE-2025-21978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/hyperv: Fix address space leak when Hyper-V DRM device is removed\n\nWhen a Hyper-V DRM device is probed, the driver allocates MMIO space for\nthe vram, and maps it cacheable. If the device removed, or in the error\npath for device probing, the MMIO space is released but no unmap is done.\nConsequently the kernel address space for the mapping is leaked.\n\nFix this by adding iounmap() calls in the device removal path, and in the\nerror path during device probing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21978",
"url": "https://www.suse.com/security/cve/CVE-2025-21978"
},
{
"category": "external",
"summary": "SUSE Bug 1240806 for CVE-2025-21978",
"url": "https://bugzilla.suse.com/1240806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21978"
},
{
"cve": "CVE-2025-21979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: cancel wiphy_work before freeing wiphy\n\nA wiphy_work can be queued from the moment the wiphy is allocated and\ninitialized (i.e. wiphy_new_nm). When a wiphy_work is queued, the\nrdev::wiphy_work is getting queued.\n\nIf wiphy_free is called before the rdev::wiphy_work had a chance to run,\nthe wiphy memory will be freed, and then when it eventally gets to run\nit\u0027ll use invalid memory.\n\nFix this by canceling the work before freeing the wiphy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21979",
"url": "https://www.suse.com/security/cve/CVE-2025-21979"
},
{
"category": "external",
"summary": "SUSE Bug 1240808 for CVE-2025-21979",
"url": "https://bugzilla.suse.com/1240808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21979"
},
{
"cve": "CVE-2025-21980",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21980"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: address a potential NULL pointer dereference in the GRED scheduler.\n\nIf kzalloc in gred_init returns a NULL pointer, the code follows the\nerror handling path, invoking gred_destroy. This, in turn, calls\ngred_offload, where memset could receive a NULL pointer as input,\npotentially leading to a kernel crash.\n\nWhen table-\u003eopt is NULL in gred_init(), gred_change_table_def()\nis not called yet, so it is not necessary to call -\u003endo_setup_tc()\nin gred_offload().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21980",
"url": "https://www.suse.com/security/cve/CVE-2025-21980"
},
{
"category": "external",
"summary": "SUSE Bug 1240809 for CVE-2025-21980",
"url": "https://bugzilla.suse.com/1240809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21980"
},
{
"cve": "CVE-2025-21981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory leak in aRFS after reset\n\nFix aRFS (accelerated Receive Flow Steering) structures memory leak by\nadding a checker to verify if aRFS memory is already allocated while\nconfiguring VSI. aRFS objects are allocated in two cases:\n- as part of VSI initialization (at probe), and\n- as part of reset handling\n\nHowever, VSI reconfiguration executed during reset involves memory\nallocation one more time, without prior releasing already allocated\nresources. This led to the memory leak with the following signature:\n\n[root@os-delivery ~]# cat /sys/kernel/debug/kmemleak\nunreferenced object 0xff3c1ca7252e6000 (size 8192):\n comm \"kworker/0:0\", pid 8, jiffies 4296833052\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc 0):\n [\u003cffffffff991ec485\u003e] __kmalloc_cache_noprof+0x275/0x340\n [\u003cffffffffc0a6e06a\u003e] ice_init_arfs+0x3a/0xe0 [ice]\n [\u003cffffffffc09f1027\u003e] ice_vsi_cfg_def+0x607/0x850 [ice]\n [\u003cffffffffc09f244b\u003e] ice_vsi_setup+0x5b/0x130 [ice]\n [\u003cffffffffc09c2131\u003e] ice_init+0x1c1/0x460 [ice]\n [\u003cffffffffc09c64af\u003e] ice_probe+0x2af/0x520 [ice]\n [\u003cffffffff994fbcd3\u003e] local_pci_probe+0x43/0xa0\n [\u003cffffffff98f07103\u003e] work_for_cpu_fn+0x13/0x20\n [\u003cffffffff98f0b6d9\u003e] process_one_work+0x179/0x390\n [\u003cffffffff98f0c1e9\u003e] worker_thread+0x239/0x340\n [\u003cffffffff98f14abc\u003e] kthread+0xcc/0x100\n [\u003cffffffff98e45a6d\u003e] ret_from_fork+0x2d/0x50\n [\u003cffffffff98e083ba\u003e] ret_from_fork_asm+0x1a/0x30\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21981",
"url": "https://www.suse.com/security/cve/CVE-2025-21981"
},
{
"category": "external",
"summary": "SUSE Bug 1240612 for CVE-2025-21981",
"url": "https://bugzilla.suse.com/1240612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21981"
},
{
"cve": "CVE-2025-21985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix out-of-bound accesses\n\n[WHAT \u0026 HOW]\nhpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4),\nbut location can have size up to 6. As a result, it is necessary to\ncheck location against MAX_HPO_DP2_ENCODERS.\n\nSimiliarly, disp_cfg_stream_location can be used as an array index which\nshould be 0..5, so the ASSERT\u0027s conditions should be less without equal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21985",
"url": "https://www.suse.com/security/cve/CVE-2025-21985"
},
{
"category": "external",
"summary": "SUSE Bug 1240811 for CVE-2025-21985",
"url": "https://bugzilla.suse.com/1240811"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21985"
},
{
"cve": "CVE-2025-21991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes\n\nCurrently, load_microcode_amd() iterates over all NUMA nodes, retrieves their\nCPU masks and unconditionally accesses per-CPU data for the first CPU of each\nmask.\n\nAccording to Documentation/admin-guide/mm/numaperf.rst:\n\n \"Some memory may share the same node as a CPU, and others are provided as\n memory only nodes.\"\n\nTherefore, some node CPU masks may be empty and wouldn\u0027t have a \"first CPU\".\n\nOn a machine with far memory (and therefore CPU-less NUMA nodes):\n- cpumask_of_node(nid) is 0\n- cpumask_first(0) is CONFIG_NR_CPUS\n- cpu_data(CONFIG_NR_CPUS) accesses the cpu_info per-CPU array at an\n index that is 1 out of bounds\n\nThis does not have any security implications since flashing microcode is\na privileged operation but I believe this has reliability implications by\npotentially corrupting memory while flashing a microcode update.\n\nWhen booting with CONFIG_UBSAN_BOUNDS=y on an AMD machine that flashes\na microcode update. I get the following splat:\n\n UBSAN: array-index-out-of-bounds in arch/x86/kernel/cpu/microcode/amd.c:X:Y\n index 512 is out of range for type \u0027unsigned long[512]\u0027\n [...]\n Call Trace:\n dump_stack\n __ubsan_handle_out_of_bounds\n load_microcode_amd\n request_microcode_amd\n reload_store\n kernfs_fop_write_iter\n vfs_write\n ksys_write\n do_syscall_64\n entry_SYSCALL_64_after_hwframe\n\nChange the loop to go over only NUMA nodes which have CPUs before determining\nwhether the first CPU on the respective node needs microcode update.\n\n [ bp: Massage commit message, fix typo. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21991",
"url": "https://www.suse.com/security/cve/CVE-2025-21991"
},
{
"category": "external",
"summary": "SUSE Bug 1240795 for CVE-2025-21991",
"url": "https://bugzilla.suse.com/1240795"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21991"
},
{
"cve": "CVE-2025-21992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: ignore non-functional sensor in HP 5MP Camera\n\nThe HP 5MP Camera (USB ID 0408:5473) reports a HID sensor interface that\nis not actually implemented. Attempting to access this non-functional\nsensor via iio_info causes system hangs as runtime PM tries to wake up\nan unresponsive sensor.\n\n [453] hid-sensor-hub 0003:0408:5473.0003: Report latency attributes: ffffffff:ffffffff\n [453] hid-sensor-hub 0003:0408:5473.0003: common attributes: 5:1, 2:1, 3:1 ffffffff:ffffffff\n\nAdd this device to the HID ignore list since the sensor interface is\nnon-functional by design and should not be exposed to userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21992",
"url": "https://www.suse.com/security/cve/CVE-2025-21992"
},
{
"category": "external",
"summary": "SUSE Bug 1240796 for CVE-2025-21992",
"url": "https://bugzilla.suse.com/1240796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21992"
},
{
"cve": "CVE-2025-21993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()\n\nWhen performing an iSCSI boot using IPv6, iscsistart still reads the\n/sys/firmware/ibft/ethernetX/subnet-mask entry. Since the IPv6 prefix\nlength is 64, this causes the shift exponent to become negative,\ntriggering a UBSAN warning. As the concept of a subnet mask does not\napply to IPv6, the value is set to ~0 to suppress the warning message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21993",
"url": "https://www.suse.com/security/cve/CVE-2025-21993"
},
{
"category": "external",
"summary": "SUSE Bug 1240797 for CVE-2025-21993",
"url": "https://bugzilla.suse.com/1240797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21993"
},
{
"cve": "CVE-2025-21995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Fix fence reference count leak\n\nThe last_scheduled fence leaks when an entity is being killed and adding\nthe cleanup callback fails.\n\nDecrement the reference count of prev when dma_fence_add_callback()\nfails, ensuring proper balance.\n\n[phasta: add git tag info for stable kernel]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21995",
"url": "https://www.suse.com/security/cve/CVE-2025-21995"
},
{
"category": "external",
"summary": "SUSE Bug 1240821 for CVE-2025-21995",
"url": "https://bugzilla.suse.com/1240821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21995"
},
{
"cve": "CVE-2025-21996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: fix uninitialized size issue in radeon_vce_cs_parse()\n\nOn the off chance that command stream passed from userspace via\nioctl() call to radeon_vce_cs_parse() is weirdly crafted and\nfirst command to execute is to encode (case 0x03000001), the function\nin question will attempt to call radeon_vce_cs_reloc() with size\nargument that has not been properly initialized. Specifically, \u0027size\u0027\nwill point to \u0027tmp\u0027 variable before the latter had a chance to be\nassigned any value.\n\nPlay it safe and init \u0027tmp\u0027 with 0, thus ensuring that\nradeon_vce_cs_reloc() will catch an early error in cases like these.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.\n\n(cherry picked from commit 2d52de55f9ee7aaee0e09ac443f77855989c6b68)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21996",
"url": "https://www.suse.com/security/cve/CVE-2025-21996"
},
{
"category": "external",
"summary": "SUSE Bug 1240801 for CVE-2025-21996",
"url": "https://bugzilla.suse.com/1240801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-21996"
},
{
"cve": "CVE-2025-21999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc: fix UAF in proc_get_inode()\n\nFix race between rmmod and /proc/XXX\u0027s inode instantiation.\n\nThe bug is that pde-\u003eproc_ops don\u0027t belong to /proc, it belongs to a\nmodule, therefore dereferencing it after /proc entry has been registered\nis a bug unless use_pde/unuse_pde() pair has been used.\n\nuse_pde/unuse_pde can be avoided (2 atomic ops!) because pde-\u003eproc_ops\nnever changes so information necessary for inode instantiation can be\nsaved _before_ proc_register() in PDE itself and used later, avoiding\npde-\u003eproc_ops-\u003e... dereference.\n\n rmmod lookup\nsys_delete_module\n proc_lookup_de\n\t\t\t pde_get(de);\n\t\t\t proc_get_inode(dir-\u003ei_sb, de);\n mod-\u003eexit()\n proc_remove\n remove_proc_subtree\n proc_entry_rundown(de);\n free_module(mod);\n\n if (S_ISREG(inode-\u003ei_mode))\n\t if (de-\u003eproc_ops-\u003eproc_read_iter)\n --\u003e As module is already freed, will trigger UAF\n\nBUG: unable to handle page fault for address: fffffbfff80a702b\nPGD 817fc4067 P4D 817fc4067 PUD 817fc0067 PMD 102ef4067 PTE 0\nOops: Oops: 0000 [#1] PREEMPT SMP KASAN PTI\nCPU: 26 UID: 0 PID: 2667 Comm: ls Tainted: G\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nRIP: 0010:proc_get_inode+0x302/0x6e0\nRSP: 0018:ffff88811c837998 EFLAGS: 00010a06\nRAX: dffffc0000000000 RBX: ffffffffc0538140 RCX: 0000000000000007\nRDX: 1ffffffff80a702b RSI: 0000000000000001 RDI: ffffffffc0538158\nRBP: ffff8881299a6000 R08: 0000000067bbe1e5 R09: 1ffff11023906f20\nR10: ffffffffb560ca07 R11: ffffffffb2b43a58 R12: ffff888105bb78f0\nR13: ffff888100518048 R14: ffff8881299a6004 R15: 0000000000000001\nFS: 00007f95b9686840(0000) GS:ffff8883af100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: fffffbfff80a702b CR3: 0000000117dd2000 CR4: 00000000000006f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n proc_lookup_de+0x11f/0x2e0\n __lookup_slow+0x188/0x350\n walk_component+0x2ab/0x4f0\n path_lookupat+0x120/0x660\n filename_lookup+0x1ce/0x560\n vfs_statx+0xac/0x150\n __do_sys_newstat+0x96/0x110\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\n[adobriyan@gmail.com: don\u0027t do 2 atomic ops on the common path]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21999",
"url": "https://www.suse.com/security/cve/CVE-2025-21999"
},
{
"category": "external",
"summary": "SUSE Bug 1240802 for CVE-2025-21999",
"url": "https://bugzilla.suse.com/1240802"
},
{
"category": "external",
"summary": "SUSE Bug 1242579 for CVE-2025-21999",
"url": "https://bugzilla.suse.com/1242579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-21999"
},
{
"cve": "CVE-2025-22001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix integer overflow in qaic_validate_req()\n\nThese are u64 variables that come from the user via\nqaic_attach_slice_bo_ioctl(). Use check_add_overflow() to ensure that\nthe math doesn\u0027t have an integer wrapping bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22001",
"url": "https://www.suse.com/security/cve/CVE-2025-22001"
},
{
"category": "external",
"summary": "SUSE Bug 1240873 for CVE-2025-22001",
"url": "https://bugzilla.suse.com/1240873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22001"
},
{
"cve": "CVE-2025-22003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: ucan: fix out of bound read in strscpy() source\n\nCommit 7fdaf8966aae (\"can: ucan: use strscpy() to instead of strncpy()\")\nunintentionally introduced a one byte out of bound read on strscpy()\u0027s\nsource argument (which is kind of ironic knowing that strscpy() is meant\nto be a more secure alternative :)).\n\nLet\u0027s consider below buffers:\n\n dest[len + 1]; /* will be NUL terminated */\n src[len]; /* may not be NUL terminated */\n\nWhen doing:\n\n strncpy(dest, src, len);\n dest[len] = \u0027\\0\u0027;\n\nstrncpy() will read up to len bytes from src.\n\nOn the other hand:\n\n strscpy(dest, src, len + 1);\n\nwill read up to len + 1 bytes from src, that is to say, an out of bound\nread of one byte will occur on src if it is not NUL terminated. Note\nthat the src[len] byte is never copied, but strscpy() still needs to\nread it to check whether a truncation occurred or not.\n\nThis exact pattern happened in ucan.\n\nThe root cause is that the source is not NUL terminated. Instead of\ndoing a copy in a local buffer, directly NUL terminate it as soon as\nusb_control_msg() returns. With this, the local firmware_str[] variable\ncan be removed.\n\nOn top of this do a couple refactors:\n\n - ucan_ctl_payload-\u003eraw is only used for the firmware string, so\n rename it to ucan_ctl_payload-\u003efw_str and change its type from u8 to\n char.\n\n - ucan_device_request_in() is only used to retrieve the firmware\n string, so rename it to ucan_get_fw_str() and refactor it to make it\n directly handle all the string termination logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22003",
"url": "https://www.suse.com/security/cve/CVE-2025-22003"
},
{
"category": "external",
"summary": "SUSE Bug 1240825 for CVE-2025-22003",
"url": "https://bugzilla.suse.com/1240825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22003"
},
{
"cve": "CVE-2025-22004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atm: fix use after free in lec_send()\n\nThe -\u003esend() operation frees skb so save the length before calling\n-\u003esend() to avoid a use after free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22004",
"url": "https://www.suse.com/security/cve/CVE-2025-22004"
},
{
"category": "external",
"summary": "SUSE Bug 1240835 for CVE-2025-22004",
"url": "https://bugzilla.suse.com/1240835"
},
{
"category": "external",
"summary": "SUSE Bug 1241090 for CVE-2025-22004",
"url": "https://bugzilla.suse.com/1241090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-22004"
},
{
"cve": "CVE-2025-22007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix error code in chan_alloc_skb_cb()\n\nThe chan_alloc_skb_cb() function is supposed to return error pointers on\nerror. Returning NULL will lead to a NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22007",
"url": "https://www.suse.com/security/cve/CVE-2025-22007"
},
{
"category": "external",
"summary": "SUSE Bug 1240829 for CVE-2025-22007",
"url": "https://bugzilla.suse.com/1240829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22007"
},
{
"cve": "CVE-2025-22008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: check that dummy regulator has been probed before using it\n\nDue to asynchronous driver probing there is a chance that the dummy\nregulator hasn\u0027t already been probed when first accessing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22008",
"url": "https://www.suse.com/security/cve/CVE-2025-22008"
},
{
"category": "external",
"summary": "SUSE Bug 1240942 for CVE-2025-22008",
"url": "https://bugzilla.suse.com/1240942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22008"
},
{
"cve": "CVE-2025-22009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: dummy: force synchronous probing\n\nSometimes I get a NULL pointer dereference at boot time in kobject_get()\nwith the following call stack:\n\nanatop_regulator_probe()\n devm_regulator_register()\n regulator_register()\n regulator_resolve_supply()\n kobject_get()\n\nBy placing some extra BUG_ON() statements I could verify that this is\nraised because probing of the \u0027dummy\u0027 regulator driver is not completed\n(\u0027dummy_regulator_rdev\u0027 is still NULL).\n\nIn the JTAG debugger I can see that dummy_regulator_probe() and\nanatop_regulator_probe() can be run by different kernel threads\n(kworker/u4:*). I haven\u0027t further investigated whether this can be\nchanged or if there are other possibilities to force synchronization\nbetween these two probe routines. On the other hand I don\u0027t expect much\nboot time penalty by probing the \u0027dummy\u0027 regulator synchronously.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22009",
"url": "https://www.suse.com/security/cve/CVE-2025-22009"
},
{
"category": "external",
"summary": "SUSE Bug 1240940 for CVE-2025-22009",
"url": "https://bugzilla.suse.com/1240940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22009"
},
{
"cve": "CVE-2025-22010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix soft lockup during bt pages loop\n\nDriver runs a for-loop when allocating bt pages and mapping them with\nbuffer pages. When a large buffer (e.g. MR over 100GB) is being allocated,\nit may require a considerable loop count. This will lead to soft lockup:\n\n watchdog: BUG: soft lockup - CPU#27 stuck for 22s!\n ...\n Call trace:\n hem_list_alloc_mid_bt+0x124/0x394 [hns_roce_hw_v2]\n hns_roce_hem_list_request+0xf8/0x160 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x2e4/0x360 [hns_roce_hw_v2]\n alloc_mr_pbl+0xd4/0x17c [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0xf8/0x190 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x118/0x290\n\n watchdog: BUG: soft lockup - CPU#35 stuck for 23s!\n ...\n Call trace:\n hns_roce_hem_list_find_mtt+0x7c/0xb0 [hns_roce_hw_v2]\n mtr_map_bufs+0xc4/0x204 [hns_roce_hw_v2]\n hns_roce_mtr_create+0x31c/0x3c4 [hns_roce_hw_v2]\n alloc_mr_pbl+0xb0/0x160 [hns_roce_hw_v2]\n hns_roce_reg_user_mr+0x108/0x1c0 [hns_roce_hw_v2]\n ib_uverbs_reg_mr+0x120/0x2bc\n\nAdd a cond_resched() to fix soft lockup during these loops. In order not\nto affect the allocation performance of normal-size buffer, set the loop\ncount of a 100GB MR as the threshold to call cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22010",
"url": "https://www.suse.com/security/cve/CVE-2025-22010"
},
{
"category": "external",
"summary": "SUSE Bug 1240943 for CVE-2025-22010",
"url": "https://bugzilla.suse.com/1240943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22010"
},
{
"cve": "CVE-2025-22013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Unconditionally save+flush host FPSIMD/SVE/SME state\n\nThere are several problems with the way hyp code lazily saves the host\u0027s\nFPSIMD/SVE state, including:\n\n* Host SVE being discarded unexpectedly due to inconsistent\n configuration of TIF_SVE and CPACR_ELx.ZEN. This has been seen to\n result in QEMU crashes where SVE is used by memmove(), as reported by\n Eric Auger:\n\n https://issues.redhat.com/browse/RHEL-68997\n\n* Host SVE state is discarded *after* modification by ptrace, which was an\n unintentional ptrace ABI change introduced with lazy discarding of SVE state.\n\n* The host FPMR value can be discarded when running a non-protected VM,\n where FPMR support is not exposed to a VM, and that VM uses\n FPSIMD/SVE. In these cases the hyp code does not save the host\u0027s FPMR\n before unbinding the host\u0027s FPSIMD/SVE/SME state, leaving a stale\n value in memory.\n\nAvoid these by eagerly saving and \"flushing\" the host\u0027s FPSIMD/SVE/SME\nstate when loading a vCPU such that KVM does not need to save any of the\nhost\u0027s FPSIMD/SVE/SME state. For clarity, fpsimd_kvm_prepare() is\nremoved and the necessary call to fpsimd_save_and_flush_cpu_state() is\nplaced in kvm_arch_vcpu_load_fp(). As \u0027fpsimd_state\u0027 and \u0027fpmr_ptr\u0027\nshould not be used, they are set to NULL; all uses of these will be\nremoved in subsequent patches.\n\nHistorical problems go back at least as far as v5.17, e.g. erroneous\nassumptions about TIF_SVE being clear in commit:\n\n 8383741ab2e773a9 (\"KVM: arm64: Get rid of host SVE tracking/saving\")\n\n... and so this eager save+flush probably needs to be backported to ALL\nstable trees.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22013",
"url": "https://www.suse.com/security/cve/CVE-2025-22013"
},
{
"category": "external",
"summary": "SUSE Bug 1240938 for CVE-2025-22013",
"url": "https://bugzilla.suse.com/1240938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22013"
},
{
"cve": "CVE-2025-22014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pdr: Fix the potential deadlock\n\nWhen some client process A call pdr_add_lookup() to add the look up for\nthe service and does schedule locator work, later a process B got a new\nserver packet indicating locator is up and call pdr_locator_new_server()\nwhich eventually sets pdr-\u003elocator_init_complete to true which process A\nsees and takes list lock and queries domain list but it will timeout due\nto deadlock as the response will queued to the same qmi-\u003ewq and it is\nordered workqueue and process B is not able to complete new server\nrequest work due to deadlock on list lock.\n\nFix it by removing the unnecessary list iteration as the list iteration\nis already being done inside locator work, so avoid it here and just\ncall schedule_work() here.\n\n Process A Process B\n\n process_scheduled_works()\npdr_add_lookup() qmi_data_ready_work()\n process_scheduled_works() pdr_locator_new_server()\n pdr-\u003elocator_init_complete=true;\n pdr_locator_work()\n mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_locate_service() mutex_lock(\u0026pdr-\u003elist_lock);\n\n pdr_get_domain_list()\n pr_err(\"PDR: %s get domain list\n txn wait failed: %d\\n\",\n req-\u003eservice_name,\n ret);\n\nTimeout error log due to deadlock:\n\n\"\n PDR: tms/servreg get domain list txn wait failed: -110\n PDR: service lookup for msm/adsp/sensor_pd:tms/servreg failed: -110\n\"\n\nThanks to Bjorn and Johan for letting me know that this commit also fixes\nan audio regression when using the in-kernel pd-mapper as that makes it\neasier to hit this race. [1]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22014",
"url": "https://www.suse.com/security/cve/CVE-2025-22014"
},
{
"category": "external",
"summary": "SUSE Bug 1240937 for CVE-2025-22014",
"url": "https://bugzilla.suse.com/1240937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22014"
},
{
"cve": "CVE-2025-22015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/migrate: fix shmem xarray update during migration\n\nA shmem folio can be either in page cache or in swap cache, but not at the\nsame time. Namely, once it is in swap cache, folio-\u003emapping should be\nNULL, and the folio is no longer in a shmem mapping.\n\nIn __folio_migrate_mapping(), to determine the number of xarray entries to\nupdate, folio_test_swapbacked() is used, but that conflates shmem in page\ncache case and shmem in swap cache case. It leads to xarray multi-index\nentry corruption, since it turns a sibling entry to a normal entry during\nxas_store() (see [1] for a userspace reproduction). Fix it by only using\nfolio_test_swapcache() to determine whether xarray is storing swap cache\nentries or not to choose the right number of xarray entries to update.\n\n[1] https://lore.kernel.org/linux-mm/Z8idPCkaJW1IChjT@casper.infradead.org/\n\nNote:\nIn __split_huge_page(), folio_test_anon() \u0026\u0026 folio_test_swapcache() is\nused to get swap_cache address space, but that ignores the shmem folio in\nswap cache case. It could lead to NULL pointer dereferencing when a\nin-swap-cache shmem folio is split at __xa_store(), since\n!folio_test_anon() is true and folio-\u003emapping is NULL. But fortunately,\nits caller split_huge_page_to_list_to_order() bails out early with EBUSY\nwhen folio-\u003emapping is NULL. So no need to take care of it here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22015",
"url": "https://www.suse.com/security/cve/CVE-2025-22015"
},
{
"category": "external",
"summary": "SUSE Bug 1240944 for CVE-2025-22015",
"url": "https://bugzilla.suse.com/1240944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22015"
},
{
"cve": "CVE-2025-22016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (pin).\n\nFix it by checking if err is lower than zero.\n\nThis wasn\u0027t found in real usecase, only noticed. Credit to Pierre.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22016",
"url": "https://www.suse.com/security/cve/CVE-2025-22016"
},
{
"category": "external",
"summary": "SUSE Bug 1240934 for CVE-2025-22016",
"url": "https://bugzilla.suse.com/1240934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22016"
},
{
"cve": "CVE-2025-22017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix xa_alloc_cyclic() error handling\n\nIn case of returning 1 from xa_alloc_cyclic() (wrapping) ERR_PTR(1) will\nbe returned, which will cause IS_ERR() to be false. Which can lead to\ndereference not allocated pointer (rel).\n\nFix it by checking if err is lower than zero.\n\nThis wasn\u0027t found in real usecase, only noticed. Credit to Pierre.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22017",
"url": "https://www.suse.com/security/cve/CVE-2025-22017"
},
{
"category": "external",
"summary": "SUSE Bug 1240936 for CVE-2025-22017",
"url": "https://bugzilla.suse.com/1240936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22017"
},
{
"cve": "CVE-2025-22018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natm: Fix NULL pointer dereference\n\nWhen MPOA_cache_impos_rcvd() receives the msg, it can trigger\nNull Pointer Dereference Vulnerability if both entry and\nholding_time are NULL. Because there is only for the situation\nwhere entry is NULL and holding_time exists, it can be passed\nwhen both entry and holding_time are NULL. If these are NULL,\nthe entry will be passd to eg_cache_put() as parameter and\nit is referenced by entry-\u003euse code in it.\n\nkasan log:\n\n[ 3.316691] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006:I\n[ 3.317568] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]\n[ 3.318188] CPU: 3 UID: 0 PID: 79 Comm: ex Not tainted 6.14.0-rc2 #102\n[ 3.318601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n[ 3.319298] RIP: 0010:eg_cache_remove_entry+0xa5/0x470\n[ 3.319677] Code: c1 f7 6e fd 48 c7 c7 00 7e 38 b2 e8 95 64 54 fd 48 c7 c7 40 7e 38 b2 48 89 ee e80\n[ 3.321220] RSP: 0018:ffff88800583f8a8 EFLAGS: 00010006\n[ 3.321596] RAX: 0000000000000006 RBX: ffff888005989000 RCX: ffffffffaecc2d8e\n[ 3.322112] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000030\n[ 3.322643] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff6558b88\n[ 3.323181] R10: 0000000000000003 R11: 203a207972746e65 R12: 1ffff11000b07f15\n[ 3.323707] R13: dffffc0000000000 R14: ffff888005989000 R15: ffff888005989068\n[ 3.324185] FS: 000000001b6313c0(0000) GS:ffff88806d380000(0000) knlGS:0000000000000000\n[ 3.325042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 3.325545] CR2: 00000000004b4b40 CR3: 000000000248e000 CR4: 00000000000006f0\n[ 3.326430] Call Trace:\n[ 3.326725] \u003cTASK\u003e\n[ 3.326927] ? die_addr+0x3c/0xa0\n[ 3.327330] ? exc_general_protection+0x161/0x2a0\n[ 3.327662] ? asm_exc_general_protection+0x26/0x30\n[ 3.328214] ? vprintk_emit+0x15e/0x420\n[ 3.328543] ? eg_cache_remove_entry+0xa5/0x470\n[ 3.328910] ? eg_cache_remove_entry+0x9a/0x470\n[ 3.329294] ? __pfx_eg_cache_remove_entry+0x10/0x10\n[ 3.329664] ? console_unlock+0x107/0x1d0\n[ 3.329946] ? __pfx_console_unlock+0x10/0x10\n[ 3.330283] ? do_syscall_64+0xa6/0x1a0\n[ 3.330584] ? entry_SYSCALL_64_after_hwframe+0x47/0x7f\n[ 3.331090] ? __pfx_prb_read_valid+0x10/0x10\n[ 3.331395] ? down_trylock+0x52/0x80\n[ 3.331703] ? vprintk_emit+0x15e/0x420\n[ 3.331986] ? __pfx_vprintk_emit+0x10/0x10\n[ 3.332279] ? down_trylock+0x52/0x80\n[ 3.332527] ? _printk+0xbf/0x100\n[ 3.332762] ? __pfx__printk+0x10/0x10\n[ 3.333007] ? _raw_write_lock_irq+0x81/0xe0\n[ 3.333284] ? __pfx__raw_write_lock_irq+0x10/0x10\n[ 3.333614] msg_from_mpoad+0x1185/0x2750\n[ 3.333893] ? __build_skb_around+0x27b/0x3a0\n[ 3.334183] ? __pfx_msg_from_mpoad+0x10/0x10\n[ 3.334501] ? __alloc_skb+0x1c0/0x310\n[ 3.334809] ? __pfx___alloc_skb+0x10/0x10\n[ 3.335283] ? _raw_spin_lock+0xe0/0xe0\n[ 3.335632] ? finish_wait+0x8d/0x1e0\n[ 3.335975] vcc_sendmsg+0x684/0xba0\n[ 3.336250] ? __pfx_vcc_sendmsg+0x10/0x10\n[ 3.336587] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 3.337056] ? fdget+0x176/0x3e0\n[ 3.337348] __sys_sendto+0x4a2/0x510\n[ 3.337663] ? __pfx___sys_sendto+0x10/0x10\n[ 3.337969] ? ioctl_has_perm.constprop.0.isra.0+0x284/0x400\n[ 3.338364] ? sock_ioctl+0x1bb/0x5a0\n[ 3.338653] ? __rseq_handle_notify_resume+0x825/0xd20\n[ 3.339017] ? __pfx_sock_ioctl+0x10/0x10\n[ 3.339316] ? __pfx___rseq_handle_notify_resume+0x10/0x10\n[ 3.339727] ? selinux_file_ioctl+0xa4/0x260\n[ 3.340166] __x64_sys_sendto+0xe0/0x1c0\n[ 3.340526] ? syscall_exit_to_user_mode+0x123/0x140\n[ 3.340898] do_syscall_64+0xa6/0x1a0\n[ 3.341170] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 3.341533] RIP: 0033:0x44a380\n[ 3.341757] Code: 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c00\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22018",
"url": "https://www.suse.com/security/cve/CVE-2025-22018"
},
{
"category": "external",
"summary": "SUSE Bug 1241266 for CVE-2025-22018",
"url": "https://bugzilla.suse.com/1241266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22018"
},
{
"cve": "CVE-2025-22020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove\n\nThis fixes the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\nRead of size 8 at addr ffff888136335380 by task kworker/6:0/140241\n\nCPU: 6 UID: 0 PID: 140241 Comm: kworker/6:0 Kdump: loaded Tainted: G E 6.14.0-rc6+ #1\nTainted: [E]=UNSIGNED_MODULE\nHardware name: LENOVO 30FNA1V7CW/1057, BIOS S0EKT54A 07/01/2024\nWorkqueue: events rtsx_usb_ms_poll_card [rtsx_usb_ms]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x51/0x70\n print_address_description.constprop.0+0x27/0x320\n ? rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n print_report+0x3e/0x70\n kasan_report+0xab/0xe0\n ? rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n rtsx_usb_ms_poll_card+0x159/0x200 [rtsx_usb_ms]\n ? __pfx_rtsx_usb_ms_poll_card+0x10/0x10 [rtsx_usb_ms]\n ? __pfx___schedule+0x10/0x10\n ? kick_pool+0x3b/0x270\n process_one_work+0x357/0x660\n worker_thread+0x390/0x4c0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x190/0x1d0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 161446:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n __kasan_kmalloc+0x7b/0x90\n __kmalloc_noprof+0x1a7/0x470\n memstick_alloc_host+0x1f/0xe0 [memstick]\n rtsx_usb_ms_drv_probe+0x47/0x320 [rtsx_usb_ms]\n platform_probe+0x60/0xe0\n call_driver_probe+0x35/0x120\n really_probe+0x123/0x410\n __driver_probe_device+0xc7/0x1e0\n driver_probe_device+0x49/0xf0\n __device_attach_driver+0xc6/0x160\n bus_for_each_drv+0xe4/0x160\n __device_attach+0x13a/0x2b0\n bus_probe_device+0xbd/0xd0\n device_add+0x4a5/0x760\n platform_device_add+0x189/0x370\n mfd_add_device+0x587/0x5e0\n mfd_add_devices+0xb1/0x130\n rtsx_usb_probe+0x28e/0x2e0 [rtsx_usb]\n usb_probe_interface+0x15c/0x460\n call_driver_probe+0x35/0x120\n really_probe+0x123/0x410\n __driver_probe_device+0xc7/0x1e0\n driver_probe_device+0x49/0xf0\n __device_attach_driver+0xc6/0x160\n bus_for_each_drv+0xe4/0x160\n __device_attach+0x13a/0x2b0\n rebind_marked_interfaces.isra.0+0xcc/0x110\n usb_reset_device+0x352/0x410\n usbdev_do_ioctl+0xe5c/0x1860\n usbdev_ioctl+0xa/0x20\n __x64_sys_ioctl+0xc5/0xf0\n do_syscall_64+0x59/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 161506:\n kasan_save_stack+0x20/0x40\n kasan_save_track+0x10/0x30\n kasan_save_free_info+0x36/0x60\n __kasan_slab_free+0x34/0x50\n kfree+0x1fd/0x3b0\n device_release+0x56/0xf0\n kobject_cleanup+0x73/0x1c0\n rtsx_usb_ms_drv_remove+0x13d/0x220 [rtsx_usb_ms]\n platform_remove+0x2f/0x50\n device_release_driver_internal+0x24b/0x2e0\n bus_remove_device+0x124/0x1d0\n device_del+0x239/0x530\n platform_device_del.part.0+0x19/0xe0\n platform_device_unregister+0x1c/0x40\n mfd_remove_devices_fn+0x167/0x170\n device_for_each_child_reverse+0xc9/0x130\n mfd_remove_devices+0x6e/0xa0\n rtsx_usb_disconnect+0x2e/0xd0 [rtsx_usb]\n usb_unbind_interface+0xf3/0x3f0\n device_release_driver_internal+0x24b/0x2e0\n proc_disconnect_claim+0x13d/0x220\n usbdev_do_ioctl+0xb5e/0x1860\n usbdev_ioctl+0xa/0x20\n __x64_sys_ioctl+0xc5/0xf0\n do_syscall_64+0x59/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x20/0x40\n kasan_record_aux_stack+0x85/0x90\n insert_work+0x29/0x100\n __queue_work+0x34a/0x540\n call_timer_fn+0x2a/0x160\n expire_timers+0x5f/0x1f0\n __run_timer_base.part.0+0x1b6/0x1e0\n run_timer_softirq+0x8b/0xe0\n handle_softirqs+0xf9/0x360\n __irq_exit_rcu+0x114/0x130\n sysvec_apic_timer_interrupt+0x72/0x90\n asm_sysvec_apic_timer_interrupt+0x16/0x20\n\nSecond to last potentially related work creation:\n kasan_save_stack+0x20/0x40\n kasan_record_aux_stack+0x85/0x90\n insert_work+0x29/0x100\n __queue_work+0x34a/0x540\n call_timer_fn+0x2a/0x160\n expire_timers+0x5f/0x1f0\n __run_timer_base.part.0+0x1b6/0x1e0\n run_timer_softirq+0x8b/0xe0\n handle_softirqs+0xf9/0x\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22020",
"url": "https://www.suse.com/security/cve/CVE-2025-22020"
},
{
"category": "external",
"summary": "SUSE Bug 1241280 for CVE-2025-22020",
"url": "https://bugzilla.suse.com/1241280"
},
{
"category": "external",
"summary": "SUSE Bug 1241281 for CVE-2025-22020",
"url": "https://bugzilla.suse.com/1241281"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-22020"
},
{
"cve": "CVE-2025-22021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: socket: Lookup orig tuple for IPv6 SNAT\n\nnf_sk_lookup_slow_v4 does the conntrack lookup for IPv4 packets to\nrestore the original 5-tuple in case of SNAT, to be able to find the\nright socket (if any). Then socket_match() can correctly check whether\nthe socket was transparent.\n\nHowever, the IPv6 counterpart (nf_sk_lookup_slow_v6) lacks this\nconntrack lookup, making xt_socket fail to match on the socket when the\npacket was SNATed. Add the same logic to nf_sk_lookup_slow_v6.\n\nIPv6 SNAT is used in Kubernetes clusters for pod-to-world packets, as\npods\u0027 addresses are in the fd00::/8 ULA subnet and need to be replaced\nwith the node\u0027s external address. Cilium leverages Envoy to enforce L7\npolicies, and Envoy uses transparent sockets. Cilium inserts an iptables\nprerouting rule that matches on `-m socket --transparent` and redirects\nthe packets to localhost, but it fails to match SNATed IPv6 packets due\nto that missing conntrack lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22021",
"url": "https://www.suse.com/security/cve/CVE-2025-22021"
},
{
"category": "external",
"summary": "SUSE Bug 1241282 for CVE-2025-22021",
"url": "https://bugzilla.suse.com/1241282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "low"
}
],
"title": "CVE-2025-22021"
},
{
"cve": "CVE-2025-22025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: put dl_stid if fail to queue dl_recall\n\nBefore calling nfsd4_run_cb to queue dl_recall to the callback_wq, we\nincrement the reference count of dl_stid.\nWe expect that after the corresponding work_struct is processed, the\nreference count of dl_stid will be decremented through the callback\nfunction nfsd4_cb_recall_release.\nHowever, if the call to nfsd4_run_cb fails, the incremented reference\ncount of dl_stid will not be decremented correspondingly, leading to the\nfollowing nfs4_stid leak:\nunreferenced object 0xffff88812067b578 (size 344):\n comm \"nfsd\", pid 2761, jiffies 4295044002 (age 5541.241s)\n hex dump (first 32 bytes):\n 01 00 00 00 6b 6b 6b 6b b8 02 c0 e2 81 88 ff ff ....kkkk........\n 00 6b 6b 6b 6b 6b 6b 6b 00 00 00 00 ad 4e ad de .kkkkkkk.....N..\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfsd4_process_open1+0x34/0x300\n nfsd4_open+0x2d1/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nunreferenced object 0xffff8881499f4d28 (size 368):\n comm \"nfsd\", pid 2761, jiffies 4295044005 (age 5541.239s)\n hex dump (first 32 bytes):\n 01 00 00 00 00 00 00 00 30 4d 9f 49 81 88 ff ff ........0M.I....\n 30 4d 9f 49 81 88 ff ff 20 00 00 00 01 00 00 00 0M.I.... .......\n backtrace:\n kmem_cache_alloc+0x4b9/0x700\n nfs4_alloc_stid+0x29/0x210\n alloc_init_deleg+0x92/0x2e0\n nfs4_set_delegation+0x284/0xc00\n nfs4_open_delegation+0x216/0x3f0\n nfsd4_process_open2+0x2b3/0xee0\n nfsd4_open+0x770/0x9d0\n nfsd4_proc_compound+0x7a2/0xe30\n nfsd_dispatch+0x241/0x3e0\n svc_process_common+0x5d3/0xcc0\n svc_process+0x2a3/0x320\n nfsd+0x180/0x2e0\n kthread+0x199/0x1d0\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1b/0x30\nFix it by checking the result of nfsd4_run_cb and call nfs4_put_stid if\nfail to queue dl_recall.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22025",
"url": "https://www.suse.com/security/cve/CVE-2025-22025"
},
{
"category": "external",
"summary": "SUSE Bug 1241361 for CVE-2025-22025",
"url": "https://bugzilla.suse.com/1241361"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22025"
},
{
"cve": "CVE-2025-22027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: streamzap: fix race between device disconnection and urb callback\n\nSyzkaller has reported a general protection fault at function\nir_raw_event_store_with_filter(). This crash is caused by a NULL pointer\ndereference of dev-\u003eraw pointer, even though it is checked for NULL in\nthe same function, which means there is a race condition. It occurs due\nto the incorrect order of actions in the streamzap_disconnect() function:\nrc_unregister_device() is called before usb_kill_urb(). The dev-\u003eraw\npointer is freed and set to NULL in rc_unregister_device(), and only\nafter that usb_kill_urb() waits for in-progress requests to finish.\n\nIf rc_unregister_device() is called while streamzap_callback() handler is\nnot finished, this can lead to accessing freed resources. Thus\nrc_unregister_device() should be called after usb_kill_urb().\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22027",
"url": "https://www.suse.com/security/cve/CVE-2025-22027"
},
{
"category": "external",
"summary": "SUSE Bug 1241369 for CVE-2025-22027",
"url": "https://bugzilla.suse.com/1241369"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22027"
},
{
"cve": "CVE-2025-22029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22029"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22029",
"url": "https://www.suse.com/security/cve/CVE-2025-22029"
},
{
"category": "external",
"summary": "SUSE Bug 1241378 for CVE-2025-22029",
"url": "https://bugzilla.suse.com/1241378"
},
{
"category": "external",
"summary": "SUSE Bug 1241379 for CVE-2025-22029",
"url": "https://bugzilla.suse.com/1241379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-22029"
},
{
"cve": "CVE-2025-22030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()\n\nCurrently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding\nthe per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock\n(through crypto_exit_scomp_ops_async()).\n\nOn the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through\ncrypto_scomp_init_tfm()), and then allocates memory. If the allocation\nresults in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.\n\nThe above dependencies can cause an ABBA deadlock. For example in the\nfollowing scenario:\n\n(1) Task A running on CPU #1:\n crypto_alloc_acomp_node()\n Holds scomp_lock\n Enters reclaim\n Reads per_cpu_ptr(pool-\u003eacomp_ctx, 1)\n\n(2) Task A is descheduled\n\n(3) CPU #1 goes offline\n zswap_cpu_comp_dead(CPU #1)\n Holds per_cpu_ptr(pool-\u003eacomp_ctx, 1))\n Calls crypto_free_acomp()\n Waits for scomp_lock\n\n(4) Task A running on CPU #2:\n Waits for per_cpu_ptr(pool-\u003eacomp_ctx, 1) // Read on CPU #1\n DEADLOCK\n\nSince there is no requirement to call crypto_free_acomp() with the per-CPU\nacomp_ctx mutex held in zswap_cpu_comp_dead(), move it after the mutex is\nunlocked. Also move the acomp_request_free() and kfree() calls for\nconsistency and to avoid any potential sublte locking dependencies in the\nfuture.\n\nWith this, only setting acomp_ctx fields to NULL occurs with the mutex\nheld. This is similar to how zswap_cpu_comp_prepare() only initializes\nacomp_ctx fields with the mutex held, after performing all allocations\nbefore holding the mutex.\n\nOpportunistically, move the NULL check on acomp_ctx so that it takes place\nbefore the mutex dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22030",
"url": "https://www.suse.com/security/cve/CVE-2025-22030"
},
{
"category": "external",
"summary": "SUSE Bug 1241376 for CVE-2025-22030",
"url": "https://bugzilla.suse.com/1241376"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22030"
},
{
"cve": "CVE-2025-22033",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22033"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Don\u0027t call NULL in do_compat_alignment_fixup()\n\ndo_alignment_t32_to_handler() only fixes up alignment faults for\nspecific instructions; it returns NULL otherwise (e.g. LDREX). When\nthat\u0027s the case, signal to the caller that it needs to proceed with the\nregular alignment fault handling (i.e. SIGBUS). Without this patch, the\nkernel panics:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000086000006\n EC = 0x21: IABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000800164aa000\n [0000000000000000] pgd=0800081fdbd22003, p4d=0800081fdbd22003, pud=08000815d51c6003, pmd=0000000000000000\n Internal error: Oops: 0000000086000006 [#1] SMP\n Modules linked in: cfg80211 rfkill xt_nat xt_tcpudp xt_conntrack nft_chain_nat xt_MASQUERADE nf_nat nf_conntrack_netlink nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 xfrm_user xfrm_algo xt_addrtype nft_compat br_netfilter veth nvme_fa\u003e\n libcrc32c crc32c_generic raid0 multipath linear dm_mod dax raid1 md_mod xhci_pci nvme xhci_hcd nvme_core t10_pi usbcore igb crc64_rocksoft crc64 crc_t10dif crct10dif_generic crct10dif_ce crct10dif_common usb_common i2c_algo_bit i2c\u003e\n CPU: 2 PID: 3932954 Comm: WPEWebProcess Not tainted 6.1.0-31-arm64 #1 Debian 6.1.128-1\n Hardware name: GIGABYTE MP32-AR1-00/MP32-AR1-00, BIOS F18v (SCP: 1.08.20211002) 12/01/2021\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : 0x0\n lr : do_compat_alignment_fixup+0xd8/0x3dc\n sp : ffff80000f973dd0\n x29: ffff80000f973dd0 x28: ffff081b42526180 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n x23: 0000000000000004 x22: 0000000000000000 x21: 0000000000000001\n x20: 00000000e8551f00 x19: ffff80000f973eb0 x18: 0000000000000000\n x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000\n x11: 0000000000000000 x10: 0000000000000000 x9 : ffffaebc949bc488\n x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000\n x5 : 0000000000400000 x4 : 0000fffffffffffe x3 : 0000000000000000\n x2 : ffff80000f973eb0 x1 : 00000000e8551f00 x0 : 0000000000000001\n Call trace:\n 0x0\n do_alignment_fault+0x40/0x50\n do_mem_abort+0x4c/0xa0\n el0_da+0x48/0xf0\n el0t_32_sync_handler+0x110/0x140\n el0t_32_sync+0x190/0x194\n Code: bad PC value\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22033",
"url": "https://www.suse.com/security/cve/CVE-2025-22033"
},
{
"category": "external",
"summary": "SUSE Bug 1241436 for CVE-2025-22033",
"url": "https://bugzilla.suse.com/1241436"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22033"
},
{
"cve": "CVE-2025-22036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix random stack corruption after get_block\n\nWhen get_block is called with a buffer_head allocated on the stack, such\nas do_mpage_readpage, stack corruption due to buffer_head UAF may occur in\nthe following race condition situation.\n\n \u003cCPU 0\u003e \u003cCPU 1\u003e\nmpage_read_folio\n \u003c\u003cbh on stack\u003e\u003e\n do_mpage_readpage\n exfat_get_block\n bh_read\n __bh_read\n\t get_bh(bh)\n submit_bh\n wait_on_buffer\n ...\n end_buffer_read_sync\n __end_buffer_read_notouch\n unlock_buffer\n \u003c\u003ckeep going\u003e\u003e\n ...\n ...\n ...\n ...\n\u003c\u003cbh is not valid out of mpage_read_folio\u003e\u003e\n .\n .\nanother_function\n \u003c\u003cvariable A on stack\u003e\u003e\n put_bh(bh)\n atomic_dec(bh-\u003eb_count)\n * stack corruption here *\n\nThis patch returns -EAGAIN if a folio does not have buffers when bh_read\nneeds to be called. By doing this, the caller can fallback to functions\nlike block_read_full_folio(), create a buffer_head in the folio, and then\ncall get_block again.\n\nLet\u0027s do not call bh_read() with on-stack buffer_head.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22036",
"url": "https://www.suse.com/security/cve/CVE-2025-22036"
},
{
"category": "external",
"summary": "SUSE Bug 1241426 for CVE-2025-22036",
"url": "https://bugzilla.suse.com/1241426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22036"
},
{
"cve": "CVE-2025-22044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nacpi: nfit: fix narrowing conversion in acpi_nfit_ctl\n\nSyzkaller has reported a warning in to_nfit_bus_uuid(): \"only secondary\nbus families can be translated\". This warning is emited if the argument\nis equal to NVDIMM_BUS_FAMILY_NFIT == 0. Function acpi_nfit_ctl() first\nverifies that a user-provided value call_pkg-\u003end_family of type u64 is\nnot equal to 0. Then the value is converted to int, and only after that\nis compared to NVDIMM_BUS_FAMILY_MAX. This can lead to passing an invalid\nargument to acpi_nfit_ctl(), if call_pkg-\u003end_family is non-zero, while\nthe lower 32 bits are zero.\n\nFurthermore, it is best to return EINVAL immediately upon seeing the\ninvalid user input. The WARNING is insufficient to prevent further\nundefined behavior based on other invalid user input.\n\nAll checks of the input value should be applied to the original variable\ncall_pkg-\u003end_family.\n\n[iweiny: update commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22044",
"url": "https://www.suse.com/security/cve/CVE-2025-22044"
},
{
"category": "external",
"summary": "SUSE Bug 1241424 for CVE-2025-22044",
"url": "https://bugzilla.suse.com/1241424"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22044"
},
{
"cve": "CVE-2025-22045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Fix flush_tlb_range() when used for zapping normal PMDs\n\nOn the following path, flush_tlb_range() can be used for zapping normal\nPMD entries (PMD entries that point to page tables) together with the PTE\nentries in the pointed-to page table:\n\n collapse_pte_mapped_thp\n pmdp_collapse_flush\n flush_tlb_range\n\nThe arm64 version of flush_tlb_range() has a comment describing that it can\nbe used for page table removal, and does not use any last-level\ninvalidation optimizations. Fix the X86 version by making it behave the\nsame way.\n\nCurrently, X86 only uses this information for the following two purposes,\nwhich I think means the issue doesn\u0027t have much impact:\n\n - In native_flush_tlb_multi() for checking if lazy TLB CPUs need to be\n IPI\u0027d to avoid issues with speculative page table walks.\n - In Hyper-V TLB paravirtualization, again for lazy TLB stuff.\n\nThe patch \"x86/mm: only invalidate final translations with INVLPGB\" which\nis currently under review (see\n\u003chttps://lore.kernel.org/all/20241230175550.4046587-13-riel@surriel.com/\u003e)\nwould probably be making the impact of this a lot worse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22045",
"url": "https://www.suse.com/security/cve/CVE-2025-22045"
},
{
"category": "external",
"summary": "SUSE Bug 1241433 for CVE-2025-22045",
"url": "https://bugzilla.suse.com/1241433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22045"
},
{
"cve": "CVE-2025-22050",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22050"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusbnet:fix NPE during rx_complete\n\nMissing usbnet_going_away Check in Critical Path.\nThe usb_submit_urb function lacks a usbnet_going_away\nvalidation, whereas __usbnet_queue_skb includes this check.\n\nThis inconsistency creates a race condition where:\nA URB request may succeed, but the corresponding SKB data\nfails to be queued.\n\nSubsequent processes:\n(e.g., rx_complete \u2192 defer_bh \u2192 __skb_unlink(skb, list))\nattempt to access skb-\u003enext, triggering a NULL pointer\ndereference (Kernel Panic).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22050",
"url": "https://www.suse.com/security/cve/CVE-2025-22050"
},
{
"category": "external",
"summary": "SUSE Bug 1241441 for CVE-2025-22050",
"url": "https://bugzilla.suse.com/1241441"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22050"
},
{
"cve": "CVE-2025-22053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ibmveth: make veth_pool_store stop hanging\n\nv2:\n- Created a single error handling unlock and exit in veth_pool_store\n- Greatly expanded commit message with previous explanatory-only text\n\nSummary: Use rtnl_mutex to synchronize veth_pool_store with itself,\nibmveth_close and ibmveth_open, preventing multiple calls in a row to\nnapi_disable.\n\nBackground: Two (or more) threads could call veth_pool_store through\nwriting to /sys/devices/vio/30000002/pool*/*. You can do this easily\nwith a little shell script. This causes a hang.\n\nI configured LOCKDEP, compiled ibmveth.c with DEBUG, and built a new\nkernel. I ran this test again and saw:\n\n Setting pool0/active to 0\n Setting pool1/active to 1\n [ 73.911067][ T4365] ibmveth 30000002 eth0: close starting\n Setting pool1/active to 1\n Setting pool1/active to 0\n [ 73.911367][ T4366] ibmveth 30000002 eth0: close starting\n [ 73.916056][ T4365] ibmveth 30000002 eth0: close complete\n [ 73.916064][ T4365] ibmveth 30000002 eth0: open starting\n [ 110.808564][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 230.808495][ T712] systemd-journald[712]: Sent WATCHDOG=1 notification.\n [ 243.683786][ T123] INFO: task stress.sh:4365 blocked for more than 122 seconds.\n [ 243.683827][ T123] Not tainted 6.14.0-01103-g2df0c02dab82-dirty #8\n [ 243.683833][ T123] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n [ 243.683838][ T123] task:stress.sh state:D stack:28096 pid:4365 tgid:4365 ppid:4364 task_flags:0x400040 flags:0x00042000\n [ 243.683852][ T123] Call Trace:\n [ 243.683857][ T123] [c00000000c38f690] [0000000000000001] 0x1 (unreliable)\n [ 243.683868][ T123] [c00000000c38f840] [c00000000001f908] __switch_to+0x318/0x4e0\n [ 243.683878][ T123] [c00000000c38f8a0] [c000000001549a70] __schedule+0x500/0x12a0\n [ 243.683888][ T123] [c00000000c38f9a0] [c00000000154a878] schedule+0x68/0x210\n [ 243.683896][ T123] [c00000000c38f9d0] [c00000000154ac80] schedule_preempt_disabled+0x30/0x50\n [ 243.683904][ T123] [c00000000c38fa00] [c00000000154dbb0] __mutex_lock+0x730/0x10f0\n [ 243.683913][ T123] [c00000000c38fb10] [c000000001154d40] napi_enable+0x30/0x60\n [ 243.683921][ T123] [c00000000c38fb40] [c000000000f4ae94] ibmveth_open+0x68/0x5dc\n [ 243.683928][ T123] [c00000000c38fbe0] [c000000000f4aa20] veth_pool_store+0x220/0x270\n [ 243.683936][ T123] [c00000000c38fc70] [c000000000826278] sysfs_kf_write+0x68/0xb0\n [ 243.683944][ T123] [c00000000c38fcb0] [c0000000008240b8] kernfs_fop_write_iter+0x198/0x2d0\n [ 243.683951][ T123] [c00000000c38fd00] [c00000000071b9ac] vfs_write+0x34c/0x650\n [ 243.683958][ T123] [c00000000c38fdc0] [c00000000071bea8] ksys_write+0x88/0x150\n [ 243.683966][ T123] [c00000000c38fe10] [c0000000000317f4] system_call_exception+0x124/0x340\n [ 243.683973][ T123] [c00000000c38fe50] [c00000000000d05c] system_call_vectored_common+0x15c/0x2ec\n ...\n [ 243.684087][ T123] Showing all locks held in the system:\n [ 243.684095][ T123] 1 lock held by khungtaskd/123:\n [ 243.684099][ T123] #0: c00000000278e370 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x50/0x248\n [ 243.684114][ T123] 4 locks held by stress.sh/4365:\n [ 243.684119][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.684132][ T123] #1: c000000041aea888 (\u0026of-\u003emutex#2){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x154/0x2d0\n [ 243.684143][ T123] #2: c0000000366fb9a8 (kn-\u003eactive#64){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x160/0x2d0\n [ 243.684155][ T123] #3: c000000035ff4cb8 (\u0026dev-\u003elock){+.+.}-{3:3}, at: napi_enable+0x30/0x60\n [ 243.684166][ T123] 5 locks held by stress.sh/4366:\n [ 243.684170][ T123] #0: c00000003a4cd3f8 (sb_writers#3){.+.+}-{0:0}, at: ksys_write+0x88/0x150\n [ 243.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22053",
"url": "https://www.suse.com/security/cve/CVE-2025-22053"
},
{
"category": "external",
"summary": "SUSE Bug 1241373 for CVE-2025-22053",
"url": "https://bugzilla.suse.com/1241373"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22053"
},
{
"cve": "CVE-2025-22055",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22055"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix geneve_opt length integer overflow\n\nstruct geneve_opt uses 5 bit length for each single option, which\nmeans every vary size option should be smaller than 128 bytes.\n\nHowever, all current related Netlink policies cannot promise this\nlength condition and the attacker can exploit a exact 128-byte size\noption to *fake* a zero length option and confuse the parsing logic,\nfurther achieve heap out-of-bounds read.\n\nOne example crash log is like below:\n\n[ 3.905425] ==================================================================\n[ 3.905925] BUG: KASAN: slab-out-of-bounds in nla_put+0xa9/0xe0\n[ 3.906255] Read of size 124 at addr ffff888005f291cc by task poc/177\n[ 3.906646]\n[ 3.906775] CPU: 0 PID: 177 Comm: poc-oob-read Not tainted 6.1.132 #1\n[ 3.907131] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 3.907784] Call Trace:\n[ 3.907925] \u003cTASK\u003e\n[ 3.908048] dump_stack_lvl+0x44/0x5c\n[ 3.908258] print_report+0x184/0x4be\n[ 3.909151] kasan_report+0xc5/0x100\n[ 3.909539] kasan_check_range+0xf3/0x1a0\n[ 3.909794] memcpy+0x1f/0x60\n[ 3.909968] nla_put+0xa9/0xe0\n[ 3.910147] tunnel_key_dump+0x945/0xba0\n[ 3.911536] tcf_action_dump_1+0x1c1/0x340\n[ 3.912436] tcf_action_dump+0x101/0x180\n[ 3.912689] tcf_exts_dump+0x164/0x1e0\n[ 3.912905] fw_dump+0x18b/0x2d0\n[ 3.913483] tcf_fill_node+0x2ee/0x460\n[ 3.914778] tfilter_notify+0xf4/0x180\n[ 3.915208] tc_new_tfilter+0xd51/0x10d0\n[ 3.918615] rtnetlink_rcv_msg+0x4a2/0x560\n[ 3.919118] netlink_rcv_skb+0xcd/0x200\n[ 3.919787] netlink_unicast+0x395/0x530\n[ 3.921032] netlink_sendmsg+0x3d0/0x6d0\n[ 3.921987] __sock_sendmsg+0x99/0xa0\n[ 3.922220] __sys_sendto+0x1b7/0x240\n[ 3.922682] __x64_sys_sendto+0x72/0x90\n[ 3.922906] do_syscall_64+0x5e/0x90\n[ 3.923814] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 3.924122] RIP: 0033:0x7e83eab84407\n[ 3.924331] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 3.925330] RSP: 002b:00007ffff505e370 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\n[ 3.925752] RAX: ffffffffffffffda RBX: 00007e83eaafa740 RCX: 00007e83eab84407\n[ 3.926173] RDX: 00000000000001a8 RSI: 00007ffff505e3c0 RDI: 0000000000000003\n[ 3.926587] RBP: 00007ffff505f460 R08: 00007e83eace1000 R09: 000000000000000c\n[ 3.926977] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffff505f3c0\n[ 3.927367] R13: 00007ffff505f5c8 R14: 00007e83ead1b000 R15: 00005d4fbbe6dcb8\n\nFix these issues by enforing correct length condition in related\npolicies.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22055",
"url": "https://www.suse.com/security/cve/CVE-2025-22055"
},
{
"category": "external",
"summary": "SUSE Bug 1241371 for CVE-2025-22055",
"url": "https://bugzilla.suse.com/1241371"
},
{
"category": "external",
"summary": "SUSE Bug 1241372 for CVE-2025-22055",
"url": "https://bugzilla.suse.com/1241372"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-22055"
},
{
"cve": "CVE-2025-22056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_tunnel: fix geneve_opt type confusion addition\n\nWhen handling multiple NFTA_TUNNEL_KEY_OPTS_GENEVE attributes, the\nparsing logic should place every geneve_opt structure one by one\ncompactly. Hence, when deciding the next geneve_opt position, the\npointer addition should be in units of char *.\n\nHowever, the current implementation erroneously does type conversion\nbefore the addition, which will lead to heap out-of-bounds write.\n\n[ 6.989857] ==================================================================\n[ 6.990293] BUG: KASAN: slab-out-of-bounds in nft_tunnel_obj_init+0x977/0xa70\n[ 6.990725] Write of size 124 at addr ffff888005f18974 by task poc/178\n[ 6.991162]\n[ 6.991259] CPU: 0 PID: 178 Comm: poc-oob-write Not tainted 6.1.132 #1\n[ 6.991655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n[ 6.992281] Call Trace:\n[ 6.992423] \u003cTASK\u003e\n[ 6.992586] dump_stack_lvl+0x44/0x5c\n[ 6.992801] print_report+0x184/0x4be\n[ 6.993790] kasan_report+0xc5/0x100\n[ 6.994252] kasan_check_range+0xf3/0x1a0\n[ 6.994486] memcpy+0x38/0x60\n[ 6.994692] nft_tunnel_obj_init+0x977/0xa70\n[ 6.995677] nft_obj_init+0x10c/0x1b0\n[ 6.995891] nf_tables_newobj+0x585/0x950\n[ 6.996922] nfnetlink_rcv_batch+0xdf9/0x1020\n[ 6.998997] nfnetlink_rcv+0x1df/0x220\n[ 6.999537] netlink_unicast+0x395/0x530\n[ 7.000771] netlink_sendmsg+0x3d0/0x6d0\n[ 7.001462] __sock_sendmsg+0x99/0xa0\n[ 7.001707] ____sys_sendmsg+0x409/0x450\n[ 7.002391] ___sys_sendmsg+0xfd/0x170\n[ 7.003145] __sys_sendmsg+0xea/0x170\n[ 7.004359] do_syscall_64+0x5e/0x90\n[ 7.005817] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 7.006127] RIP: 0033:0x7ec756d4e407\n[ 7.006339] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 faf\n[ 7.007364] RSP: 002b:00007ffed5d46760 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n[ 7.007827] RAX: ffffffffffffffda RBX: 00007ec756cc4740 RCX: 00007ec756d4e407\n[ 7.008223] RDX: 0000000000000000 RSI: 00007ffed5d467f0 RDI: 0000000000000003\n[ 7.008620] RBP: 00007ffed5d468a0 R08: 0000000000000000 R09: 0000000000000000\n[ 7.009039] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n[ 7.009429] R13: 00007ffed5d478b0 R14: 00007ec756ee5000 R15: 00005cbd4e655cb8\n\nFix this bug with correct pointer addition and conversion in parse\nand dump code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22056",
"url": "https://www.suse.com/security/cve/CVE-2025-22056"
},
{
"category": "external",
"summary": "SUSE Bug 1241525 for CVE-2025-22056",
"url": "https://bugzilla.suse.com/1241525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22056"
},
{
"cve": "CVE-2025-22057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: decrease cached dst counters in dst_release\n\nUpstream fix ac888d58869b (\"net: do not delay dst_entries_add() in\ndst_release()\") moved decrementing the dst count from dst_destroy to\ndst_release to avoid accessing already freed data in case of netns\ndismantle. However in case CONFIG_DST_CACHE is enabled and OvS+tunnels\nare used, this fix is incomplete as the same issue will be seen for\ncached dsts:\n\n Unable to handle kernel paging request at virtual address ffff5aabf6b5c000\n Call trace:\n percpu_counter_add_batch+0x3c/0x160 (P)\n dst_release+0xec/0x108\n dst_cache_destroy+0x68/0xd8\n dst_destroy+0x13c/0x168\n dst_destroy_rcu+0x1c/0xb0\n rcu_do_batch+0x18c/0x7d0\n rcu_core+0x174/0x378\n rcu_core_si+0x18/0x30\n\nFix this by invalidating the cache, and thus decrementing cached dst\ncounters, in dst_release too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22057",
"url": "https://www.suse.com/security/cve/CVE-2025-22057"
},
{
"category": "external",
"summary": "SUSE Bug 1241533 for CVE-2025-22057",
"url": "https://bugzilla.suse.com/1241533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22057"
},
{
"cve": "CVE-2025-22058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: Fix memory accounting leak.\n\nMatt Dowling reported a weird UDP memory usage issue.\n\nUnder normal operation, the UDP memory usage reported in /proc/net/sockstat\nremains close to zero. However, it occasionally spiked to 524,288 pages\nand never dropped. Moreover, the value doubled when the application was\nterminated. Finally, it caused intermittent packet drops.\n\nWe can reproduce the issue with the script below [0]:\n\n 1. /proc/net/sockstat reports 0 pages\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 0\n\n 2. Run the script till the report reaches 524,288\n\n # python3 test.py \u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 3 mem 524288 \u003c-- (INT_MAX + 1) \u003e\u003e PAGE_SHIFT\n\n 3. Kill the socket and confirm the number never drops\n\n # pkill python3 \u0026\u0026 sleep 5\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 524288\n\n 4. (necessary since v6.0) Trigger proto_memory_pcpu_drain()\n\n # python3 test.py \u0026 sleep 1 \u0026\u0026 pkill python3\n\n 5. The number doubles\n\n # cat /proc/net/sockstat | grep UDP:\n UDP: inuse 1 mem 1048577\n\nThe application set INT_MAX to SO_RCVBUF, which triggered an integer\noverflow in udp_rmem_release().\n\nWhen a socket is close()d, udp_destruct_common() purges its receive\nqueue and sums up skb-\u003etruesize in the queue. This total is calculated\nand stored in a local unsigned integer variable.\n\nThe total size is then passed to udp_rmem_release() to adjust memory\naccounting. However, because the function takes a signed integer\nargument, the total size can wrap around, causing an overflow.\n\nThen, the released amount is calculated as follows:\n\n 1) Add size to sk-\u003esk_forward_alloc.\n 2) Round down sk-\u003esk_forward_alloc to the nearest lower multiple of\n PAGE_SIZE and assign it to amount.\n 3) Subtract amount from sk-\u003esk_forward_alloc.\n 4) Pass amount \u003e\u003e PAGE_SHIFT to __sk_mem_reduce_allocated().\n\nWhen the issue occurred, the total in udp_destruct_common() was 2147484480\n(INT_MAX + 833), which was cast to -2147482816 in udp_rmem_release().\n\nAt 1) sk-\u003esk_forward_alloc is changed from 3264 to -2147479552, and\n2) sets -2147479552 to amount. 3) reverts the wraparound, so we don\u0027t\nsee a warning in inet_sock_destruct(). However, udp_memory_allocated\nends up doubling at 4).\n\nSince commit 3cd3399dd7a8 (\"net: implement per-cpu reserves for\nmemory_allocated\"), memory usage no longer doubles immediately after\na socket is close()d because __sk_mem_reduce_allocated() caches the\namount in udp_memory_per_cpu_fw_alloc. However, the next time a UDP\nsocket receives a packet, the subtraction takes effect, causing UDP\nmemory usage to double.\n\nThis issue makes further memory allocation fail once the socket\u0027s\nsk-\u003esk_rmem_alloc exceeds net.ipv4.udp_rmem_min, resulting in packet\ndrops.\n\nTo prevent this issue, let\u0027s use unsigned int for the calculation and\ncall sk_forward_alloc_add() only once for the small delta.\n\nNote that first_packet_length() also potentially has the same problem.\n\n[0]:\nfrom socket import *\n\nSO_RCVBUFFORCE = 33\nINT_MAX = (2 ** 31) - 1\n\ns = socket(AF_INET, SOCK_DGRAM)\ns.bind((\u0027\u0027, 0))\ns.setsockopt(SOL_SOCKET, SO_RCVBUFFORCE, INT_MAX)\n\nc = socket(AF_INET, SOCK_DGRAM)\nc.connect(s.getsockname())\n\ndata = b\u0027a\u0027 * 100\n\nwhile True:\n c.send(data)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22058",
"url": "https://www.suse.com/security/cve/CVE-2025-22058"
},
{
"category": "external",
"summary": "SUSE Bug 1241332 for CVE-2025-22058",
"url": "https://bugzilla.suse.com/1241332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22058"
},
{
"cve": "CVE-2025-22060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: Prevent parser TCAM memory corruption\n\nProtect the parser TCAM/SRAM memory, and the cached (shadow) SRAM\ninformation, from concurrent modifications.\n\nBoth the TCAM and SRAM tables are indirectly accessed by configuring\nan index register that selects the row to read or write to. This means\nthat operations must be atomic in order to, e.g., avoid spreading\nwrites across multiple rows. Since the shadow SRAM array is used to\nfind free rows in the hardware table, it must also be protected in\norder to avoid TOCTOU errors where multiple cores allocate the same\nrow.\n\nThis issue was detected in a situation where `mvpp2_set_rx_mode()` ran\nconcurrently on two CPUs. In this particular case the\nMVPP2_PE_MAC_UC_PROMISCUOUS entry was corrupted, causing the\nclassifier unit to drop all incoming unicast - indicated by the\n`rx_classifier_drops` counter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22060",
"url": "https://www.suse.com/security/cve/CVE-2025-22060"
},
{
"category": "external",
"summary": "SUSE Bug 1241526 for CVE-2025-22060",
"url": "https://bugzilla.suse.com/1241526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22060"
},
{
"cve": "CVE-2025-22062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: add mutual exclusion in proc_sctp_do_udp_port()\n\nWe must serialize calls to sctp_udp_sock_stop() and sctp_udp_sock_start()\nor risk a crash as syzbot reported:\n\nOops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]\nCPU: 1 UID: 0 PID: 6551 Comm: syz.1.44 Not tainted 6.14.0-syzkaller-g7f2ff7b62617 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\n RIP: 0010:kernel_sock_shutdown+0x47/0x70 net/socket.c:3653\nCall Trace:\n \u003cTASK\u003e\n udp_tunnel_sock_release+0x68/0x80 net/ipv4/udp_tunnel_core.c:181\n sctp_udp_sock_stop+0x71/0x160 net/sctp/protocol.c:930\n proc_sctp_do_udp_port+0x264/0x450 net/sctp/sysctl.c:553\n proc_sys_call_handler+0x3d0/0x5b0 fs/proc/proc_sysctl.c:601\n iter_file_splice_write+0x91c/0x1150 fs/splice.c:738\n do_splice_from fs/splice.c:935 [inline]\n direct_splice_actor+0x18f/0x6c0 fs/splice.c:1158\n splice_direct_to_actor+0x342/0xa30 fs/splice.c:1102\n do_splice_direct_actor fs/splice.c:1201 [inline]\n do_splice_direct+0x174/0x240 fs/splice.c:1227\n do_sendfile+0xafd/0xe50 fs/read_write.c:1368\n __do_sys_sendfile64 fs/read_write.c:1429 [inline]\n __se_sys_sendfile64 fs/read_write.c:1415 [inline]\n __x64_sys_sendfile64+0x1d8/0x220 fs/read_write.c:1415\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22062",
"url": "https://www.suse.com/security/cve/CVE-2025-22062"
},
{
"category": "external",
"summary": "SUSE Bug 1241412 for CVE-2025-22062",
"url": "https://bugzilla.suse.com/1241412"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22062"
},
{
"cve": "CVE-2025-22063",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22063"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets\n\nWhen calling netlbl_conn_setattr(), addr-\u003esa_family is used\nto determine the function behavior. If sk is an IPv4 socket,\nbut the connect function is called with an IPv6 address,\nthe function calipso_sock_setattr() is triggered.\nInside this function, the following code is executed:\n\nsk_fullsock(__sk) ? inet_sk(__sk)-\u003epinet6 : NULL;\n\nSince sk is an IPv4 socket, pinet6 is NULL, leading to a\nnull pointer dereference.\n\nThis patch fixes the issue by checking if inet6_sk(sk)\nreturns a NULL pointer before accessing pinet6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22063",
"url": "https://www.suse.com/security/cve/CVE-2025-22063"
},
{
"category": "external",
"summary": "SUSE Bug 1241351 for CVE-2025-22063",
"url": "https://bugzilla.suse.com/1241351"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22063"
},
{
"cve": "CVE-2025-22064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22064"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: don\u0027t unregister hook when table is dormant\n\nWhen nf_tables_updchain encounters an error, hook registration needs to\nbe rolled back.\n\nThis should only be done if the hook has been registered, which won\u0027t\nhappen when the table is flagged as dormant (inactive).\n\nJust move the assignment into the registration block.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22064",
"url": "https://www.suse.com/security/cve/CVE-2025-22064"
},
{
"category": "external",
"summary": "SUSE Bug 1241413 for CVE-2025-22064",
"url": "https://bugzilla.suse.com/1241413"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22064"
},
{
"cve": "CVE-2025-22065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix adapter NULL pointer dereference on reboot\n\nWith SRIOV enabled, idpf ends up calling into idpf_remove() twice.\nFirst via idpf_shutdown() and then again when idpf_remove() calls into\nsriov_disable(), because the VF devices use the idpf driver, hence the\nsame remove routine. When that happens, it is possible for the adapter\nto be NULL from the first call to idpf_remove(), leading to a NULL\npointer dereference.\n\necho 1 \u003e /sys/class/net/\u003cnetif\u003e/device/sriov_numvfs\nreboot\n\nBUG: kernel NULL pointer dereference, address: 0000000000000020\n...\nRIP: 0010:idpf_remove+0x22/0x1f0 [idpf]\n...\n? idpf_remove+0x22/0x1f0 [idpf]\n? idpf_remove+0x1e4/0x1f0 [idpf]\npci_device_remove+0x3f/0xb0\ndevice_release_driver_internal+0x19f/0x200\npci_stop_bus_device+0x6d/0x90\npci_stop_and_remove_bus_device+0x12/0x20\npci_iov_remove_virtfn+0xbe/0x120\nsriov_disable+0x34/0xe0\nidpf_sriov_configure+0x58/0x140 [idpf]\nidpf_remove+0x1b9/0x1f0 [idpf]\nidpf_shutdown+0x12/0x30 [idpf]\npci_device_shutdown+0x35/0x60\ndevice_shutdown+0x156/0x200\n...\n\nReplace the direct idpf_remove() call in idpf_shutdown() with\nidpf_vc_core_deinit() and idpf_deinit_dflt_mbx(), which perform\nthe bulk of the cleanup, such as stopping the init task, freeing IRQs,\ndestroying the vports and freeing the mailbox. This avoids the calls to\nsriov_disable() in addition to a small netdev cleanup, and destroying\nworkqueues, which don\u0027t seem to be required on shutdown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22065",
"url": "https://www.suse.com/security/cve/CVE-2025-22065"
},
{
"category": "external",
"summary": "SUSE Bug 1241333 for CVE-2025-22065",
"url": "https://bugzilla.suse.com/1241333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22065"
},
{
"cve": "CVE-2025-22070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22070"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix NULL pointer dereference on mkdir\n\nWhen a 9p tree was mounted with option \u0027posixacl\u0027, parent directory had a\ndefault ACL set for its subdirectories, e.g.:\n\n setfacl -m default:group:simpsons:rwx parentdir\n\nthen creating a subdirectory crashed 9p client, as v9fs_fid_add() call in\nfunction v9fs_vfs_mkdir_dotl() sets the passed \u0027fid\u0027 pointer to NULL\n(since dafbe689736) even though the subsequent v9fs_set_create_acl() call\nexpects a valid non-NULL \u0027fid\u0027 pointer:\n\n [ 37.273191] BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n [ 37.322338] Call Trace:\n [ 37.323043] \u003cTASK\u003e\n [ 37.323621] ? __die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434)\n [ 37.324448] ? page_fault_oops (arch/x86/mm/fault.c:714)\n [ 37.325532] ? search_module_extables (kernel/module/main.c:3733)\n [ 37.326742] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.328006] ? search_bpf_extables (kernel/bpf/core.c:804)\n [ 37.329142] ? exc_page_fault (./arch/x86/include/asm/paravirt.h:686 arch/x86/mm/fault.c:1488 arch/x86/mm/fault.c:1538)\n [ 37.330196] ? asm_exc_page_fault (./arch/x86/include/asm/idtentry.h:574)\n [ 37.331330] ? p9_client_walk (net/9p/client.c:1165) 9pnet\n [ 37.332562] ? v9fs_fid_xattr_get (fs/9p/xattr.c:30) 9p\n [ 37.333824] v9fs_fid_xattr_set (fs/9p/fid.h:23 fs/9p/xattr.c:121) 9p\n [ 37.335077] v9fs_set_acl (fs/9p/acl.c:276) 9p\n [ 37.336112] v9fs_set_create_acl (fs/9p/acl.c:307) 9p\n [ 37.337326] v9fs_vfs_mkdir_dotl (fs/9p/vfs_inode_dotl.c:411) 9p\n [ 37.338590] vfs_mkdir (fs/namei.c:4313)\n [ 37.339535] do_mkdirat (fs/namei.c:4336)\n [ 37.340465] __x64_sys_mkdir (fs/namei.c:4354)\n [ 37.341455] do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n [ 37.342447] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nFix this by simply swapping the sequence of these two calls in\nv9fs_vfs_mkdir_dotl(), i.e. calling v9fs_set_create_acl() before\nv9fs_fid_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22070",
"url": "https://www.suse.com/security/cve/CVE-2025-22070"
},
{
"category": "external",
"summary": "SUSE Bug 1241305 for CVE-2025-22070",
"url": "https://bugzilla.suse.com/1241305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22070"
},
{
"cve": "CVE-2025-22075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Allocate vfinfo size for VF GUIDs when supported\n\nCommit 30aad41721e0 (\"net/core: Add support for getting VF GUIDs\")\nadded support for getting VF port and node GUIDs in netlink ifinfo\nmessages, but their size was not taken into consideration in the\nfunction that allocates the netlink message, causing the following\nwarning when a netlink message is filled with many VF port and node\nGUIDs:\n # echo 64 \u003e /sys/bus/pci/devices/0000\\:08\\:00.0/sriov_numvfs\n # ip link show dev ib0\n RTNETLINK answers: Message too long\n Cannot send link get request: Message too long\n\nKernel warning:\n\n ------------[ cut here ]------------\n WARNING: CPU: 2 PID: 1930 at net/core/rtnetlink.c:4151 rtnl_getlink+0x586/0x5a0\n Modules linked in: xt_conntrack xt_MASQUERADE nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter overlay mlx5_ib macsec mlx5_core tls rpcrdma rdma_ucm ib_uverbs ib_iser libiscsi scsi_transport_iscsi ib_umad rdma_cm iw_cm ib_ipoib fuse ib_cm ib_core\n CPU: 2 UID: 0 PID: 1930 Comm: ip Not tainted 6.14.0-rc2+ #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:rtnl_getlink+0x586/0x5a0\n Code: cb 82 e8 3d af 0a 00 4d 85 ff 0f 84 08 ff ff ff 4c 89 ff 41 be ea ff ff ff e8 66 63 5b ff 49 c7 07 80 4f cb 82 e9 36 fc ff ff \u003c0f\u003e 0b e9 16 fe ff ff e8 de a0 56 00 66 66 2e 0f 1f 84 00 00 00 00\n RSP: 0018:ffff888113557348 EFLAGS: 00010246\n RAX: 00000000ffffffa6 RBX: ffff88817e87aa34 RCX: dffffc0000000000\n RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffff88817e87afb8\n RBP: 0000000000000009 R08: ffffffff821f44aa R09: 0000000000000000\n R10: ffff8881260f79a8 R11: ffff88817e87af00 R12: ffff88817e87aa00\n R13: ffffffff8563d300 R14: 00000000ffffffa6 R15: 00000000ffffffff\n FS: 00007f63a5dbf280(0000) GS:ffff88881ee00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f63a5ba4493 CR3: 00000001700fe002 CR4: 0000000000772eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0xa5/0x230\n ? rtnl_getlink+0x586/0x5a0\n ? report_bug+0x22d/0x240\n ? handle_bug+0x53/0xa0\n ? exc_invalid_op+0x14/0x50\n ? asm_exc_invalid_op+0x16/0x20\n ? skb_trim+0x6a/0x80\n ? rtnl_getlink+0x586/0x5a0\n ? __pfx_rtnl_getlink+0x10/0x10\n ? rtnetlink_rcv_msg+0x1e5/0x860\n ? __pfx___mutex_lock+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx_lock_acquire+0x10/0x10\n ? stack_trace_save+0x90/0xd0\n ? filter_irq_stacks+0x1d/0x70\n ? kasan_save_stack+0x30/0x40\n ? kasan_save_stack+0x20/0x40\n ? kasan_save_track+0x10/0x30\n rtnetlink_rcv_msg+0x21c/0x860\n ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? arch_stack_walk+0x9e/0xf0\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n ? rcu_is_watching+0x34/0x60\n netlink_rcv_skb+0xe0/0x210\n ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n ? __pfx_netlink_rcv_skb+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? __pfx___netlink_lookup+0x10/0x10\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0xfd/0x290\n ? rcu_is_watching+0x34/0x60\n ? lock_release+0x62/0x200\n ? netlink_deliver_tap+0x95/0x290\n netlink_unicast+0x31f/0x480\n ? __pfx_netlink_unicast+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? lock_acquire+0xd5/0x410\n netlink_sendmsg+0x369/0x660\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ? import_ubuf+0xb9/0xf0\n ? __import_iovec+0x254/0x2b0\n ? lock_release+0x62/0x200\n ? __pfx_netlink_sendmsg+0x10/0x10\n ____sys_sendmsg+0x559/0x5a0\n ? __pfx_____sys_sendmsg+0x10/0x10\n ? __pfx_copy_msghdr_from_user+0x10/0x10\n ? rcu_is_watching+0x34/0x60\n ? do_read_fault+0x213/0x4a0\n ? rcu_is_watching+0x34/0x60\n ___sys_sendmsg+0xe4/0x150\n ? __pfx____sys_sendmsg+0x10/0x10\n ? do_fault+0x2cc/0x6f0\n ? handle_pte_fault+0x2e3/0x3d0\n ? __pfx_handle_pte_fault+0x10/0x10\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22075",
"url": "https://www.suse.com/security/cve/CVE-2025-22075"
},
{
"category": "external",
"summary": "SUSE Bug 1241402 for CVE-2025-22075",
"url": "https://bugzilla.suse.com/1241402"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22075"
},
{
"cve": "CVE-2025-22080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Prevent integer overflow in hdr_first_de()\n\nThe \"de_off\" and \"used\" variables come from the disk so they both need to\ncheck. The problem is that on 32bit systems if they\u0027re both greater than\nUINT_MAX - 16 then the check does work as intended because of an integer\noverflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22080",
"url": "https://www.suse.com/security/cve/CVE-2025-22080"
},
{
"category": "external",
"summary": "SUSE Bug 1241416 for CVE-2025-22080",
"url": "https://bugzilla.suse.com/1241416"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22080"
},
{
"cve": "CVE-2025-22086",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22086"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow\n\nWhen cur_qp isn\u0027t NULL, in order to avoid fetching the QP from\nthe radix tree again we check if the next cqe QP is identical to\nthe one we already have.\n\nThe bug however is that we are checking if the QP is identical by\nchecking the QP number inside the CQE against the QP number inside the\nmlx5_ib_qp, but that\u0027s wrong since the QP number from the CQE is from\nFW so it should be matched against mlx5_core_qp which is our FW QP\nnumber.\n\nOtherwise we could use the wrong QP when handling a CQE which could\ncause the kernel trace below.\n\nThis issue is mainly noticeable over QPs 0 \u0026 1, since for now they are\nthe only QPs in our driver whereas the QP number inside mlx5_ib_qp\ndoesn\u0027t match the QP number inside mlx5_core_qp.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000012\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP\n CPU: 0 UID: 0 PID: 7927 Comm: kworker/u62:1 Not tainted 6.14.0-rc3+ #189\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n Workqueue: ib-comp-unb-wq ib_cq_poll_work [ib_core]\n RIP: 0010:mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n Code: 03 00 00 8d 58 ff 21 cb 66 39 d3 74 39 48 c7 c7 3c 89 6e a0 0f b7 db e8 b7 d2 b3 e0 49 8b 86 60 03 00 00 48 c7 c7 4a 89 6e a0 \u003c0f\u003e b7 5c 98 02 e8 9f d2 b3 e0 41 0f b7 86 78 03 00 00 83 e8 01 21\n RSP: 0018:ffff88810511bd60 EFLAGS: 00010046\n RAX: 0000000000000010 RBX: 0000000000000000 RCX: 0000000000000000\n RDX: 0000000000000000 RSI: ffff88885fa1b3c0 RDI: ffffffffa06e894a\n RBP: 00000000000000b0 R08: 0000000000000000 R09: ffff88810511bc10\n R10: 0000000000000001 R11: 0000000000000001 R12: ffff88810d593000\n R13: ffff88810e579108 R14: ffff888105146000 R15: 00000000000000b0\n FS: 0000000000000000(0000) GS:ffff88885fa00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000012 CR3: 00000001077e6001 CR4: 0000000000370eb0\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x150/0x3e0\n ? exc_page_fault+0x74/0x130\n ? asm_exc_page_fault+0x22/0x30\n ? mlx5_ib_poll_cq+0x4c7/0xd90 [mlx5_ib]\n __ib_process_cq+0x5a/0x150 [ib_core]\n ib_cq_poll_work+0x31/0x90 [ib_core]\n process_one_work+0x169/0x320\n worker_thread+0x288/0x3a0\n ? work_busy+0xb0/0xb0\n kthread+0xd7/0x1f0\n ? kthreads_online_cpu+0x130/0x130\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork+0x2d/0x50\n ? kthreads_online_cpu+0x130/0x130\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22086",
"url": "https://www.suse.com/security/cve/CVE-2025-22086"
},
{
"category": "external",
"summary": "SUSE Bug 1241458 for CVE-2025-22086",
"url": "https://bugzilla.suse.com/1241458"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22086"
},
{
"cve": "CVE-2025-22088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/erdma: Prevent use-after-free in erdma_accept_newconn()\n\nAfter the erdma_cep_put(new_cep) being called, new_cep will be freed,\nand the following dereference will cause a UAF problem. Fix this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22088",
"url": "https://www.suse.com/security/cve/CVE-2025-22088"
},
{
"category": "external",
"summary": "SUSE Bug 1241528 for CVE-2025-22088",
"url": "https://bugzilla.suse.com/1241528"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22088"
},
{
"cve": "CVE-2025-22090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range()\n\nIf track_pfn_copy() fails, we already added the dst VMA to the maple\ntree. As fork() fails, we\u0027ll cleanup the maple tree, and stumble over\nthe dst VMA for which we neither performed any reservation nor copied\nany page tables.\n\nConsequently untrack_pfn() will see VM_PAT and try obtaining the\nPAT information from the page table -- which fails because the page\ntable was not copied.\n\nThe easiest fix would be to simply clear the VM_PAT flag of the dst VMA\nif track_pfn_copy() fails. However, the whole thing is about \"simply\"\nclearing the VM_PAT flag is shaky as well: if we passed track_pfn_copy()\nand performed a reservation, but copying the page tables fails, we\u0027ll\nsimply clear the VM_PAT flag, not properly undoing the reservation ...\nwhich is also wrong.\n\nSo let\u0027s fix it properly: set the VM_PAT flag only if the reservation\nsucceeded (leaving it clear initially), and undo the reservation if\nanything goes wrong while copying the page tables: clearing the VM_PAT\nflag after undoing the reservation.\n\nNote that any copied page table entries will get zapped when the VMA will\nget removed later, after copy_page_range() succeeded; as VM_PAT is not set\nthen, we won\u0027t try cleaning VM_PAT up once more and untrack_pfn() will be\nhappy. Note that leaving these page tables in place without a reservation\nis not a problem, as we are aborting fork(); this process will never run.\n\nA reproducer can trigger this usually at the first try:\n\n https://gitlab.com/davidhildenbrand/scratchspace/-/raw/main/reproducers/pat_fork.c\n\n WARNING: CPU: 26 PID: 11650 at arch/x86/mm/pat/memtype.c:983 get_pat_info+0xf6/0x110\n Modules linked in: ...\n CPU: 26 UID: 0 PID: 11650 Comm: repro3 Not tainted 6.12.0-rc5+ #92\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:get_pat_info+0xf6/0x110\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n untrack_pfn+0x52/0x110\n unmap_single_vma+0xa6/0xe0\n unmap_vmas+0x105/0x1f0\n exit_mmap+0xf6/0x460\n __mmput+0x4b/0x120\n copy_process+0x1bf6/0x2aa0\n kernel_clone+0xab/0x440\n __do_sys_clone+0x66/0x90\n do_syscall_64+0x95/0x180\n\nLikely this case was missed in:\n\n d155df53f310 (\"x86/mm/pat: clear VM_PAT if copy_p4d_range failed\")\n\n... and instead of undoing the reservation we simply cleared the VM_PAT flag.\n\nKeep the documentation of these functions in include/linux/pgtable.h,\none place is more than sufficient -- we should clean that up for the other\nfunctions like track_pfn_remap/untrack_pfn separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22090",
"url": "https://www.suse.com/security/cve/CVE-2025-22090"
},
{
"category": "external",
"summary": "SUSE Bug 1241537 for CVE-2025-22090",
"url": "https://bugzilla.suse.com/1241537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22090"
},
{
"cve": "CVE-2025-22093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22093"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: avoid NPD when ASIC does not support DMUB\n\nctx-\u003edmub_srv will de NULL if the ASIC does not support DMUB, which is\ntested in dm_dmub_sw_init.\n\nHowever, it will be dereferenced in dmub_hw_lock_mgr_cmd if\nshould_use_dmub_lock returns true.\n\nThis has been the case since dmub support has been added for PSR1.\n\nFix this by checking for dmub_srv in should_use_dmub_lock.\n\n[ 37.440832] BUG: kernel NULL pointer dereference, address: 0000000000000058\n[ 37.447808] #PF: supervisor read access in kernel mode\n[ 37.452959] #PF: error_code(0x0000) - not-present page\n[ 37.458112] PGD 0 P4D 0\n[ 37.460662] Oops: Oops: 0000 [#1] PREEMPT SMP NOPTI\n[ 37.465553] CPU: 2 UID: 1000 PID: 1745 Comm: DrmThread Not tainted 6.14.0-rc1-00003-gd62e938120f0 #23 99720e1cb1e0fc4773b8513150932a07de3c6e88\n[ 37.478324] Hardware name: Google Morphius/Morphius, BIOS Google_Morphius.13434.858.0 10/26/2023\n[ 37.487103] RIP: 0010:dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.492074] Code: 44 24 0e 00 00 00 00 48 c7 04 24 45 00 00 0c 40 88 74 24 0d 0f b6 02 88 44 24 0c 8b 01 89 44 24 08 85 f6 75 05 c6 44 24 0e 01 \u003c48\u003e 8b 7f 58 48 89 e6 ba 01 00 00 00 e8 08 3c 2a 00 65 48 8b 04 5\n[ 37.510822] RSP: 0018:ffff969442853300 EFLAGS: 00010202\n[ 37.516052] RAX: 0000000000000000 RBX: ffff92db03000000 RCX: ffff969442853358\n[ 37.523185] RDX: ffff969442853368 RSI: 0000000000000001 RDI: 0000000000000000\n[ 37.530322] RBP: 0000000000000001 R08: 00000000000004a7 R09: 00000000000004a5\n[ 37.537453] R10: 0000000000000476 R11: 0000000000000062 R12: ffff92db0ade8000\n[ 37.544589] R13: ffff92da01180ae0 R14: ffff92da011802a8 R15: ffff92db03000000\n[ 37.551725] FS: 0000784a9cdfc6c0(0000) GS:ffff92db2af00000(0000) knlGS:0000000000000000\n[ 37.559814] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 37.565562] CR2: 0000000000000058 CR3: 0000000112b1c000 CR4: 00000000003506f0\n[ 37.572697] Call Trace:\n[ 37.575152] \u003cTASK\u003e\n[ 37.577258] ? __die_body+0x66/0xb0\n[ 37.580756] ? page_fault_oops+0x3e7/0x4a0\n[ 37.584861] ? exc_page_fault+0x3e/0xe0\n[ 37.588706] ? exc_page_fault+0x5c/0xe0\n[ 37.592550] ? asm_exc_page_fault+0x22/0x30\n[ 37.596742] ? dmub_hw_lock_mgr_cmd+0x77/0xb0\n[ 37.601107] dcn10_cursor_lock+0x1e1/0x240\n[ 37.605211] program_cursor_attributes+0x81/0x190\n[ 37.609923] commit_planes_for_stream+0x998/0x1ef0\n[ 37.614722] update_planes_and_stream_v2+0x41e/0x5c0\n[ 37.619703] dc_update_planes_and_stream+0x78/0x140\n[ 37.624588] amdgpu_dm_atomic_commit_tail+0x4362/0x49f0\n[ 37.629832] ? srso_return_thunk+0x5/0x5f\n[ 37.633847] ? mark_held_locks+0x6d/0xd0\n[ 37.637774] ? _raw_spin_unlock_irq+0x24/0x50\n[ 37.642135] ? srso_return_thunk+0x5/0x5f\n[ 37.646148] ? lockdep_hardirqs_on+0x95/0x150\n[ 37.650510] ? srso_return_thunk+0x5/0x5f\n[ 37.654522] ? _raw_spin_unlock_irq+0x2f/0x50\n[ 37.658883] ? srso_return_thunk+0x5/0x5f\n[ 37.662897] ? wait_for_common+0x186/0x1c0\n[ 37.666998] ? srso_return_thunk+0x5/0x5f\n[ 37.671009] ? drm_crtc_next_vblank_start+0xc3/0x170\n[ 37.675983] commit_tail+0xf5/0x1c0\n[ 37.679478] drm_atomic_helper_commit+0x2a2/0x2b0\n[ 37.684186] drm_atomic_commit+0xd6/0x100\n[ 37.688199] ? __cfi___drm_printfn_info+0x10/0x10\n[ 37.692911] drm_atomic_helper_update_plane+0xe5/0x130\n[ 37.698054] drm_mode_cursor_common+0x501/0x670\n[ 37.702600] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.707572] drm_mode_cursor_ioctl+0x48/0x70\n[ 37.711851] drm_ioctl_kernel+0xf2/0x150\n[ 37.715781] drm_ioctl+0x363/0x590\n[ 37.719189] ? __cfi_drm_mode_cursor_ioctl+0x10/0x10\n[ 37.724165] amdgpu_drm_ioctl+0x41/0x80\n[ 37.728013] __se_sys_ioctl+0x7f/0xd0\n[ 37.731685] do_syscall_64+0x87/0x100\n[ 37.735355] ? vma_end_read+0x12/0xe0\n[ 37.739024] ? srso_return_thunk+0x5/0x5f\n[ 37.743041] ? find_held_lock+0x47/0xf0\n[ 37.746884] ? vma_end_read+0x12/0xe0\n[ 37.750552] ? srso_return_thunk+0x5/0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22093",
"url": "https://www.suse.com/security/cve/CVE-2025-22093"
},
{
"category": "external",
"summary": "SUSE Bug 1241545 for CVE-2025-22093",
"url": "https://bugzilla.suse.com/1241545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22093"
},
{
"cve": "CVE-2025-22097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22097"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Fix use after free and double free on init error\n\nIf the driver initialization fails, the vkms_exit() function might\naccess an uninitialized or freed default_config pointer and it might\ndouble free it.\n\nFix both possible errors by initializing default_config only when the\ndriver initialization succeeded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22097",
"url": "https://www.suse.com/security/cve/CVE-2025-22097"
},
{
"category": "external",
"summary": "SUSE Bug 1241541 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241541"
},
{
"category": "external",
"summary": "SUSE Bug 1241542 for CVE-2025-22097",
"url": "https://bugzilla.suse.com/1241542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-22097"
},
{
"cve": "CVE-2025-22102",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22102"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix kernel panic during FW release\n\nThis fixes a kernel panic seen during release FW in a stress test\nscenario where WLAN and BT FW download occurs simultaneously, and due to\na HW bug, chip sends out only 1 bootloader signatures.\n\nWhen driver receives the bootloader signature, it enters FW download\nmode, but since no consequtive bootloader signatures seen, FW file is\nnot requested.\n\nAfter 60 seconds, when FW download times out, release_firmware causes a\nkernel panic.\n\n[ 2601.949184] Unable to handle kernel paging request at virtual address 0000312e6f006573\n[ 2601.992076] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000111802000\n[ 2601.992080] [0000312e6f006573] pgd=0000000000000000, p4d=0000000000000000\n[ 2601.992087] Internal error: Oops: 0000000096000021 [#1] PREEMPT SMP\n[ 2601.992091] Modules linked in: algif_hash algif_skcipher af_alg btnxpuart(O) pciexxx(O) mlan(O) overlay fsl_jr_uio caam_jr caamkeyblob_desc caamhash_desc caamalg_desc crypto_engine authenc libdes crct10dif_ce polyval_ce snd_soc_fsl_easrc snd_soc_fsl_asoc_card imx8_media_dev(C) snd_soc_fsl_micfil polyval_generic snd_soc_fsl_xcvr snd_soc_fsl_sai snd_soc_imx_audmux snd_soc_fsl_asrc snd_soc_imx_card snd_soc_imx_hdmi snd_soc_fsl_aud2htx snd_soc_fsl_utils imx_pcm_dma dw_hdmi_cec flexcan can_dev\n[ 2602.001825] CPU: 2 PID: 20060 Comm: hciconfig Tainted: G C O 6.6.23-lts-next-06236-gb586a521770e #1\n[ 2602.010182] Hardware name: NXP i.MX8MPlus EVK board (DT)\n[ 2602.010185] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 2602.010191] pc : _raw_spin_lock+0x34/0x68\n[ 2602.010201] lr : free_fw_priv+0x20/0xfc\n[ 2602.020561] sp : ffff800089363b30\n[ 2602.020563] x29: ffff800089363b30 x28: ffff0000d0eb5880 x27: 0000000000000000\n[ 2602.020570] x26: 0000000000000000 x25: ffff0000d728b330 x24: 0000000000000000\n[ 2602.020577] x23: ffff0000dc856f38\n[ 2602.033797] x22: ffff800089363b70 x21: ffff0000dc856000\n[ 2602.033802] x20: ff00312e6f006573 x19: ffff0000d0d9ea80 x18: 0000000000000000\n[ 2602.033809] x17: 0000000000000000 x16: 0000000000000000 x15: 0000aaaad80dd480\n[ 2602.083320] x14: 0000000000000000 x13: 00000000000001b9 x12: 0000000000000002\n[ 2602.083326] x11: 0000000000000000 x10: 0000000000000a60 x9 : ffff800089363a30\n[ 2602.083333] x8 : ffff0001793d75c0 x7 : ffff0000d6dbc400 x6 : 0000000000000000\n[ 2602.083339] x5 : 00000000410fd030 x4 : 0000000000000000 x3 : 0000000000000001\n[ 2602.083346] x2 : 0000000000000000 x1 : 0000000000000001 x0 : ff00312e6f006573\n[ 2602.083354] Call trace:\n[ 2602.083356] _raw_spin_lock+0x34/0x68\n[ 2602.083364] release_firmware+0x48/0x6c\n[ 2602.083370] nxp_setup+0x3c4/0x540 [btnxpuart]\n[ 2602.083383] hci_dev_open_sync+0xf0/0xa34\n[ 2602.083391] hci_dev_open+0xd8/0x178\n[ 2602.083399] hci_sock_ioctl+0x3b0/0x590\n[ 2602.083405] sock_do_ioctl+0x60/0x118\n[ 2602.083413] sock_ioctl+0x2f4/0x374\n[ 2602.091430] __arm64_sys_ioctl+0xac/0xf0\n[ 2602.091437] invoke_syscall+0x48/0x110\n[ 2602.091445] el0_svc_common.constprop.0+0xc0/0xe0\n[ 2602.091452] do_el0_svc+0x1c/0x28\n[ 2602.091457] el0_svc+0x40/0xe4\n[ 2602.091465] el0t_64_sync_handler+0x120/0x12c\n[ 2602.091470] el0t_64_sync+0x190/0x194",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22102",
"url": "https://www.suse.com/security/cve/CVE-2025-22102"
},
{
"category": "external",
"summary": "SUSE Bug 1241456 for CVE-2025-22102",
"url": "https://bugzilla.suse.com/1241456"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22102"
},
{
"cve": "CVE-2025-22103",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22103"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix NULL pointer dereference in l3mdev_l3_rcv\n\nWhen delete l3s ipvlan:\n\n ip link del link eth0 ipvlan1 type ipvlan mode l3s\n\nThis may cause a null pointer dereference:\n\n Call trace:\n ip_rcv_finish+0x48/0xd0\n ip_rcv+0x5c/0x100\n __netif_receive_skb_one_core+0x64/0xb0\n __netif_receive_skb+0x20/0x80\n process_backlog+0xb4/0x204\n napi_poll+0xe8/0x294\n net_rx_action+0xd8/0x22c\n __do_softirq+0x12c/0x354\n\nThis is because l3mdev_l3_rcv() visit dev-\u003el3mdev_ops after\nipvlan_l3s_unregister() assign the dev-\u003el3mdev_ops to NULL. The process\nlike this:\n\n (CPU1) | (CPU2)\n l3mdev_l3_rcv() |\n check dev-\u003epriv_flags: |\n master = skb-\u003edev; |\n |\n | ipvlan_l3s_unregister()\n | set dev-\u003epriv_flags\n | dev-\u003el3mdev_ops = NULL;\n |\n visit master-\u003el3mdev_ops |\n\nTo avoid this by do not set dev-\u003el3mdev_ops when unregister l3s ipvlan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22103",
"url": "https://www.suse.com/security/cve/CVE-2025-22103"
},
{
"category": "external",
"summary": "SUSE Bug 1241448 for CVE-2025-22103",
"url": "https://bugzilla.suse.com/1241448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22103"
},
{
"cve": "CVE-2025-22104",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22104"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmvnic: Use kernel helpers for hex dumps\n\nPreviously, when the driver was printing hex dumps, the buffer was cast\nto an 8 byte long and printed using string formatters. If the buffer\nsize was not a multiple of 8 then a read buffer overflow was possible.\n\nTherefore, create a new ibmvnic function that loops over a buffer and\ncalls hex_dump_to_buffer instead.\n\nThis patch address KASAN reports like the one below:\n ibmvnic 30000003 env3: Login Buffer:\n ibmvnic 30000003 env3: 01000000af000000\n \u003c...\u003e\n ibmvnic 30000003 env3: 2e6d62692e736261\n ibmvnic 30000003 env3: 65050003006d6f63\n ==================================================================\n BUG: KASAN: slab-out-of-bounds in ibmvnic_login+0xacc/0xffc [ibmvnic]\n Read of size 8 at addr c0000001331a9aa8 by task ip/17681\n \u003c...\u003e\n Allocated by task 17681:\n \u003c...\u003e\n ibmvnic_login+0x2f0/0xffc [ibmvnic]\n ibmvnic_open+0x148/0x308 [ibmvnic]\n __dev_open+0x1ac/0x304\n \u003c...\u003e\n The buggy address is located 168 bytes inside of\n allocated 175-byte region [c0000001331a9a00, c0000001331a9aaf)\n \u003c...\u003e\n =================================================================\n ibmvnic 30000003 env3: 000000000033766e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22104",
"url": "https://www.suse.com/security/cve/CVE-2025-22104"
},
{
"category": "external",
"summary": "SUSE Bug 1241550 for CVE-2025-22104",
"url": "https://bugzilla.suse.com/1241550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22104"
},
{
"cve": "CVE-2025-22105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22105"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: check xdp prog when set bond mode\n\nFollowing operations can trigger a warning[1]:\n\n ip netns add ns1\n ip netns exec ns1 ip link add bond0 type bond mode balance-rr\n ip netns exec ns1 ip link set dev bond0 xdp obj af_xdp_kern.o sec xdp\n ip netns exec ns1 ip link set bond0 type bond mode broadcast\n ip netns del ns1\n\nWhen delete the namespace, dev_xdp_uninstall() is called to remove xdp\nprogram on bond dev, and bond_xdp_set() will check the bond mode. If bond\nmode is changed after attaching xdp program, the warning may occur.\n\nSome bond modes (broadcast, etc.) do not support native xdp. Set bond mode\nwith xdp program attached is not good. Add check for xdp program when set\nbond mode.\n\n [1]\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 11 at net/core/dev.c:9912 unregister_netdevice_many_notify+0x8d9/0x930\n Modules linked in:\n CPU: 0 UID: 0 PID: 11 Comm: kworker/u4:0 Not tainted 6.14.0-rc4 #107\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\n Workqueue: netns cleanup_net\n RIP: 0010:unregister_netdevice_many_notify+0x8d9/0x930\n Code: 00 00 48 c7 c6 6f e3 a2 82 48 c7 c7 d0 b3 96 82 e8 9c 10 3e ...\n RSP: 0018:ffffc90000063d80 EFLAGS: 00000282\n RAX: 00000000ffffffa1 RBX: ffff888004959000 RCX: 00000000ffffdfff\n RDX: 0000000000000000 RSI: 00000000ffffffea RDI: ffffc90000063b48\n RBP: ffffc90000063e28 R08: ffffffff82d39b28 R09: 0000000000009ffb\n R10: 0000000000000175 R11: ffffffff82d09b40 R12: ffff8880049598e8\n R13: 0000000000000001 R14: dead000000000100 R15: ffffc90000045000\n FS: 0000000000000000(0000) GS:ffff888007a00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000000000d406b60 CR3: 000000000483e000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x83/0x130\n ? unregister_netdevice_many_notify+0x8d9/0x930\n ? report_bug+0x18e/0x1a0\n ? handle_bug+0x54/0x90\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? unregister_netdevice_many_notify+0x8d9/0x930\n ? bond_net_exit_batch_rtnl+0x5c/0x90\n cleanup_net+0x237/0x3d0\n process_one_work+0x163/0x390\n worker_thread+0x293/0x3b0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xec/0x1e0\n ? __pfx_kthread+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2f/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22105",
"url": "https://www.suse.com/security/cve/CVE-2025-22105"
},
{
"category": "external",
"summary": "SUSE Bug 1241548 for CVE-2025-22105",
"url": "https://bugzilla.suse.com/1241548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22105"
},
{
"cve": "CVE-2025-22106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22106"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: unregister xdp rxq info in the reset path\n\nvmxnet3 does not unregister xdp rxq info in the\nvmxnet3_reset_work() code path as vmxnet3_rq_destroy()\nis not invoked in this code path. So, we get below message with a\nbacktrace.\n\nMissing unregister, handled but fix driver\nWARNING: CPU:48 PID: 500 at net/core/xdp.c:182\n__xdp_rxq_info_reg+0x93/0xf0\n\nThis patch fixes the problem by moving the unregister\ncode of XDP from vmxnet3_rq_destroy() to vmxnet3_rq_cleanup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22106",
"url": "https://www.suse.com/security/cve/CVE-2025-22106"
},
{
"category": "external",
"summary": "SUSE Bug 1241547 for CVE-2025-22106",
"url": "https://bugzilla.suse.com/1241547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22106"
},
{
"cve": "CVE-2025-22107",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22107"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: sja1105: fix kasan out-of-bounds warning in sja1105_table_delete_entry()\n\nThere are actually 2 problems:\n- deleting the last element doesn\u0027t require the memmove of elements\n [i + 1, end) over it. Actually, element i+1 is out of bounds.\n- The memmove itself should move size - i - 1 elements, because the last\n element is out of bounds.\n\nThe out-of-bounds element still remains out of bounds after being\naccessed, so the problem is only that we touch it, not that it becomes\nin active use. But I suppose it can lead to issues if the out-of-bounds\nelement is part of an unmapped page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22107",
"url": "https://www.suse.com/security/cve/CVE-2025-22107"
},
{
"category": "external",
"summary": "SUSE Bug 1241575 for CVE-2025-22107",
"url": "https://bugzilla.suse.com/1241575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22107"
},
{
"cve": "CVE-2025-22108",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22108"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Mask the bd_cnt field in the TX BD properly\n\nThe bd_cnt field in the TX BD specifies the total number of BDs for\nthe TX packet. The bd_cnt field has 5 bits and the maximum number\nsupported is 32 with the value 0.\n\nCONFIG_MAX_SKB_FRAGS can be modified and the total number of SKB\nfragments can approach or exceed the maximum supported by the chip.\nAdd a macro to properly mask the bd_cnt field so that the value 32\nwill be properly masked and set to 0 in the bd_cnd field.\n\nWithout this patch, the out-of-range bd_cnt value will corrupt the\nTX BD and may cause TX timeout.\n\nThe next patch will check for values exceeding 32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22108",
"url": "https://www.suse.com/security/cve/CVE-2025-22108"
},
{
"category": "external",
"summary": "SUSE Bug 1241574 for CVE-2025-22108",
"url": "https://bugzilla.suse.com/1241574"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22108"
},
{
"cve": "CVE-2025-22109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Remove broken autobind\n\nBinding AX25 socket by using the autobind feature leads to memory leaks\nin ax25_connect() and also refcount leaks in ax25_release(). Memory\nleak was detected with kmemleak:\n\n================================================================\nunreferenced object 0xffff8880253cd680 (size 96):\nbacktrace:\n__kmalloc_node_track_caller_noprof (./include/linux/kmemleak.h:43)\nkmemdup_noprof (mm/util.c:136)\nax25_rt_autobind (net/ax25/ax25_route.c:428)\nax25_connect (net/ax25/af_ax25.c:1282)\n__sys_connect_file (net/socket.c:2045)\n__sys_connect (net/socket.c:2064)\n__x64_sys_connect (net/socket.c:2067)\ndo_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n================================================================\n\nWhen socket is bound, refcounts must be incremented the way it is done\nin ax25_bind() and ax25_setsockopt() (SO_BINDTODEVICE). In case of\nautobind, the refcounts are not incremented.\n\nThis bug leads to the following issue reported by Syzkaller:\n\n================================================================\nax25_connect(): syz-executor318 uses autobind, please contact jreuter@yaina.de\n------------[ cut here ]------------\nrefcount_t: decrement hit 0; leaking memory.\nWARNING: CPU: 0 PID: 5317 at lib/refcount.c:31 refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\nModules linked in:\nCPU: 0 UID: 0 PID: 5317 Comm: syz-executor318 Not tainted 6.14.0-rc4-syzkaller-00278-gece144f151ac #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0xfa/0x1d0 lib/refcount.c:31\n...\nCall Trace:\n \u003cTASK\u003e\n __refcount_dec include/linux/refcount.h:336 [inline]\n refcount_dec include/linux/refcount.h:351 [inline]\n ref_tracker_free+0x6af/0x7e0 lib/ref_tracker.c:236\n netdev_tracker_free include/linux/netdevice.h:4302 [inline]\n netdev_put include/linux/netdevice.h:4319 [inline]\n ax25_release+0x368/0x960 net/ax25/af_ax25.c:1080\n __sock_release net/socket.c:647 [inline]\n sock_close+0xbc/0x240 net/socket.c:1398\n __fput+0x3e9/0x9f0 fs/file_table.c:464\n __do_sys_close fs/open.c:1580 [inline]\n __se_sys_close fs/open.c:1565 [inline]\n __x64_sys_close+0x7f/0x110 fs/open.c:1565\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n ...\n \u003c/TASK\u003e\n================================================================\n\nConsidering the issues above and the comments left in the code that say:\n\"check if we can remove this feature. It is broken.\"; \"autobinding in this\nmay or may not work\"; - it is better to completely remove this feature than\nto fix it because it is broken and leads to various kinds of memory bugs.\n\nNow calling connect() without first binding socket will result in an\nerror (-EINVAL). Userspace software that relies on the autobind feature\nmight get broken. However, this feature does not seem widely used with\nthis specific driver as it was not reliable at any point of time, and it\nis already broken anyway. E.g. ax25-tools and ax25-apps packages for\npopular distributions do not use the autobind feature for AF_AX25.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22109",
"url": "https://www.suse.com/security/cve/CVE-2025-22109"
},
{
"category": "external",
"summary": "SUSE Bug 1241573 for CVE-2025-22109",
"url": "https://bugzilla.suse.com/1241573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22109"
},
{
"cve": "CVE-2025-22115",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22115"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix block group refcount race in btrfs_create_pending_block_groups()\n\nBlock group creation is done in two phases, which results in a slightly\nunintuitive property: a block group can be allocated/deallocated from\nafter btrfs_make_block_group() adds it to the space_info with\nbtrfs_add_bg_to_space_info(), but before creation is completely completed\nin btrfs_create_pending_block_groups(). As a result, it is possible for a\nblock group to go unused and have \u0027btrfs_mark_bg_unused\u0027 called on it\nconcurrently with \u0027btrfs_create_pending_block_groups\u0027. This causes a\nnumber of issues, which were fixed with the block group flag\n\u0027BLOCK_GROUP_FLAG_NEW\u0027.\n\nHowever, this fix is not quite complete. Since it does not use the\nunused_bg_lock, it is possible for the following race to occur:\n\nbtrfs_create_pending_block_groups btrfs_mark_bg_unused\n if list_empty // false\n list_del_init\n clear_bit\n else if (test_bit) // true\n list_move_tail\n\nAnd we get into the exact same broken ref count and invalid new_bgs\nstate for transaction cleanup that BLOCK_GROUP_FLAG_NEW was designed to\nprevent.\n\nThe broken refcount aspect will result in a warning like:\n\n [1272.943527] refcount_t: underflow; use-after-free.\n [1272.943967] WARNING: CPU: 1 PID: 61 at lib/refcount.c:28 refcount_warn_saturate+0xba/0x110\n [1272.944731] Modules linked in: btrfs virtio_net xor zstd_compress raid6_pq null_blk [last unloaded: btrfs]\n [1272.945550] CPU: 1 UID: 0 PID: 61 Comm: kworker/u32:1 Kdump: loaded Tainted: G W 6.14.0-rc5+ #108\n [1272.946368] Tainted: [W]=WARN\n [1272.946585] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n [1272.947273] Workqueue: btrfs_discard btrfs_discard_workfn [btrfs]\n [1272.947788] RIP: 0010:refcount_warn_saturate+0xba/0x110\n [1272.949532] RSP: 0018:ffffbf1200247df0 EFLAGS: 00010282\n [1272.949901] RAX: 0000000000000000 RBX: ffffa14b00e3f800 RCX: 0000000000000000\n [1272.950437] RDX: 0000000000000000 RSI: ffffbf1200247c78 RDI: 00000000ffffdfff\n [1272.950986] RBP: ffffa14b00dc2860 R08: 00000000ffffdfff R09: ffffffff90526268\n [1272.951512] R10: ffffffff904762c0 R11: 0000000063666572 R12: ffffa14b00dc28c0\n [1272.952024] R13: 0000000000000000 R14: ffffa14b00dc2868 R15: 000001285dcd12c0\n [1272.952850] FS: 0000000000000000(0000) GS:ffffa14d33c40000(0000) knlGS:0000000000000000\n [1272.953458] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [1272.953931] CR2: 00007f838cbda000 CR3: 000000010104e000 CR4: 00000000000006f0\n [1272.954474] Call Trace:\n [1272.954655] \u003cTASK\u003e\n [1272.954812] ? refcount_warn_saturate+0xba/0x110\n [1272.955173] ? __warn.cold+0x93/0xd7\n [1272.955487] ? refcount_warn_saturate+0xba/0x110\n [1272.955816] ? report_bug+0xe7/0x120\n [1272.956103] ? handle_bug+0x53/0x90\n [1272.956424] ? exc_invalid_op+0x13/0x60\n [1272.956700] ? asm_exc_invalid_op+0x16/0x20\n [1272.957011] ? refcount_warn_saturate+0xba/0x110\n [1272.957399] btrfs_discard_cancel_work.cold+0x26/0x2b [btrfs]\n [1272.957853] btrfs_put_block_group.cold+0x5d/0x8e [btrfs]\n [1272.958289] btrfs_discard_workfn+0x194/0x380 [btrfs]\n [1272.958729] process_one_work+0x130/0x290\n [1272.959026] worker_thread+0x2ea/0x420\n [1272.959335] ? __pfx_worker_thread+0x10/0x10\n [1272.959644] kthread+0xd7/0x1c0\n [1272.959872] ? __pfx_kthread+0x10/0x10\n [1272.960172] ret_from_fork+0x30/0x50\n [1272.960474] ? __pfx_kthread+0x10/0x10\n [1272.960745] ret_from_fork_asm+0x1a/0x30\n [1272.961035] \u003c/TASK\u003e\n [1272.961238] ---[ end trace 0000000000000000 ]---\n\nThough we have seen them in the async discard workfn as well. It is\nmost likely to happen after a relocation finishes which cancels discard,\ntears down the block group, etc.\n\nFix this fully by taking the lock arou\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22115",
"url": "https://www.suse.com/security/cve/CVE-2025-22115"
},
{
"category": "external",
"summary": "SUSE Bug 1241578 for CVE-2025-22115",
"url": "https://bugzilla.suse.com/1241578"
},
{
"category": "external",
"summary": "SUSE Bug 1241579 for CVE-2025-22115",
"url": "https://bugzilla.suse.com/1241579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-22115"
},
{
"cve": "CVE-2025-22116",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22116"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: check error for register_netdev() on init\n\nCurrent init logic ignores the error code from register_netdev(),\nwhich will cause WARN_ON() on attempt to unregister it, if there was one,\nand there is no info for the user that the creation of the netdev failed.\n\nWARNING: CPU: 89 PID: 6902 at net/core/dev.c:11512 unregister_netdevice_many_notify+0x211/0x1a10\n...\n[ 3707.563641] unregister_netdev+0x1c/0x30\n[ 3707.563656] idpf_vport_dealloc+0x5cf/0xce0 [idpf]\n[ 3707.563684] idpf_deinit_task+0xef/0x160 [idpf]\n[ 3707.563712] idpf_vc_core_deinit+0x84/0x320 [idpf]\n[ 3707.563739] idpf_remove+0xbf/0x780 [idpf]\n[ 3707.563769] pci_device_remove+0xab/0x1e0\n[ 3707.563786] device_release_driver_internal+0x371/0x530\n[ 3707.563803] driver_detach+0xbf/0x180\n[ 3707.563816] bus_remove_driver+0x11b/0x2a0\n[ 3707.563829] pci_unregister_driver+0x2a/0x250\n\nIntroduce an error check and log the vport number and error code.\nOn removal make sure to check VPORT_REG_NETDEV flag prior to calling\nunregister and free on the netdev.\n\nAdd local variables for idx, vport_config and netdev for readability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22116",
"url": "https://www.suse.com/security/cve/CVE-2025-22116"
},
{
"category": "external",
"summary": "SUSE Bug 1241459 for CVE-2025-22116",
"url": "https://bugzilla.suse.com/1241459"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22116"
},
{
"cve": "CVE-2025-22121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22121"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all()\n\nThere\u0027s issue as follows:\nBUG: KASAN: use-after-free in ext4_xattr_inode_dec_ref_all+0x6ff/0x790\nRead of size 4 at addr ffff88807b003000 by task syz-executor.0/15172\n\nCPU: 3 PID: 15172 Comm: syz-executor.0\nCall Trace:\n __dump_stack lib/dump_stack.c:82 [inline]\n dump_stack+0xbe/0xfd lib/dump_stack.c:123\n print_address_description.constprop.0+0x1e/0x280 mm/kasan/report.c:400\n __kasan_report.cold+0x6c/0x84 mm/kasan/report.c:560\n kasan_report+0x3a/0x50 mm/kasan/report.c:585\n ext4_xattr_inode_dec_ref_all+0x6ff/0x790 fs/ext4/xattr.c:1137\n ext4_xattr_delete_inode+0x4c7/0xda0 fs/ext4/xattr.c:2896\n ext4_evict_inode+0xb3b/0x1670 fs/ext4/inode.c:323\n evict+0x39f/0x880 fs/inode.c:622\n iput_final fs/inode.c:1746 [inline]\n iput fs/inode.c:1772 [inline]\n iput+0x525/0x6c0 fs/inode.c:1758\n ext4_orphan_cleanup fs/ext4/super.c:3298 [inline]\n ext4_fill_super+0x8c57/0xba40 fs/ext4/super.c:5300\n mount_bdev+0x355/0x410 fs/super.c:1446\n legacy_get_tree+0xfe/0x220 fs/fs_context.c:611\n vfs_get_tree+0x8d/0x2f0 fs/super.c:1576\n do_new_mount fs/namespace.c:2983 [inline]\n path_mount+0x119a/0x1ad0 fs/namespace.c:3316\n do_mount+0xfc/0x110 fs/namespace.c:3329\n __do_sys_mount fs/namespace.c:3540 [inline]\n __se_sys_mount+0x219/0x2e0 fs/namespace.c:3514\n do_syscall_64+0x33/0x40 arch/x86/entry/common.c:46\n entry_SYSCALL_64_after_hwframe+0x67/0xd1\n\nMemory state around the buggy address:\n ffff88807b002f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff88807b002f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n\u003effff88807b003000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ^\n ffff88807b003080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n ffff88807b003100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n\nAbove issue happens as ext4_xattr_delete_inode() isn\u0027t check xattr\nis valid if xattr is in inode.\nTo solve above issue call xattr_check_inode() check if xattr if valid\nin inode. In fact, we can directly verify in ext4_iget_extra_inode(),\nso that there is no divergent verification.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22121",
"url": "https://www.suse.com/security/cve/CVE-2025-22121"
},
{
"category": "external",
"summary": "SUSE Bug 1241593 for CVE-2025-22121",
"url": "https://bugzilla.suse.com/1241593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22121"
},
{
"cve": "CVE-2025-22125",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22125"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid1,raid10: don\u0027t ignore IO flags\n\nIf blk-wbt is enabled by default, it\u0027s found that raid write performance\nis quite bad because all IO are throttled by wbt of underlying disks,\ndue to flag REQ_IDLE is ignored. And turns out this behaviour exist since\nblk-wbt is introduced.\n\nOther than REQ_IDLE, other flags should not be ignored as well, for\nexample REQ_META can be set for filesystems, clearing it can cause priority\nreverse problems; And REQ_NOWAIT should not be cleared as well, because\nio will wait instead of failing directly in underlying disks.\n\nFix those problems by keep IO flags from master bio.\n\nFises: f51d46d0e7cb (\"md: add support for REQ_NOWAIT\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22125",
"url": "https://www.suse.com/security/cve/CVE-2025-22125"
},
{
"category": "external",
"summary": "SUSE Bug 1241596 for CVE-2025-22125",
"url": "https://bugzilla.suse.com/1241596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22125"
},
{
"cve": "CVE-2025-22126",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22126"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix mddev uaf while iterating all_mddevs list\n\nWhile iterating all_mddevs list from md_notify_reboot() and md_exit(),\nlist_for_each_entry_safe is used, and this can race with deletint the\nnext mddev, causing UAF:\n\nt1:\nspin_lock\n//list_for_each_entry_safe(mddev, n, ...)\n mddev_get(mddev1)\n // assume mddev2 is the next entry\n spin_unlock\n t2:\n //remove mddev2\n ...\n mddev_free\n spin_lock\n list_del\n spin_unlock\n kfree(mddev2)\n mddev_put(mddev1)\n spin_lock\n //continue dereference mddev2-\u003eall_mddevs\n\nThe old helper for_each_mddev() actually grab the reference of mddev2\nwhile holding the lock, to prevent from being freed. This problem can be\nfixed the same way, however, the code will be complex.\n\nHence switch to use list_for_each_entry, in this case mddev_put() can free\nthe mddev1 and it\u0027s not safe as well. Refer to md_seq_show(), also factor\nout a helper mddev_put_locked() to fix this problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22126",
"url": "https://www.suse.com/security/cve/CVE-2025-22126"
},
{
"category": "external",
"summary": "SUSE Bug 1241597 for CVE-2025-22126",
"url": "https://bugzilla.suse.com/1241597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22126"
},
{
"cve": "CVE-2025-22128",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22128"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Clear affinity hint before calling ath12k_pci_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath12k_pci_msi_alloc(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ.\n\nThis may end up with a warning from the IRQ core that is expecting the\naffinity hint to be cleared before freeing the IRQ:\n\nkernel/irq/manage.c:\n\n\t/* make sure affinity_hint is cleaned up */\n\tif (WARN_ON_ONCE(desc-\u003eaffinity_hint))\n\t\tdesc-\u003eaffinity_hint = NULL;\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath12k_pci_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22128",
"url": "https://www.suse.com/security/cve/CVE-2025-22128"
},
{
"category": "external",
"summary": "SUSE Bug 1241598 for CVE-2025-22128",
"url": "https://bugzilla.suse.com/1241598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-22128"
},
{
"cve": "CVE-2025-2312",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-2312"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host\u0027s Kerberos credentials cache.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-2312",
"url": "https://www.suse.com/security/cve/CVE-2025-2312"
},
{
"category": "external",
"summary": "SUSE Bug 1239680 for CVE-2025-2312",
"url": "https://bugzilla.suse.com/1239680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-2312"
},
{
"cve": "CVE-2025-23129",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23129"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: Clear affinity hint before calling ath11k_pcic_free_irq() in error path\n\nIf a shared IRQ is used by the driver due to platform limitation, then the\nIRQ affinity hint is set right after the allocation of IRQ vectors in\nath11k_pci_alloc_msi(). This does no harm unless one of the functions\nrequesting the IRQ fails and attempt to free the IRQ. This results in the\nbelow warning:\n\nWARNING: CPU: 7 PID: 349 at kernel/irq/manage.c:1929 free_irq+0x278/0x29c\nCall trace:\n free_irq+0x278/0x29c\n ath11k_pcic_free_irq+0x70/0x10c [ath11k]\n ath11k_pci_probe+0x800/0x820 [ath11k_pci]\n local_pci_probe+0x40/0xbc\n\nThe warning is due to not clearing the affinity hint before freeing the\nIRQs.\n\nSo to fix this issue, clear the IRQ affinity hint before calling\nath11k_pcic_free_irq() in the error path. The affinity will be cleared once\nagain further down the error path due to code organization, but that does\nno harm.\n\nTested-on: QCA6390 hw2.0 PCI WLAN.HST.1.0.1-05266-QCAHSTSWPLZ_V2_TO_X86-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23129",
"url": "https://www.suse.com/security/cve/CVE-2025-23129"
},
{
"category": "external",
"summary": "SUSE Bug 1241599 for CVE-2025-23129",
"url": "https://bugzilla.suse.com/1241599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-23129"
},
{
"cve": "CVE-2025-23131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23131"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: prevent NPD when writing a positive value to event_done\n\ndo_uevent returns the value written to event_done. In case it is a\npositive value, new_lockspace would undo all the work, and lockspace\nwould not be set. __dlm_new_lockspace, however, would treat that\npositive value as a success due to commit 8511a2728ab8 (\"dlm: fix use\ncount with multiple joins\").\n\nDown the line, device_create_lockspace would pass that NULL lockspace to\ndlm_find_lockspace_local, leading to a NULL pointer dereference.\n\nTreating such positive values as successes prevents the problem. Given\nthis has been broken for so long, this is unlikely to break userspace\nexpectations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23131",
"url": "https://www.suse.com/security/cve/CVE-2025-23131"
},
{
"category": "external",
"summary": "SUSE Bug 1241601 for CVE-2025-23131",
"url": "https://bugzilla.suse.com/1241601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-23131"
},
{
"cve": "CVE-2025-23133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23133"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: update channel list in reg notifier instead reg worker\n\nCurrently when ath11k gets a new channel list, it will be processed\naccording to the following steps:\n1. update new channel list to cfg80211 and queue reg_work.\n2. cfg80211 handles new channel list during reg_work.\n3. update cfg80211\u0027s handled channel list to firmware by\nath11k_reg_update_chan_list().\n\nBut ath11k will immediately execute step 3 after reg_work is just\nqueued. Since step 2 is asynchronous, cfg80211 may not have completed\nhandling the new channel list, which may leading to an out-of-bounds\nwrite error:\nBUG: KASAN: slab-out-of-bounds in ath11k_reg_update_chan_list\nCall Trace:\n ath11k_reg_update_chan_list+0xbfe/0xfe0 [ath11k]\n kfree+0x109/0x3a0\n ath11k_regd_update+0x1cf/0x350 [ath11k]\n ath11k_regd_update_work+0x14/0x20 [ath11k]\n process_one_work+0xe35/0x14c0\n\nShould ensure step 2 is completely done before executing step 3. Thus\nWen raised patch[1]. When flag NL80211_REGDOM_SET_BY_DRIVER is set,\ncfg80211 will notify ath11k after step 2 is done.\n\nSo enable the flag NL80211_REGDOM_SET_BY_DRIVER then cfg80211 will\nnotify ath11k after step 2 is done. At this time, there will be no\nKASAN bug during the execution of the step 3.\n\n[1] https://patchwork.kernel.org/project/linux-wireless/patch/20230201065313.27203-1-quic_wgong@quicinc.com/\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23133",
"url": "https://www.suse.com/security/cve/CVE-2025-23133"
},
{
"category": "external",
"summary": "SUSE Bug 1241451 for CVE-2025-23133",
"url": "https://bugzilla.suse.com/1241451"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-23133"
},
{
"cve": "CVE-2025-23136",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23136"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: int340x: Add NULL check for adev\n\nNot all devices have an ACPI companion fwnode, so adev might be NULL.\nThis is similar to the commit cd2fd6eab480\n(\"platform/x86: int3472: Check for adev == NULL\").\n\nAdd a check for adev not being set and return -ENODEV in that case to\navoid a possible NULL pointer deref in int3402_thermal_probe().\n\nNote, under the same directory, int3400_thermal_probe() has such a\ncheck.\n\n[ rjw: Subject edit, added Fixes: ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23136",
"url": "https://www.suse.com/security/cve/CVE-2025-23136"
},
{
"category": "external",
"summary": "SUSE Bug 1241357 for CVE-2025-23136",
"url": "https://bugzilla.suse.com/1241357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-23136"
},
{
"cve": "CVE-2025-23138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23138"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatch_queue: fix pipe accounting mismatch\n\nCurrently, watch_queue_set_size() modifies the pipe buffers charged to\nuser-\u003epipe_bufs without updating the pipe-\u003enr_accounted on the pipe\nitself, due to the if (!pipe_has_watch_queue()) test in\npipe_resize_ring(). This means that when the pipe is ultimately freed,\nwe decrement user-\u003epipe_bufs by something other than what than we had\ncharged to it, potentially leading to an underflow. This in turn can\ncause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM.\n\nTo remedy this, explicitly account for the pipe usage in\nwatch_queue_set_size() to match the number set via account_pipe_buffers()\n\n(It\u0027s unclear why watch_queue_set_size() does not update nr_accounted;\nit may be due to intentional overprovisioning in watch_queue_set_size()?)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23138",
"url": "https://www.suse.com/security/cve/CVE-2025-23138"
},
{
"category": "external",
"summary": "SUSE Bug 1241648 for CVE-2025-23138",
"url": "https://bugzilla.suse.com/1241648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-23138"
},
{
"cve": "CVE-2025-23140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23140"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error\n\nAfter devm_request_irq() fails with error in pci_endpoint_test_request_irq(),\nthe pci_endpoint_test_free_irq_vectors() is called assuming that all IRQs\nhave been released.\n\nHowever, some requested IRQs remain unreleased, so there are still\n/proc/irq/* entries remaining, and this results in WARN() with the\nfollowing message:\n\n remove_proc_entry: removing non-empty directory \u0027irq/30\u0027, leaking at least \u0027pci-endpoint-test.0\u0027\n WARNING: CPU: 0 PID: 202 at fs/proc/generic.c:719 remove_proc_entry +0x190/0x19c\n\nTo solve this issue, set the number of remaining IRQs to test-\u003enum_irqs,\nand release IRQs in advance by calling pci_endpoint_test_release_irq().\n\n[kwilczynski: commit log]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23140",
"url": "https://www.suse.com/security/cve/CVE-2025-23140"
},
{
"category": "external",
"summary": "SUSE Bug 1242763 for CVE-2025-23140",
"url": "https://bugzilla.suse.com/1242763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-23140"
},
{
"cve": "CVE-2025-23145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23145"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix NULL pointer in can_accept_new_subflow\n\nWhen testing valkey benchmark tool with MPTCP, the kernel panics in\n\u0027mptcp_can_accept_new_subflow\u0027 because subflow_req-\u003emsk is NULL.\n\nCall trace:\n\n mptcp_can_accept_new_subflow (./net/mptcp/subflow.c:63 (discriminator 4)) (P)\n subflow_syn_recv_sock (./net/mptcp/subflow.c:854)\n tcp_check_req (./net/ipv4/tcp_minisocks.c:863)\n tcp_v4_rcv (./net/ipv4/tcp_ipv4.c:2268)\n ip_protocol_deliver_rcu (./net/ipv4/ip_input.c:207)\n ip_local_deliver_finish (./net/ipv4/ip_input.c:234)\n ip_local_deliver (./net/ipv4/ip_input.c:254)\n ip_rcv_finish (./net/ipv4/ip_input.c:449)\n ...\n\nAccording to the debug log, the same req received two SYN-ACK in a very\nshort time, very likely because the client retransmits the syn ack due\nto multiple reasons.\n\nEven if the packets are transmitted with a relevant time interval, they\ncan be processed by the server on different CPUs concurrently). The\n\u0027subflow_req-\u003emsk\u0027 ownership is transferred to the subflow the first,\nand there will be a risk of a null pointer dereference here.\n\nThis patch fixes this issue by moving the \u0027subflow_req-\u003emsk\u0027 under the\n`own_req == true` conditional.\n\nNote that the !msk check in subflow_hmac_valid() can be dropped, because\nthe same check already exists under the own_req mpj branch where the\ncode has been moved to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23145",
"url": "https://www.suse.com/security/cve/CVE-2025-23145"
},
{
"category": "external",
"summary": "SUSE Bug 1242596 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242596"
},
{
"category": "external",
"summary": "SUSE Bug 1242882 for CVE-2025-23145",
"url": "https://bugzilla.suse.com/1242882"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-23145"
},
{
"cve": "CVE-2025-23150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix off-by-one error in do_split\n\nSyzkaller detected a use-after-free issue in ext4_insert_dentry that was\ncaused by out-of-bounds access due to incorrect splitting in do_split.\n\nBUG: KASAN: use-after-free in ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\nWrite of size 251 at addr ffff888074572f14 by task syz-executor335/5847\n\nCPU: 0 UID: 0 PID: 5847 Comm: syz-executor335 Not tainted 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x40/0x70 mm/kasan/shadow.c:106\n ext4_insert_dentry+0x36a/0x6d0 fs/ext4/namei.c:2109\n add_dirent_to_buf+0x3d9/0x750 fs/ext4/namei.c:2154\n make_indexed_dir+0xf98/0x1600 fs/ext4/namei.c:2351\n ext4_add_entry+0x222a/0x25d0 fs/ext4/namei.c:2455\n ext4_add_nondir+0x8d/0x290 fs/ext4/namei.c:2796\n ext4_symlink+0x920/0xb50 fs/ext4/namei.c:3431\n vfs_symlink+0x137/0x2e0 fs/namei.c:4615\n do_symlinkat+0x222/0x3a0 fs/namei.c:4641\n __do_sys_symlink fs/namei.c:4662 [inline]\n __se_sys_symlink fs/namei.c:4660 [inline]\n __x64_sys_symlink+0x7a/0x90 fs/namei.c:4660\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nThe following loop is located right above \u0027if\u0027 statement.\n\nfor (i = count-1; i \u003e= 0; i--) {\n\t/* is more than half of this entry in 2nd half of the block? */\n\tif (size + map[i].size/2 \u003e blocksize/2)\n\t\tbreak;\n\tsize += map[i].size;\n\tmove++;\n}\n\n\u0027i\u0027 in this case could go down to -1, in which case sum of active entries\nwouldn\u0027t exceed half the block size, but previous behaviour would also do\nsplit in half if sum would exceed at the very last block, which in case of\nhaving too many long name files in a single block could lead to\nout-of-bounds access and following use-after-free.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23150",
"url": "https://www.suse.com/security/cve/CVE-2025-23150"
},
{
"category": "external",
"summary": "SUSE Bug 1242513 for CVE-2025-23150",
"url": "https://bugzilla.suse.com/1242513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-23150"
},
{
"cve": "CVE-2025-23160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-23160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization\n\nOn Mediatek devices with a system companion processor (SCP) the mtk_scp\nstructure has to be removed explicitly to avoid a resource leak.\nFree the structure in case the allocation of the firmware structure fails\nduring the firmware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-23160",
"url": "https://www.suse.com/security/cve/CVE-2025-23160"
},
{
"category": "external",
"summary": "SUSE Bug 1242507 for CVE-2025-23160",
"url": "https://bugzilla.suse.com/1242507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-23160"
},
{
"cve": "CVE-2025-37748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37748"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group\n\nCurrently, mtk_iommu calls during probe iommu_device_register before\nthe hw_list from driver data is initialized. Since iommu probing issue\nfix, it leads to NULL pointer dereference in mtk_iommu_device_group when\nhw_list is accessed with list_first_entry (not null safe).\n\nSo, change the call order to ensure iommu_device_register is called\nafter the driver data are initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37748",
"url": "https://www.suse.com/security/cve/CVE-2025-37748"
},
{
"category": "external",
"summary": "SUSE Bug 1242523 for CVE-2025-37748",
"url": "https://bugzilla.suse.com/1242523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37748"
},
{
"cve": "CVE-2025-37749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ppp: Add bound checking for skb data on ppp_sync_txmung\n\nEnsure we have enough data in linear buffer from skb before accessing\ninitial bytes. This prevents potential out-of-bounds accesses\nwhen processing short packets.\n\nWhen ppp_sync_txmung receives an incoming package with an empty\npayload:\n(remote) gef\u27a4 p *(struct pppoe_hdr *) (skb-\u003ehead + skb-\u003enetwork_header)\n$18 = {\n\ttype = 0x1,\n\tver = 0x1,\n\tcode = 0x0,\n\tsid = 0x2,\n length = 0x0,\n\ttag = 0xffff8880371cdb96\n}\n\nfrom the skb struct (trimmed)\n tail = 0x16,\n end = 0x140,\n head = 0xffff88803346f400 \"4\",\n data = 0xffff88803346f416 \":\\377\",\n truesize = 0x380,\n len = 0x0,\n data_len = 0x0,\n mac_len = 0xe,\n hdr_len = 0x0,\n\nit is not safe to access data[2].\n\n[pabeni@redhat.com: fixed subj typo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37749",
"url": "https://www.suse.com/security/cve/CVE-2025-37749"
},
{
"category": "external",
"summary": "SUSE Bug 1242859 for CVE-2025-37749",
"url": "https://bugzilla.suse.com/1242859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37749"
},
{
"cve": "CVE-2025-37750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in decryption with multichannel\n\nAfter commit f7025d861694 (\"smb: client: allocate crypto only for\nprimary server\") and commit b0abcd65ec54 (\"smb: client: fix UAF in\nasync decryption\"), the channels started reusing AEAD TFM from primary\nchannel to perform synchronous decryption, but that can\u0027t done as\nthere could be multiple cifsd threads (one per channel) simultaneously\naccessing it to perform decryption.\n\nThis fixes the following KASAN splat when running fstest generic/249\nwith \u0027vers=3.1.1,multichannel,max_channels=4,seal\u0027 against Windows\nServer 2022:\n\nBUG: KASAN: slab-use-after-free in gf128mul_4k_lle+0xba/0x110\nRead of size 8 at addr ffff8881046c18a0 by task cifsd/986\nCPU: 3 UID: 0 PID: 986 Comm: cifsd Not tainted 6.15.0-rc1 #1\nPREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n print_report+0x156/0x528\n ? gf128mul_4k_lle+0xba/0x110\n ? __virt_addr_valid+0x145/0x300\n ? __phys_addr+0x46/0x90\n ? gf128mul_4k_lle+0xba/0x110\n kasan_report+0xdf/0x1a0\n ? gf128mul_4k_lle+0xba/0x110\n gf128mul_4k_lle+0xba/0x110\n ghash_update+0x189/0x210\n shash_ahash_update+0x295/0x370\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_shash_ahash_update+0x10/0x10\n ? __pfx_extract_iter_to_sg+0x10/0x10\n ? ___kmalloc_large_node+0x10e/0x180\n ? __asan_memset+0x23/0x50\n crypto_ahash_update+0x3c/0xc0\n gcm_hash_assoc_remain_continue+0x93/0xc0\n crypt_message+0xe09/0xec0 [cifs]\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? _raw_spin_unlock+0x23/0x40\n ? __pfx_cifs_readv_from_socket+0x10/0x10 [cifs]\n decrypt_raw_data+0x229/0x380 [cifs]\n ? __pfx_decrypt_raw_data+0x10/0x10 [cifs]\n ? __pfx_cifs_read_iter_from_socket+0x10/0x10 [cifs]\n smb3_receive_transform+0x837/0xc80 [cifs]\n ? __pfx_smb3_receive_transform+0x10/0x10 [cifs]\n ? __pfx___might_resched+0x10/0x10\n ? __pfx_smb3_is_transform_hdr+0x10/0x10 [cifs]\n cifs_demultiplex_thread+0x692/0x1570 [cifs]\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n ? rcu_is_watching+0x20/0x50\n ? rcu_lockdep_current_cpu_online+0x62/0xb0\n ? find_held_lock+0x32/0x90\n ? kvm_sched_clock_read+0x11/0x20\n ? local_clock_noinstr+0xd/0xd0\n ? trace_irq_enable.constprop.0+0xa8/0xe0\n ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]\n kthread+0x1fe/0x380\n ? kthread+0x10f/0x380\n ? __pfx_kthread+0x10/0x10\n ? local_clock_noinstr+0xd/0xd0\n ? ret_from_fork+0x1b/0x60\n ? local_clock+0x15/0x30\n ? lock_release+0x29b/0x390\n ? rcu_is_watching+0x20/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x60\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37750",
"url": "https://www.suse.com/security/cve/CVE-2025-37750"
},
{
"category": "external",
"summary": "SUSE Bug 1242510 for CVE-2025-37750",
"url": "https://bugzilla.suse.com/1242510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37750"
},
{
"cve": "CVE-2025-37755",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37755"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: handle page_pool_dev_alloc_pages error\n\npage_pool_dev_alloc_pages could return NULL. There was a WARN_ON(!page)\nbut it would still proceed to use the NULL pointer and then crash.\n\nThis is similar to commit 001ba0902046\n(\"net: fec: handle page_pool_dev_alloc_pages error\").\n\nThis is found by our static analysis tool KNighter.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37755",
"url": "https://www.suse.com/security/cve/CVE-2025-37755"
},
{
"category": "external",
"summary": "SUSE Bug 1242506 for CVE-2025-37755",
"url": "https://bugzilla.suse.com/1242506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37755"
},
{
"cve": "CVE-2025-37773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: add filesystem context source name check\n\nIn certain scenarios, for example, during fuzz testing, the source\nname may be NULL, which could lead to a kernel panic. Therefore, an\nextra check for the source name should be added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37773",
"url": "https://www.suse.com/security/cve/CVE-2025-37773"
},
{
"category": "external",
"summary": "SUSE Bug 1242502 for CVE-2025-37773",
"url": "https://bugzilla.suse.com/1242502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37773"
},
{
"cve": "CVE-2025-37780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: Prevent the use of too small fid\n\nsyzbot reported a slab-out-of-bounds Read in isofs_fh_to_parent. [1]\n\nThe handle_bytes value passed in by the reproducing program is equal to 12.\nIn handle_to_path(), only 12 bytes of memory are allocated for the structure\nfile_handle-\u003ef_handle member, which causes an out-of-bounds access when\naccessing the member parent_block of the structure isofs_fid in isofs,\nbecause accessing parent_block requires at least 16 bytes of f_handle.\nHere, fh_len is used to indirectly confirm that the value of handle_bytes\nis greater than 3 before accessing parent_block.\n\n[1]\nBUG: KASAN: slab-out-of-bounds in isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\nRead of size 4 at addr ffff0000cc030d94 by task syz-executor215/6466\nCPU: 1 UID: 0 PID: 6466 Comm: syz-executor215 Not tainted 6.14.0-rc7-syzkaller-ga2392f333575 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025\nCall trace:\n show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:466 (C)\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xe4/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:408 [inline]\n print_report+0x198/0x550 mm/kasan/report.c:521\n kasan_report+0xd8/0x138 mm/kasan/report.c:634\n __asan_report_load4_noabort+0x20/0x2c mm/kasan/report_generic.c:380\n isofs_fh_to_parent+0x1b8/0x210 fs/isofs/export.c:183\n exportfs_decode_fh_raw+0x2dc/0x608 fs/exportfs/expfs.c:523\n do_handle_to_path+0xa0/0x198 fs/fhandle.c:257\n handle_to_path fs/fhandle.c:385 [inline]\n do_handle_open+0x8cc/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600\n\nAllocated by task 6466:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x40/0x78 mm/kasan/common.c:68\n kasan_save_alloc_info+0x40/0x50 mm/kasan/generic.c:562\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xac/0xc4 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4294 [inline]\n __kmalloc_noprof+0x32c/0x54c mm/slub.c:4306\n kmalloc_noprof include/linux/slab.h:905 [inline]\n handle_to_path fs/fhandle.c:357 [inline]\n do_handle_open+0x5a4/0xb8c fs/fhandle.c:403\n __do_sys_open_by_handle_at fs/fhandle.c:443 [inline]\n __se_sys_open_by_handle_at fs/fhandle.c:434 [inline]\n __arm64_sys_open_by_handle_at+0x80/0x94 fs/fhandle.c:434\n __invoke_syscall arch/arm64/kernel/syscall.c:35 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:49\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:132\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:151\n el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:744\n el0t_64_sync_handler+0x84/0x108 arch/arm64/kernel/entry-common.c:762\n el0t_64_sync+0x198/0x19c arch/arm64/kernel/entry.S:600",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37780",
"url": "https://www.suse.com/security/cve/CVE-2025-37780"
},
{
"category": "external",
"summary": "SUSE Bug 1242786 for CVE-2025-37780",
"url": "https://bugzilla.suse.com/1242786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37780"
},
{
"cve": "CVE-2025-37785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix OOB read when checking dotdot dir\n\nMounting a corrupted filesystem with directory which contains \u0027.\u0027 dir\nentry with rec_len == block size results in out-of-bounds read (later\non, when the corrupted directory is removed).\n\next4_empty_dir() assumes every ext4 directory contains at least \u0027.\u0027\nand \u0027..\u0027 as directory entries in the first data block. It first loads\nthe \u0027.\u0027 dir entry, performs sanity checks by calling ext4_check_dir_entry()\nand then uses its rec_len member to compute the location of \u0027..\u0027 dir\nentry (in ext4_next_entry). It assumes the \u0027..\u0027 dir entry fits into the\nsame data block.\n\nIf the rec_len of \u0027.\u0027 is precisely one block (4KB), it slips through the\nsanity checks (it is considered the last directory entry in the data\nblock) and leaves \"struct ext4_dir_entry_2 *de\" point exactly past the\nmemory slot allocated to the data block. The following call to\next4_check_dir_entry() on new value of de then dereferences this pointer\nwhich results in out-of-bounds mem access.\n\nFix this by extending __ext4_check_dir_entry() to check for \u0027.\u0027 dir\nentries that reach the end of data block. Make sure to ignore the phony\ndir entries for checksum (by checking name_len for non-zero).\n\nNote: This is reported by KASAN as use-after-free in case another\nstructure was recently freed from the slot past the bound, but it is\nreally an OOB read.\n\nThis issue was found by syzkaller tool.\n\nCall Trace:\n[ 38.594108] BUG: KASAN: slab-use-after-free in __ext4_check_dir_entry+0x67e/0x710\n[ 38.594649] Read of size 2 at addr ffff88802b41a004 by task syz-executor/5375\n[ 38.595158]\n[ 38.595288] CPU: 0 UID: 0 PID: 5375 Comm: syz-executor Not tainted 6.14.0-rc7 #1\n[ 38.595298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 38.595304] Call Trace:\n[ 38.595308] \u003cTASK\u003e\n[ 38.595311] dump_stack_lvl+0xa7/0xd0\n[ 38.595325] print_address_description.constprop.0+0x2c/0x3f0\n[ 38.595339] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595349] print_report+0xaa/0x250\n[ 38.595359] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595368] ? kasan_addr_to_slab+0x9/0x90\n[ 38.595378] kasan_report+0xab/0xe0\n[ 38.595389] ? __ext4_check_dir_entry+0x67e/0x710\n[ 38.595400] __ext4_check_dir_entry+0x67e/0x710\n[ 38.595410] ext4_empty_dir+0x465/0x990\n[ 38.595421] ? __pfx_ext4_empty_dir+0x10/0x10\n[ 38.595432] ext4_rmdir.part.0+0x29a/0xd10\n[ 38.595441] ? __dquot_initialize+0x2a7/0xbf0\n[ 38.595455] ? __pfx_ext4_rmdir.part.0+0x10/0x10\n[ 38.595464] ? __pfx___dquot_initialize+0x10/0x10\n[ 38.595478] ? down_write+0xdb/0x140\n[ 38.595487] ? __pfx_down_write+0x10/0x10\n[ 38.595497] ext4_rmdir+0xee/0x140\n[ 38.595506] vfs_rmdir+0x209/0x670\n[ 38.595517] ? lookup_one_qstr_excl+0x3b/0x190\n[ 38.595529] do_rmdir+0x363/0x3c0\n[ 38.595537] ? __pfx_do_rmdir+0x10/0x10\n[ 38.595544] ? strncpy_from_user+0x1ff/0x2e0\n[ 38.595561] __x64_sys_unlinkat+0xf0/0x130\n[ 38.595570] do_syscall_64+0x5b/0x180\n[ 38.595583] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37785",
"url": "https://www.suse.com/security/cve/CVE-2025-37785"
},
{
"category": "external",
"summary": "SUSE Bug 1241640 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241640"
},
{
"category": "external",
"summary": "SUSE Bug 1241698 for CVE-2025-37785",
"url": "https://bugzilla.suse.com/1241698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37785"
},
{
"cve": "CVE-2025-37787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered\n\nRussell King reports that a system with mv88e6xxx dereferences a NULL\npointer when unbinding this driver:\nhttps://lore.kernel.org/netdev/Z_lRkMlTJ1KQ0kVX@shell.armlinux.org.uk/\n\nThe crash seems to be in devlink_region_destroy(), which is not NULL\ntolerant but is given a NULL devlink global region pointer.\n\nAt least on some chips, some devlink regions are conditionally registered\nsince the blamed commit, see mv88e6xxx_setup_devlink_regions_global():\n\n\t\tif (cond \u0026\u0026 !cond(chip))\n\t\t\tcontinue;\n\nThese are MV88E6XXX_REGION_STU and MV88E6XXX_REGION_PVT. If the chip\ndoes not have an STU or PVT, it should crash like this.\n\nTo fix the issue, avoid unregistering those regions which are NULL, i.e.\nwere skipped at mv88e6xxx_setup_devlink_regions_global() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37787",
"url": "https://www.suse.com/security/cve/CVE-2025-37787"
},
{
"category": "external",
"summary": "SUSE Bug 1242585 for CVE-2025-37787",
"url": "https://bugzilla.suse.com/1242585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37787"
},
{
"cve": "CVE-2025-37789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix nested key length validation in the set() action\n\nIt\u0027s not safe to access nla_len(ovs_key) if the data is smaller than\nthe netlink header. Check that the attribute is OK first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37789",
"url": "https://www.suse.com/security/cve/CVE-2025-37789"
},
{
"category": "external",
"summary": "SUSE Bug 1242762 for CVE-2025-37789",
"url": "https://bugzilla.suse.com/1242762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37789"
},
{
"cve": "CVE-2025-37790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: Set SOCK_RCU_FREE\n\nBind lookup runs under RCU, so ensure that a socket doesn\u0027t go away in\nthe middle of a lookup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37790",
"url": "https://www.suse.com/security/cve/CVE-2025-37790"
},
{
"category": "external",
"summary": "SUSE Bug 1242509 for CVE-2025-37790",
"url": "https://bugzilla.suse.com/1242509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37790"
},
{
"cve": "CVE-2025-37797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a UAF vulnerability in class handling\n\nThis patch fixes a Use-After-Free vulnerability in the HFSC qdisc class\nhandling. The issue occurs due to a time-of-check/time-of-use condition\nin hfsc_change_class() when working with certain child qdiscs like netem\nor codel.\n\nThe vulnerability works as follows:\n1. hfsc_change_class() checks if a class has packets (q.qlen != 0)\n2. It then calls qdisc_peek_len(), which for certain qdiscs (e.g.,\n codel, netem) might drop packets and empty the queue\n3. The code continues assuming the queue is still non-empty, adding\n the class to vttree\n4. This breaks HFSC scheduler assumptions that only non-empty classes\n are in vttree\n5. Later, when the class is destroyed, this can lead to a Use-After-Free\n\nThe fix adds a second queue length check after qdisc_peek_len() to verify\nthe queue wasn\u0027t emptied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37797",
"url": "https://www.suse.com/security/cve/CVE-2025-37797"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1242417"
},
{
"category": "external",
"summary": "SUSE Bug 1245793 for CVE-2025-37797",
"url": "https://bugzilla.suse.com/1245793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-37797"
},
{
"cve": "CVE-2025-37798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncodel: remove sch-\u003eq.qlen check before qdisc_tree_reduce_backlog()\n\nAfter making all -\u003eqlen_notify() callbacks idempotent, now it is safe to\nremove the check of qlen!=0 from both fq_codel_dequeue() and\ncodel_qdisc_dequeue().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37798",
"url": "https://www.suse.com/security/cve/CVE-2025-37798"
},
{
"category": "external",
"summary": "SUSE Bug 1242414 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242414"
},
{
"category": "external",
"summary": "SUSE Bug 1242417 for CVE-2025-37798",
"url": "https://bugzilla.suse.com/1242417"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "important"
}
],
"title": "CVE-2025-37798"
},
{
"cve": "CVE-2025-37799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp\n\nvmxnet3 driver\u0027s XDP handling is buggy for packet sizes using ring0 (that\nis, packet sizes between 128 - 3k bytes).\n\nWe noticed MTU-related connectivity issues with Cilium\u0027s service load-\nbalancing in case of vmxnet3 as NIC underneath. A simple curl to a HTTP\nbackend service where the XDP LB was doing IPIP encap led to overly large\npacket sizes but only for *some* of the packets (e.g. HTTP GET request)\nwhile others (e.g. the prior TCP 3WHS) looked completely fine on the wire.\n\nIn fact, the pcap recording on the backend node actually revealed that the\nnode with the XDP LB was leaking uninitialized kernel data onto the wire\nfor the affected packets, for example, while the packets should have been\n152 bytes their actual size was 1482 bytes, so the remainder after 152 bytes\nwas padded with whatever other data was in that page at the time (e.g. we\nsaw user/payload data from prior processed packets).\n\nWe only noticed this through an MTU issue, e.g. when the XDP LB node and\nthe backend node both had the same MTU (e.g. 1500) then the curl request\ngot dropped on the backend node\u0027s NIC given the packet was too large even\nthough the IPIP-encapped packet normally would never even come close to\nthe MTU limit. Lowering the MTU on the XDP LB (e.g. 1480) allowed to let\nthe curl request succeed (which also indicates that the kernel ignored the\npadding, and thus the issue wasn\u0027t very user-visible).\n\nCommit e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") was too eager\nto also switch xdp_prepare_buff() from rcd-\u003elen to rbi-\u003elen. It really needs\nto stick to rcd-\u003elen which is the actual packet length from the descriptor.\nThe latter we also feed into vmxnet3_process_xdp_small(), by the way, and\nit indicates the correct length needed to initialize the xdp-\u003e{data,data_end}\nparts. For e127ce7699c1 (\"vmxnet3: Fix missing reserved tailroom\") the\nrelevant part was adapting xdp_init_buff() to address the warning given the\nxdp_data_hard_end() depends on xdp-\u003eframe_sz. With that fixed, traffic on\nthe wire looks good again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37799",
"url": "https://www.suse.com/security/cve/CVE-2025-37799"
},
{
"category": "external",
"summary": "SUSE Bug 1242283 for CVE-2025-37799",
"url": "https://bugzilla.suse.com/1242283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37799"
},
{
"cve": "CVE-2025-37803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudmabuf: fix a buf size overflow issue during udmabuf creation\n\nby casting size_limit_mb to u64 when calculate pglimit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37803",
"url": "https://www.suse.com/security/cve/CVE-2025-37803"
},
{
"category": "external",
"summary": "SUSE Bug 1242852 for CVE-2025-37803",
"url": "https://bugzilla.suse.com/1242852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37803"
},
{
"cve": "CVE-2025-37804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37804"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37804",
"url": "https://www.suse.com/security/cve/CVE-2025-37804"
},
{
"category": "external",
"summary": "SUSE Bug 1242854 for CVE-2025-37804",
"url": "https://bugzilla.suse.com/1242854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37804"
},
{
"cve": "CVE-2025-37809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: class: Fix NULL pointer access\n\nConcurrent calls to typec_partner_unlink_device can lead to a NULL pointer\ndereference. This patch adds a mutex to protect USB device pointers and\nprevent this issue. The same mutex protects both the device pointers and\nthe partner device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37809",
"url": "https://www.suse.com/security/cve/CVE-2025-37809"
},
{
"category": "external",
"summary": "SUSE Bug 1242856 for CVE-2025-37809",
"url": "https://bugzilla.suse.com/1242856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37809"
},
{
"cve": "CVE-2025-37820",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37820"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: handle NULL returned by xdp_convert_buff_to_frame()\n\nThe function xdp_convert_buff_to_frame() may return NULL if it fails\nto correctly convert the XDP buffer into an XDP frame due to memory\nconstraints, internal errors, or invalid data. Failing to check for NULL\nmay lead to a NULL pointer dereference if the result is used later in\nprocessing, potentially causing crashes, data corruption, or undefined\nbehavior.\n\nOn XDP redirect failure, the associated page must be released explicitly\nif it was previously retained via get_page(). Failing to do so may result\nin a memory leak, as the pages reference count is not decremented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37820",
"url": "https://www.suse.com/security/cve/CVE-2025-37820"
},
{
"category": "external",
"summary": "SUSE Bug 1242866 for CVE-2025-37820",
"url": "https://bugzilla.suse.com/1242866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37820"
},
{
"cve": "CVE-2025-37823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too\n\nSimilarly to the previous patch, we need to safe guard hfsc_dequeue()\ntoo. But for this one, we don\u0027t have a reliable reproducer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37823",
"url": "https://www.suse.com/security/cve/CVE-2025-37823"
},
{
"category": "external",
"summary": "SUSE Bug 1242924 for CVE-2025-37823",
"url": "https://bugzilla.suse.com/1242924"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37823"
},
{
"cve": "CVE-2025-37824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix NULL pointer dereference in tipc_mon_reinit_self()\n\nsyzbot reported:\n\ntipc: Node number set to 1055423674\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 3 UID: 0 PID: 6017 Comm: kworker/3:5 Not tainted 6.15.0-rc1-syzkaller-00246-g900241a5cc15 #0 PREEMPT(full)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nWorkqueue: events tipc_net_finalize_work\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n tipc_net_finalize+0x10b/0x180 net/tipc/net.c:140\n process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238\n process_scheduled_works kernel/workqueue.c:3319 [inline]\n worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400\n kthread+0x3c2/0x780 kernel/kthread.c:464\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n...\nRIP: 0010:tipc_mon_reinit_self+0x11c/0x210 net/tipc/monitor.c:719\n...\nRSP: 0018:ffffc9000356fb68 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000003ee87cba\nRDX: 0000000000000000 RSI: ffffffff8dbc56a7 RDI: ffff88804c2cc010\nRBP: dffffc0000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000007\nR13: fffffbfff2111097 R14: ffff88804ead8000 R15: ffff88804ead9010\nFS: 0000000000000000(0000) GS:ffff888097ab9000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000f720eb00 CR3: 000000000e182000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\nThere is a racing condition between workqueue created when enabling\nbearer and another thread created when disabling bearer right after\nthat as follow:\n\nenabling_bearer | disabling_bearer\n--------------- | ----------------\ntipc_disc_timeout() |\n{ | bearer_disable()\n ... | {\n schedule_work(\u0026tn-\u003ework); | tipc_mon_delete()\n ... | {\n} | ...\n | write_lock_bh(\u0026mon-\u003elock);\n | mon-\u003eself = NULL;\n | write_unlock_bh(\u0026mon-\u003elock);\n | ...\n | }\ntipc_net_finalize_work() | }\n{ |\n ... |\n tipc_net_finalize() |\n { |\n ... |\n tipc_mon_reinit_self() |\n { |\n ... |\n write_lock_bh(\u0026mon-\u003elock); |\n mon-\u003eself-\u003eaddr = tipc_own_addr(net); |\n write_unlock_bh(\u0026mon-\u003elock); |\n ... \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37824",
"url": "https://www.suse.com/security/cve/CVE-2025-37824"
},
{
"category": "external",
"summary": "SUSE Bug 1242867 for CVE-2025-37824",
"url": "https://bugzilla.suse.com/1242867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37824"
},
{
"cve": "CVE-2025-37829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scpi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37829",
"url": "https://www.suse.com/security/cve/CVE-2025-37829"
},
{
"category": "external",
"summary": "SUSE Bug 1242875 for CVE-2025-37829",
"url": "https://bugzilla.suse.com/1242875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37829"
},
{
"cve": "CVE-2025-37830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. scmi_cpufreq_get_rate() does not check for\nthis case, which results in a NULL pointer dereference.\n\nAdd NULL check after cpufreq_cpu_get_raw() to prevent this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37830",
"url": "https://www.suse.com/security/cve/CVE-2025-37830"
},
{
"category": "external",
"summary": "SUSE Bug 1242860 for CVE-2025-37830",
"url": "https://bugzilla.suse.com/1242860"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37830"
},
{
"cve": "CVE-2025-37831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate()\n\ncpufreq_cpu_get_raw() can return NULL when the target CPU is not present\nin the policy-\u003ecpus mask. apple_soc_cpufreq_get_rate() does not check\nfor this case, which results in a NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37831",
"url": "https://www.suse.com/security/cve/CVE-2025-37831"
},
{
"category": "external",
"summary": "SUSE Bug 1242861 for CVE-2025-37831",
"url": "https://bugzilla.suse.com/1242861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37831"
},
{
"cve": "CVE-2025-37833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads\n\nFix niu_try_msix() to not cause a fatal trap on sparc systems.\n\nSet PCI_DEV_FLAGS_MSIX_TOUCH_ENTRY_DATA_FIRST on the struct pci_dev to\nwork around a bug in the hardware or firmware.\n\nFor each vector entry in the msix table, niu chips will cause a fatal\ntrap if any registers in that entry are read before that entries\u0027\nENTRY_DATA register is written to. Testing indicates writes to other\nregisters are not sufficient to prevent the fatal trap, however the value\ndoes not appear to matter. This only needs to happen once after power up,\nso simply rebooting into a kernel lacking this fix will NOT cause the\ntrap.\n\nNON-RESUMABLE ERROR: Reporting on cpu 64\nNON-RESUMABLE ERROR: TPC [0x00000000005f6900] \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\nNON-RESUMABLE ERROR: RAW [4010000000000016:00000e37f93e32ff:0000000202000080:ffffffffffffffff\nNON-RESUMABLE ERROR: 0000000800000000:0000000000000000:0000000000000000:0000000000000000]\nNON-RESUMABLE ERROR: handle [0x4010000000000016] stick [0x00000e37f93e32ff]\nNON-RESUMABLE ERROR: type [precise nonresumable]\nNON-RESUMABLE ERROR: attrs [0x02000080] \u003c ASI sp-faulted priv \u003e\nNON-RESUMABLE ERROR: raddr [0xffffffffffffffff]\nNON-RESUMABLE ERROR: insn effective address [0x000000c50020000c]\nNON-RESUMABLE ERROR: size [0x8]\nNON-RESUMABLE ERROR: asi [0x00]\nCPU: 64 UID: 0 PID: 745 Comm: kworker/64:1 Not tainted 6.11.5 #63\nWorkqueue: events work_for_cpu_fn\nTSTATE: 0000000011001602 TPC: 00000000005f6900 TNPC: 00000000005f6904 Y: 00000000 Not tainted\nTPC: \u003cmsix_prepare_msi_desc+0x90/0xa0\u003e\ng0: 00000000000002e9 g1: 000000000000000c g2: 000000c50020000c g3: 0000000000000100\ng4: ffff8000470307c0 g5: ffff800fec5be000 g6: ffff800047a08000 g7: 0000000000000000\no0: ffff800014feb000 o1: ffff800047a0b620 o2: 0000000000000011 o3: ffff800047a0b620\no4: 0000000000000080 o5: 0000000000000011 sp: ffff800047a0ad51 ret_pc: 00000000005f7128\nRPC: \u003c__pci_enable_msix_range+0x3cc/0x460\u003e\nl0: 000000000000000d l1: 000000000000c01f l2: ffff800014feb0a8 l3: 0000000000000020\nl4: 000000000000c000 l5: 0000000000000001 l6: 0000000020000000 l7: ffff800047a0b734\ni0: ffff800014feb000 i1: ffff800047a0b730 i2: 0000000000000001 i3: 000000000000000d\ni4: 0000000000000000 i5: 0000000000000000 i6: ffff800047a0ae81 i7: 00000000101888b0\nI7: \u003cniu_try_msix.constprop.0+0xc0/0x130 [niu]\u003e\nCall Trace:\n[\u003c00000000101888b0\u003e] niu_try_msix.constprop.0+0xc0/0x130 [niu]\n[\u003c000000001018f840\u003e] niu_get_invariants+0x183c/0x207c [niu]\n[\u003c00000000101902fc\u003e] niu_pci_init_one+0x27c/0x2fc [niu]\n[\u003c00000000005ef3e4\u003e] local_pci_probe+0x28/0x74\n[\u003c0000000000469240\u003e] work_for_cpu_fn+0x8/0x1c\n[\u003c000000000046b008\u003e] process_scheduled_works+0x144/0x210\n[\u003c000000000046b518\u003e] worker_thread+0x13c/0x1c0\n[\u003c00000000004710e0\u003e] kthread+0xb8/0xc8\n[\u003c00000000004060c8\u003e] ret_from_fork+0x1c/0x2c\n[\u003c0000000000000000\u003e] 0x0\nKernel panic - not syncing: Non-resumable error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37833",
"url": "https://www.suse.com/security/cve/CVE-2025-37833"
},
{
"category": "external",
"summary": "SUSE Bug 1242868 for CVE-2025-37833",
"url": "https://bugzilla.suse.com/1242868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37833"
},
{
"cve": "CVE-2025-37842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fsl-qspi: use devm function instead of driver remove\n\nDriver use devm APIs to manage clk/irq/resources and register the spi\ncontroller, but the legacy remove function will be called first during\ndevice detach and trigger kernel panic. Drop the remove function and use\ndevm_add_action_or_reset() for driver cleanup to ensure the release\nsequence.\n\nTrigger kernel panic on i.MX8MQ by\necho 30bb0000.spi \u003e/sys/bus/platform/drivers/fsl-quadspi/unbind",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37842",
"url": "https://www.suse.com/security/cve/CVE-2025-37842"
},
{
"category": "external",
"summary": "SUSE Bug 1242951 for CVE-2025-37842",
"url": "https://bugzilla.suse.com/1242951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37842"
},
{
"cve": "CVE-2025-37860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsfc: fix NULL dereferences in ef100_process_design_param()\n\nSince cited commit, ef100_probe_main() and hence also\n ef100_check_design_params() run before efx-\u003enet_dev is created;\n consequently, we cannot netif_set_tso_max_size() or _segs() at this\n point.\nMove those netif calls to ef100_probe_netdev(), and also replace\n netif_err within the design params code with pci_err.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37860",
"url": "https://www.suse.com/security/cve/CVE-2025-37860"
},
{
"category": "external",
"summary": "SUSE Bug 1241452 for CVE-2025-37860",
"url": "https://bugzilla.suse.com/1241452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37860"
},
{
"cve": "CVE-2025-37870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: prevent hang on link training fail\n\n[Why]\nWhen link training fails, the phy clock will be disabled. However, in\nenable_streams, it is assumed that link training succeeded and the\nmux selects the phy clock, causing a hang when a register write is made.\n\n[How]\nWhen enable_stream is hit, check if link training failed. If it did, fall\nback to the ref clock to avoid a hang and keep the system in a recoverable\nstate.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37870",
"url": "https://www.suse.com/security/cve/CVE-2025-37870"
},
{
"category": "external",
"summary": "SUSE Bug 1243056 for CVE-2025-37870",
"url": "https://bugzilla.suse.com/1243056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37870"
},
{
"cve": "CVE-2025-37879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/net: fix improper handling of bogus negative read/write replies\n\nIn p9_client_write() and p9_client_read_once(), if the server\nincorrectly replies with success but a negative write/read count then we\nwould consider written (negative) \u003c= rsize (positive) because both\nvariables were signed.\n\nMake variables unsigned to avoid this problem.\n\nThe reproducer linked below now fails with the following error instead\nof a null pointer deref:\n9pnet: bogus RWRITE count (4294967295 \u003e 3)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37879",
"url": "https://www.suse.com/security/cve/CVE-2025-37879"
},
{
"category": "external",
"summary": "SUSE Bug 1243077 for CVE-2025-37879",
"url": "https://bugzilla.suse.com/1243077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37879"
},
{
"cve": "CVE-2025-37886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: make wait_context part of q_info\n\nMake the wait_context a full part of the q_info struct rather\nthan a stack variable that goes away after pdsc_adminq_post()\nis done so that the context is still available after the wait\nloop has given up.\n\nThere was a case where a slow development firmware caused\nthe adminq request to time out, but then later the FW finally\nfinished the request and sent the interrupt. The handler tried\nto complete_all() the completion context that had been created\non the stack in pdsc_adminq_post() but no longer existed.\nThis caused bad pointer usage, kernel crashes, and much wailing\nand gnashing of teeth.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37886",
"url": "https://www.suse.com/security/cve/CVE-2025-37886"
},
{
"category": "external",
"summary": "SUSE Bug 1242944 for CVE-2025-37886",
"url": "https://bugzilla.suse.com/1242944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37886"
},
{
"cve": "CVE-2025-37887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result\n\nIf the FW doesn\u0027t support the PDS_CORE_CMD_FW_CONTROL command\nthe driver might at the least print garbage and at the worst\ncrash when the user runs the \"devlink dev info\" devlink command.\n\nThis happens because the stack variable fw_list is not 0\ninitialized which results in fw_list.num_fw_slots being a\ngarbage value from the stack. Then the driver tries to access\nfw_list.fw_names[i] with i \u003e= ARRAY_SIZE and runs off the end\nof the array.\n\nFix this by initializing the fw_list and by not failing\ncompletely if the devcmd fails because other useful information\nis printed via devlink dev info even if the devcmd fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37887",
"url": "https://www.suse.com/security/cve/CVE-2025-37887"
},
{
"category": "external",
"summary": "SUSE Bug 1242962 for CVE-2025-37887",
"url": "https://bugzilla.suse.com/1242962"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37887"
},
{
"cve": "CVE-2025-37949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxenbus: Use kref to track req lifetime\n\nMarek reported seeing a NULL pointer fault in the xenbus_thread\ncallstack:\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nRIP: e030:__wake_up_common+0x4c/0x180\nCall Trace:\n \u003cTASK\u003e\n __wake_up_common_lock+0x82/0xd0\n process_msg+0x18e/0x2f0\n xenbus_thread+0x165/0x1c0\n\nprocess_msg+0x18e is req-\u003ecb(req). req-\u003ecb is set to xs_wake_up(), a\nthin wrapper around wake_up(), or xenbus_dev_queue_reply(). It seems\nlike it was xs_wake_up() in this case.\n\nIt seems like req may have woken up the xs_wait_for_reply(), which\nkfree()ed the req. When xenbus_thread resumes, it faults on the zero-ed\ndata.\n\nLinux Device Drivers 2nd edition states:\n\"Normally, a wake_up call can cause an immediate reschedule to happen,\nmeaning that other processes might run before wake_up returns.\"\n... which would match the behaviour observed.\n\nChange to keeping two krefs on each request. One for the caller, and\none for xenbus_thread. Each will kref_put() when finished, and the last\nwill free it.\n\nThis use of kref matches the description in\nDocumentation/core-api/kref.rst",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37949",
"url": "https://www.suse.com/security/cve/CVE-2025-37949"
},
{
"category": "external",
"summary": "SUSE Bug 1243541 for CVE-2025-37949",
"url": "https://bugzilla.suse.com/1243541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37949"
},
{
"cve": "CVE-2025-37957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception\n\nPreviously, commit ed129ec9057f (\"KVM: x86: forcibly leave nested mode\non vCPU reset\") addressed an issue where a triple fault occurring in\nnested mode could lead to use-after-free scenarios. However, the commit\ndid not handle the analogous situation for System Management Mode (SMM).\n\nThis omission results in triggering a WARN when KVM forces a vCPU INIT\nafter SHUTDOWN interception while the vCPU is in SMM. This situation was\nreprodused using Syzkaller by:\n\n 1) Creating a KVM VM and vCPU\n 2) Sending a KVM_SMI ioctl to explicitly enter SMM\n 3) Executing invalid instructions causing consecutive exceptions and\n eventually a triple fault\n\nThe issue manifests as follows:\n\n WARNING: CPU: 0 PID: 25506 at arch/x86/kvm/x86.c:12112\n kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Modules linked in:\n CPU: 0 PID: 25506 Comm: syz-executor.0 Not tainted\n 6.1.130-syzkaller-00157-g164fe5dde9b6 #0\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 1.12.0-1 04/01/2014\n RIP: 0010:kvm_vcpu_reset+0x1d2/0x1530 arch/x86/kvm/x86.c:12112\n Call Trace:\n \u003cTASK\u003e\n shutdown_interception+0x66/0xb0 arch/x86/kvm/svm/svm.c:2136\n svm_invoke_exit_handler+0x110/0x530 arch/x86/kvm/svm/svm.c:3395\n svm_handle_exit+0x424/0x920 arch/x86/kvm/svm/svm.c:3457\n vcpu_enter_guest arch/x86/kvm/x86.c:10959 [inline]\n vcpu_run+0x2c43/0x5a90 arch/x86/kvm/x86.c:11062\n kvm_arch_vcpu_ioctl_run+0x50f/0x1cf0 arch/x86/kvm/x86.c:11283\n kvm_vcpu_ioctl+0x570/0xf00 arch/x86/kvm/../../../virt/kvm/kvm_main.c:4122\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x19a/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nArchitecturally, INIT is blocked when the CPU is in SMM, hence KVM\u0027s WARN()\nin kvm_vcpu_reset() to guard against KVM bugs, e.g. to detect improper\nemulation of INIT. SHUTDOWN on SVM is a weird edge case where KVM needs to\ndo _something_ sane with the VMCB, since it\u0027s technically undefined, and\nINIT is the least awful choice given KVM\u0027s ABI.\n\nSo, double down on stuffing INIT on SHUTDOWN, and force the vCPU out of\nSMM to avoid any weirdness (and the WARN).\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.\n\n[sean: massage changelog, make it clear this isn\u0027t architectural behavior]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37957",
"url": "https://www.suse.com/security/cve/CVE-2025-37957"
},
{
"category": "external",
"summary": "SUSE Bug 1243513 for CVE-2025-37957",
"url": "https://bugzilla.suse.com/1243513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37957"
},
{
"cve": "CVE-2025-37958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/huge_memory: fix dereferencing invalid pmd migration entry\n\nWhen migrating a THP, concurrent access to the PMD migration entry during\na deferred split scan can lead to an invalid address access, as\nillustrated below. To prevent this invalid access, it is necessary to\ncheck the PMD migration entry and return early. In this context, there is\nno need to use pmd_to_swp_entry and pfn_swap_entry_to_page to verify the\nequality of the target folio. Since the PMD migration entry is locked, it\ncannot be served as the target.\n\nMailing list discussion and explanation from Hugh Dickins: \"An anon_vma\nlookup points to a location which may contain the folio of interest, but\nmight instead contain another folio: and weeding out those other folios is\nprecisely what the \"folio != pmd_folio((*pmd)\" check (and the \"risk of\nreplacing the wrong folio\" comment a few lines above it) is for.\"\n\nBUG: unable to handle page fault for address: ffffea60001db008\nCPU: 0 UID: 0 PID: 2199114 Comm: tee Not tainted 6.14.0+ #4 NONE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:split_huge_pmd_locked+0x3b5/0x2b60\nCall Trace:\n\u003cTASK\u003e\ntry_to_migrate_one+0x28c/0x3730\nrmap_walk_anon+0x4f6/0x770\nunmap_folio+0x196/0x1f0\nsplit_huge_page_to_list_to_order+0x9f6/0x1560\ndeferred_split_scan+0xac5/0x12a0\nshrinker_debugfs_scan_write+0x376/0x470\nfull_proxy_write+0x15c/0x220\nvfs_write+0x2fc/0xcb0\nksys_write+0x146/0x250\ndo_syscall_64+0x6a/0x120\nentry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe bug is found by syzkaller on an internal kernel, then confirmed on\nupstream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37958",
"url": "https://www.suse.com/security/cve/CVE-2025-37958"
},
{
"category": "external",
"summary": "SUSE Bug 1243539 for CVE-2025-37958",
"url": "https://bugzilla.suse.com/1243539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37958"
},
{
"cve": "CVE-2025-37960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemblock: Accept allocated memory before use in memblock_double_array()\n\nWhen increasing the array size in memblock_double_array() and the slab\nis not yet available, a call to memblock_find_in_range() is used to\nreserve/allocate memory. However, the range returned may not have been\naccepted, which can result in a crash when booting an SNP guest:\n\n RIP: 0010:memcpy_orig+0x68/0x130\n Code: ...\n RSP: 0000:ffffffff9cc03ce8 EFLAGS: 00010006\n RAX: ff11001ff83e5000 RBX: 0000000000000000 RCX: fffffffffffff000\n RDX: 0000000000000bc0 RSI: ffffffff9dba8860 RDI: ff11001ff83e5c00\n RBP: 0000000000002000 R08: 0000000000000000 R09: 0000000000002000\n R10: 000000207fffe000 R11: 0000040000000000 R12: ffffffff9d06ef78\n R13: ff11001ff83e5000 R14: ffffffff9dba7c60 R15: 0000000000000c00\n memblock_double_array+0xff/0x310\n memblock_add_range+0x1fb/0x2f0\n memblock_reserve+0x4f/0xa0\n memblock_alloc_range_nid+0xac/0x130\n memblock_alloc_internal+0x53/0xc0\n memblock_alloc_try_nid+0x3d/0xa0\n swiotlb_init_remap+0x149/0x2f0\n mem_init+0xb/0xb0\n mm_core_init+0x8f/0x350\n start_kernel+0x17e/0x5d0\n x86_64_start_reservations+0x14/0x30\n x86_64_start_kernel+0x92/0xa0\n secondary_startup_64_no_verify+0x194/0x19b\n\nMitigate this by calling accept_memory() on the memory range returned\nbefore the slab is available.\n\nPrior to v6.12, the accept_memory() interface used a \u0027start\u0027 and \u0027end\u0027\nparameter instead of \u0027start\u0027 and \u0027size\u0027, therefore the accept_memory()\ncall must be adjusted to specify \u0027start + size\u0027 for \u0027end\u0027 when applying\nto kernels prior to v6.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37960",
"url": "https://www.suse.com/security/cve/CVE-2025-37960"
},
{
"category": "external",
"summary": "SUSE Bug 1243519 for CVE-2025-37960",
"url": "https://bugzilla.suse.com/1243519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37960"
},
{
"cve": "CVE-2025-37974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-37974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/pci: Fix missing check for zpci_create_device() error return\n\nThe zpci_create_device() function returns an error pointer that needs to\nbe checked before dereferencing it as a struct zpci_dev pointer. Add the\nmissing check in __clp_add() where it was missed when adding the\nscan_list in the fixed commit. Simply not adding the device to the scan\nlist results in the previous behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-37974",
"url": "https://www.suse.com/security/cve/CVE-2025-37974"
},
{
"category": "external",
"summary": "SUSE Bug 1243547 for CVE-2025-37974",
"url": "https://bugzilla.suse.com/1243547"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-37974"
},
{
"cve": "CVE-2025-38152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38152"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Clear table_sz when rproc_shutdown\n\nThere is case as below could trigger kernel dump:\nUse U-Boot to start remote processor(rproc) with resource table\npublished to a fixed address by rproc. After Kernel boots up,\nstop the rproc, load a new firmware which doesn\u0027t have resource table\n,and start rproc.\n\nWhen starting rproc with a firmware not have resource table,\n`memcpy(loaded_table, rproc-\u003ecached_table, rproc-\u003etable_sz)` will\ntrigger dump, because rproc-\u003ecache_table is set to NULL during the last\nstop operation, but rproc-\u003etable_sz is still valid.\n\nThis issue is found on i.MX8MP and i.MX9.\n\nDump as below:\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000010af63000\n[0000000000000000] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] PREEMPT SMP\nModules linked in:\nCPU: 2 UID: 0 PID: 1060 Comm: sh Not tainted 6.14.0-rc7-next-20250317-dirty #38\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: a0000005 (NzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __pi_memcpy_generic+0x110/0x22c\nlr : rproc_start+0x88/0x1e0\nCall trace:\n __pi_memcpy_generic+0x110/0x22c (P)\n rproc_boot+0x198/0x57c\n state_store+0x40/0x104\n dev_attr_store+0x18/0x2c\n sysfs_kf_write+0x7c/0x94\n kernfs_fop_write_iter+0x120/0x1cc\n vfs_write+0x240/0x378\n ksys_write+0x70/0x108\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x10c\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x30/0xcc\n el0t_64_sync_handler+0x10c/0x138\n el0t_64_sync+0x198/0x19c\n\nClear rproc-\u003etable_sz to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38152",
"url": "https://www.suse.com/security/cve/CVE-2025-38152"
},
{
"category": "external",
"summary": "SUSE Bug 1241627 for CVE-2025-38152",
"url": "https://bugzilla.suse.com/1241627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-38152"
},
{
"cve": "CVE-2025-38637",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38637"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: skbprio: Remove overly strict queue assertions\n\nIn the current implementation, skbprio enqueue/dequeue contains an assertion\nthat fails under certain conditions when SKBPRIO is used as a child qdisc under\nTBF with specific parameters. The failure occurs because TBF sometimes peeks at\npackets in the child qdisc without actually dequeuing them when tokens are\nunavailable.\n\nThis peek operation creates a discrepancy between the parent and child qdisc\nqueue length counters. When TBF later receives a high-priority packet,\nSKBPRIO\u0027s queue length may show a different value than what\u0027s reflected in its\ninternal priority queue tracking, triggering the assertion.\n\nThe fix removes this overly strict assertions in SKBPRIO, they are not\nnecessary at all.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38637",
"url": "https://www.suse.com/security/cve/CVE-2025-38637"
},
{
"category": "external",
"summary": "SUSE Bug 1241657 for CVE-2025-38637",
"url": "https://bugzilla.suse.com/1241657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-38637"
},
{
"cve": "CVE-2025-39728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: samsung: Fix UBSAN panic in samsung_clk_init()\n\nWith UBSAN_ARRAY_BOUNDS=y, I\u0027m hitting the below panic due to\ndereferencing `ctx-\u003eclk_data.hws` before setting\n`ctx-\u003eclk_data.num = nr_clks`. Move that up to fix the crash.\n\n UBSAN: array index out of bounds: 00000000f2005512 [#1] PREEMPT SMP\n \u003csnip\u003e\n Call trace:\n samsung_clk_init+0x110/0x124 (P)\n samsung_clk_init+0x48/0x124 (L)\n samsung_cmu_register_one+0x3c/0xa0\n exynos_arm64_register_cmu+0x54/0x64\n __gs101_cmu_top_of_clk_init_declare+0x28/0x60\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39728",
"url": "https://www.suse.com/security/cve/CVE-2025-39728"
},
{
"category": "external",
"summary": "SUSE Bug 1241626 for CVE-2025-39728",
"url": "https://bugzilla.suse.com/1241626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-39728"
},
{
"cve": "CVE-2025-40325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/raid10: wait barrier before returning discard request with REQ_NOWAIT\n\nraid10_handle_discard should wait barrier before returning a discard bio\nwhich has REQ_NOWAIT. And there is no need to print warning calltrace\nif a discard bio has REQ_NOWAIT flag. Quality engineer usually checks\ndmesg and reports error if dmesg has warning/error calltrace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40325",
"url": "https://www.suse.com/security/cve/CVE-2025-40325"
},
{
"category": "external",
"summary": "SUSE Bug 1241638 for CVE-2025-40325",
"url": "https://bugzilla.suse.com/1241638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-coco_debug-devel-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-devel-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-source-coco-6.4.0-15061.21.coco15sp6.1.noarch",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:kernel-syms-coco-6.4.0-15061.21.coco15sp6.1.x86_64",
"SUSE Linux Enterprise Module for Confidential Computing Technical Preview 15 SP6:reiserfs-kmp-coco-6.4.0-15061.21.coco15sp6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-12T06:29:09Z",
"details": "moderate"
}
],
"title": "CVE-2025-40325"
}
]
}
FKIE_CVE-2024-58017
Vulnerability from fkie_nvd - Published: 2025-02-27 03:15 - Updated: 2025-11-03 20:16
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which
leads to undefined behavior. To prevent this, cast 1 to u32 before
performing the shift, ensuring well-defined behavior.
This change explicitly avoids any potential overflow by ensuring that
the shift occurs on an unsigned 32-bit integer.
References
| URL | Tags | ||
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/3d6f83df8ff2d5de84b50377e4f0d45e25311c7a | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/404e5fd918a0b14abec06c7eca128f04c9b98e41 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/4a2c4e7265b8eed83c25d86d702cea06493cab18 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/4acf6bab775dbd22a9a799030a808a7305e01d63 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/54c14022fa2ba427dc543455c2cf9225903a7174 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/9a6d43844de2479a3ff8d674c3e2a16172e01598 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/bb8ff054e19fe27f4e5eaac1b05e462894cfe9b1 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/dfb7b179741ee09506dc7719d92f9e1cea01f10e | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BF0B0B-D95C-472C-A99F-DE209F253F6F",
"versionEndExcluding": "6.1.129",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C58261F-EDFB-4A12-8CCD-F12101482030",
"versionEndExcluding": "6.6.78",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "033BB7EE-C9A2-45EA-BAC9-87BB9D951BCD",
"versionEndExcluding": "6.12.14",
"versionStartIncluding": "6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E92CEE3-1FC3-4AFC-A513-DEDBA7414F00",
"versionEndExcluding": "6.13.3",
"versionStartIncluding": "6.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: printk: Se corrige el desbordamiento de entero con signo al definir LOG_BUF_LEN_MAX. El cambio de 1 \u0026lt;\u0026lt; 31 en un entero de 32 bits provoca un desbordamiento de entero con signo, lo que conduce a un comportamiento indefinido. Para evitarlo, convierta 1 a u32 antes de realizar el cambio, lo que garantiza un comportamiento bien definido. Este cambio evita expl\u00edcitamente cualquier desbordamiento potencial al garantizar que el cambio se produzca en un entero de 32 bits sin signo."
}
],
"id": "CVE-2024-58017",
"lastModified": "2025-11-03T20:16:58.843",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-02-27T03:15:12.690",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/3d6f83df8ff2d5de84b50377e4f0d45e25311c7a"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/404e5fd918a0b14abec06c7eca128f04c9b98e41"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/4a2c4e7265b8eed83c25d86d702cea06493cab18"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/4acf6bab775dbd22a9a799030a808a7305e01d63"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/54c14022fa2ba427dc543455c2cf9225903a7174"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/9a6d43844de2479a3ff8d674c3e2a16172e01598"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/bb8ff054e19fe27f4e5eaac1b05e462894cfe9b1"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/dfb7b179741ee09506dc7719d92f9e1cea01f10e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
WID-SEC-W-2025-0453
Vulnerability from csaf_certbund - Published: 2025-02-26 23:00 - Updated: 2025-10-23 22:00Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein entfernter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0453 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0453.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0453 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0453"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2022-49732",
"url": "https://lore.kernel.org/linux-cve-announce/2025022619-CVE-2022-49732-fc0d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-49570",
"url": "https://lore.kernel.org/linux-cve-announce/2025022601-CVE-2024-49570-d2e7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-52557",
"url": "https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2024-52557-506d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-52559",
"url": "https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2024-52559-6125@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-52560",
"url": "https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2024-52560-8446@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-54456",
"url": "https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2024-54456-e8a9@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-54458",
"url": "https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2024-54458-75cd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57834",
"url": "https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2024-57834-f004@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57852",
"url": "https://lore.kernel.org/linux-cve-announce/2025022603-CVE-2024-57852-f942@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57953",
"url": "https://lore.kernel.org/linux-cve-announce/2025022631-CVE-2024-57953-9830@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57973",
"url": "https://lore.kernel.org/linux-cve-announce/2025022632-CVE-2024-57973-8797@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57974",
"url": "https://lore.kernel.org/linux-cve-announce/2025022632-CVE-2024-57974-189e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57975",
"url": "https://lore.kernel.org/linux-cve-announce/2025022633-CVE-2024-57975-e1c7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57976",
"url": "https://lore.kernel.org/linux-cve-announce/2025022633-CVE-2024-57976-10f5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57977",
"url": "https://lore.kernel.org/linux-cve-announce/2025022633-CVE-2024-57977-88ac@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57978",
"url": "https://lore.kernel.org/linux-cve-announce/2025022634-CVE-2024-57978-2a90@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57979",
"url": "https://lore.kernel.org/linux-cve-announce/2025022634-CVE-2024-57979-aad0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57980",
"url": "https://lore.kernel.org/linux-cve-announce/2025022634-CVE-2024-57980-4b5a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57981",
"url": "https://lore.kernel.org/linux-cve-announce/2025022635-CVE-2024-57981-bba6@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57982",
"url": "https://lore.kernel.org/linux-cve-announce/2025022635-CVE-2024-57982-c76a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57983",
"url": "https://lore.kernel.org/linux-cve-announce/2025022635-CVE-2024-57983-d9c0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57984",
"url": "https://lore.kernel.org/linux-cve-announce/2025022636-CVE-2024-57984-191f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57985",
"url": "https://lore.kernel.org/linux-cve-announce/2025022636-CVE-2024-57985-1f49@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57986",
"url": "https://lore.kernel.org/linux-cve-announce/2025022636-CVE-2024-57986-6166@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57987",
"url": "https://lore.kernel.org/linux-cve-announce/2025022637-CVE-2024-57987-09a3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57988",
"url": "https://lore.kernel.org/linux-cve-announce/2025022637-CVE-2024-57988-db3b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57989",
"url": "https://lore.kernel.org/linux-cve-announce/2025022638-CVE-2024-57989-0a14@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57990",
"url": "https://lore.kernel.org/linux-cve-announce/2025022638-CVE-2024-57990-67dc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57991",
"url": "https://lore.kernel.org/linux-cve-announce/2025022638-CVE-2024-57991-a3e1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57992",
"url": "https://lore.kernel.org/linux-cve-announce/2025022639-CVE-2024-57992-fa9c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57993",
"url": "https://lore.kernel.org/linux-cve-announce/2025022639-CVE-2024-57993-e136@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57994",
"url": "https://lore.kernel.org/linux-cve-announce/2025022639-CVE-2024-57994-8dbd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57995",
"url": "https://lore.kernel.org/linux-cve-announce/2025022640-CVE-2024-57995-892d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57996",
"url": "https://lore.kernel.org/linux-cve-announce/2025022640-CVE-2024-57996-b670@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57997",
"url": "https://lore.kernel.org/linux-cve-announce/2025022640-CVE-2024-57997-a004@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57998",
"url": "https://lore.kernel.org/linux-cve-announce/2025022641-CVE-2024-57998-e730@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-57999",
"url": "https://lore.kernel.org/linux-cve-announce/2025022641-CVE-2024-57999-1029@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58000",
"url": "https://lore.kernel.org/linux-cve-announce/2025022642-CVE-2024-58000-4f74@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58001",
"url": "https://lore.kernel.org/linux-cve-announce/2025022654-CVE-2024-58001-3f9c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58002",
"url": "https://lore.kernel.org/linux-cve-announce/2025022654-CVE-2024-58002-6f93@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58003",
"url": "https://lore.kernel.org/linux-cve-announce/2025022655-CVE-2024-58003-2b9b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58004",
"url": "https://lore.kernel.org/linux-cve-announce/2025022655-CVE-2024-58004-cf99@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58005",
"url": "https://lore.kernel.org/linux-cve-announce/2025022655-CVE-2024-58005-f2fa@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58006",
"url": "https://lore.kernel.org/linux-cve-announce/2025022655-CVE-2024-58006-9855@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58007",
"url": "https://lore.kernel.org/linux-cve-announce/2025022655-CVE-2024-58007-123c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58008",
"url": "https://lore.kernel.org/linux-cve-announce/2025022656-CVE-2024-58008-548d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58009",
"url": "https://lore.kernel.org/linux-cve-announce/2025022656-CVE-2024-58009-b2d2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58010",
"url": "https://lore.kernel.org/linux-cve-announce/2025022656-CVE-2024-58010-39bc@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58011",
"url": "https://lore.kernel.org/linux-cve-announce/2025022656-CVE-2024-58011-5ed8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58012",
"url": "https://lore.kernel.org/linux-cve-announce/2025022656-CVE-2024-58012-90ce@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58013",
"url": "https://lore.kernel.org/linux-cve-announce/2025022656-CVE-2024-58013-55de@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58014",
"url": "https://lore.kernel.org/linux-cve-announce/2025022657-CVE-2024-58014-6269@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58015",
"url": "https://lore.kernel.org/linux-cve-announce/2025022657-CVE-2024-58015-f72e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58016",
"url": "https://lore.kernel.org/linux-cve-announce/2025022657-CVE-2024-58016-115b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58017",
"url": "https://lore.kernel.org/linux-cve-announce/2025022657-CVE-2024-58017-fb48@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58018",
"url": "https://lore.kernel.org/linux-cve-announce/2025022657-CVE-2024-58018-605c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58019",
"url": "https://lore.kernel.org/linux-cve-announce/2025022658-CVE-2024-58019-64da@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58020",
"url": "https://lore.kernel.org/linux-cve-announce/2025022603-CVE-2024-58020-a097@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2024-58021",
"url": "https://lore.kernel.org/linux-cve-announce/2025022603-CVE-2024-58021-0769@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21705",
"url": "https://lore.kernel.org/linux-cve-announce/2025022642-CVE-2025-21705-c7e5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21706",
"url": "https://lore.kernel.org/linux-cve-announce/2025022642-CVE-2025-21706-f5bd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21707",
"url": "https://lore.kernel.org/linux-cve-announce/2025022643-CVE-2025-21707-2961@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21708",
"url": "https://lore.kernel.org/linux-cve-announce/2025022643-CVE-2025-21708-77ac@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21709",
"url": "https://lore.kernel.org/linux-cve-announce/2025022643-CVE-2025-21709-e967@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21710",
"url": "https://lore.kernel.org/linux-cve-announce/2025022644-CVE-2025-21710-5e28@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21711",
"url": "https://lore.kernel.org/linux-cve-announce/2025022644-CVE-2025-21711-9e79@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21712",
"url": "https://lore.kernel.org/linux-cve-announce/2025022644-CVE-2025-21712-8345@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21713",
"url": "https://lore.kernel.org/linux-cve-announce/2025022645-CVE-2025-21713-4c72@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21714",
"url": "https://lore.kernel.org/linux-cve-announce/2025022645-CVE-2025-21714-8169@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21715",
"url": "https://lore.kernel.org/linux-cve-announce/2025022645-CVE-2025-21715-2837@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21716",
"url": "https://lore.kernel.org/linux-cve-announce/2025022646-CVE-2025-21716-3afa@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21717",
"url": "https://lore.kernel.org/linux-cve-announce/2025022646-CVE-2025-21717-3893@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21718",
"url": "https://lore.kernel.org/linux-cve-announce/2025022646-CVE-2025-21718-d976@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21719",
"url": "https://lore.kernel.org/linux-cve-announce/2025022646-CVE-2025-21719-dbee@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21720",
"url": "https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2025-21720-063a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21721",
"url": "https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2025-21721-28d2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21722",
"url": "https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2025-21722-5415@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21723",
"url": "https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2025-21723-9f05@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21724",
"url": "https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2025-21724-f4b1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21725",
"url": "https://lore.kernel.org/linux-cve-announce/2025022647-CVE-2025-21725-3a4d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21726",
"url": "https://lore.kernel.org/linux-cve-announce/2025022648-CVE-2025-21726-73b1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21727",
"url": "https://lore.kernel.org/linux-cve-announce/2025022648-CVE-2025-21727-b034@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21728",
"url": "https://lore.kernel.org/linux-cve-announce/2025022648-CVE-2025-21728-5da4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21729",
"url": "https://lore.kernel.org/linux-cve-announce/2025022648-CVE-2025-21729-24e3@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21730",
"url": "https://lore.kernel.org/linux-cve-announce/2025022648-CVE-2025-21730-5bfb@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21731",
"url": "https://lore.kernel.org/linux-cve-announce/2025022649-CVE-2025-21731-c18b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21732",
"url": "https://lore.kernel.org/linux-cve-announce/2025022658-CVE-2025-21732-e800@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21733",
"url": "https://lore.kernel.org/linux-cve-announce/2025022658-CVE-2025-21733-f0b8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21734",
"url": "https://lore.kernel.org/linux-cve-announce/2025022658-CVE-2025-21734-ac40@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21735",
"url": "https://lore.kernel.org/linux-cve-announce/2025022658-CVE-2025-21735-259b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21736",
"url": "https://lore.kernel.org/linux-cve-announce/2025022659-CVE-2025-21736-6d94@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21737",
"url": "https://lore.kernel.org/linux-cve-announce/2025022659-CVE-2025-21737-db6e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21738",
"url": "https://lore.kernel.org/linux-cve-announce/2025022659-CVE-2025-21738-f502@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21739",
"url": "https://lore.kernel.org/linux-cve-announce/2025022659-CVE-2025-21739-5578@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21740",
"url": "https://lore.kernel.org/linux-cve-announce/2025022659-CVE-2025-21740-083e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21741",
"url": "https://lore.kernel.org/linux-cve-announce/2025022600-CVE-2025-21741-cbfd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21742",
"url": "https://lore.kernel.org/linux-cve-announce/2025022600-CVE-2025-21742-7d50@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21743",
"url": "https://lore.kernel.org/linux-cve-announce/2025022600-CVE-2025-21743-c67f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21744",
"url": "https://lore.kernel.org/linux-cve-announce/2025022600-CVE-2025-21744-2585@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21745",
"url": "https://lore.kernel.org/linux-cve-announce/2025022600-CVE-2025-21745-19ee@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21746",
"url": "https://lore.kernel.org/linux-cve-announce/2025022600-CVE-2025-21746-380d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21747",
"url": "https://lore.kernel.org/linux-cve-announce/2025022601-CVE-2025-21747-a514@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21748",
"url": "https://lore.kernel.org/linux-cve-announce/2025022601-CVE-2025-21748-c980@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21749",
"url": "https://lore.kernel.org/linux-cve-announce/2025022601-CVE-2025-21749-cd11@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21750",
"url": "https://lore.kernel.org/linux-cve-announce/2025022601-CVE-2025-21750-d10d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21751",
"url": "https://lore.kernel.org/linux-cve-announce/2025022601-CVE-2025-21751-101c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21752",
"url": "https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2025-21752-5815@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21753",
"url": "https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2025-21753-91bd@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21754",
"url": "https://lore.kernel.org/linux-cve-announce/2025022602-CVE-2025-21754-9daa@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21755",
"url": "https://lore.kernel.org/linux-cve-announce/2025022603-CVE-2025-21755-5887@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21756",
"url": "https://lore.kernel.org/linux-cve-announce/2025022603-CVE-2025-21756-5e09@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21757",
"url": "https://lore.kernel.org/linux-cve-announce/2025022603-CVE-2025-21757-912a@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21758",
"url": "https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2025-21758-9f8c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21759",
"url": "https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2025-21759-ad7c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21760",
"url": "https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2025-21760-fb9d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21761",
"url": "https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2025-21761-218b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21762",
"url": "https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2025-21762-8b8d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21763",
"url": "https://lore.kernel.org/linux-cve-announce/2025022604-CVE-2025-21763-dcff@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21764",
"url": "https://lore.kernel.org/linux-cve-announce/2025022605-CVE-2025-21764-1061@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21765",
"url": "https://lore.kernel.org/linux-cve-announce/2025022605-CVE-2025-21765-4d5e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21766",
"url": "https://lore.kernel.org/linux-cve-announce/2025022605-CVE-2025-21766-a004@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21767",
"url": "https://lore.kernel.org/linux-cve-announce/2025022605-CVE-2025-21767-4c7f@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21768",
"url": "https://lore.kernel.org/linux-cve-announce/2025022605-CVE-2025-21768-512b@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21769",
"url": "https://lore.kernel.org/linux-cve-announce/2025022605-CVE-2025-21769-c349@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21770",
"url": "https://lore.kernel.org/linux-cve-announce/2025022606-CVE-2025-21770-d7e0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21771",
"url": "https://lore.kernel.org/linux-cve-announce/2025022606-CVE-2025-21771-6032@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21772",
"url": "https://lore.kernel.org/linux-cve-announce/2025022606-CVE-2025-21772-5ec0@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21773",
"url": "https://lore.kernel.org/linux-cve-announce/2025022606-CVE-2025-21773-2ee7@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21774",
"url": "https://lore.kernel.org/linux-cve-announce/2025022606-CVE-2025-21774-26d5@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21775",
"url": "https://lore.kernel.org/linux-cve-announce/2025022606-CVE-2025-21775-3137@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21776",
"url": "https://lore.kernel.org/linux-cve-announce/2025022607-CVE-2025-21776-5581@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21777",
"url": "https://lore.kernel.org/linux-cve-announce/2025022607-CVE-2025-21777-0c96@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21778",
"url": "https://lore.kernel.org/linux-cve-announce/2025022607-CVE-2025-21778-9ae4@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21779",
"url": "https://lore.kernel.org/linux-cve-announce/2025022607-CVE-2025-21779-f239@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21780",
"url": "https://lore.kernel.org/linux-cve-announce/2025022607-CVE-2025-21780-8283@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21781",
"url": "https://lore.kernel.org/linux-cve-announce/2025022607-CVE-2025-21781-7324@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21782",
"url": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2025-21782-9d97@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21783",
"url": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2025-21783-2714@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21784",
"url": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2025-21784-cd4e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21785",
"url": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2025-21785-184c@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21786",
"url": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2025-21786-f31d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21787",
"url": "https://lore.kernel.org/linux-cve-announce/2025022608-CVE-2025-21787-c4f2@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21788",
"url": "https://lore.kernel.org/linux-cve-announce/2025022609-CVE-2025-21788-2619@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21789",
"url": "https://lore.kernel.org/linux-cve-announce/2025022609-CVE-2025-21789-9691@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21790",
"url": "https://lore.kernel.org/linux-cve-announce/2025022609-CVE-2025-21790-af3e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21791",
"url": "https://lore.kernel.org/linux-cve-announce/2025022609-CVE-2025-21791-6074@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21792",
"url": "https://lore.kernel.org/linux-cve-announce/2025022609-CVE-2025-21792-d8e8@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21793",
"url": "https://lore.kernel.org/linux-cve-announce/2025022609-CVE-2025-21793-2c1e@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21794",
"url": "https://lore.kernel.org/linux-cve-announce/2025022610-CVE-2025-21794-ddde@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21795",
"url": "https://lore.kernel.org/linux-cve-announce/2025022610-CVE-2025-21795-785d@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21796",
"url": "https://lore.kernel.org/linux-cve-announce/2025022610-CVE-2025-21796-0133@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2025-21797",
"url": "https://lore.kernel.org/linux-cve-announce/2025022610-CVE-2025-21797-04ee@gregkh/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2474 vom 2025-03-10",
"url": "https://access.redhat.com/errata/RHSA-2025:2474"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-2473 vom 2025-03-11",
"url": "https://linux.oracle.com/errata/ELSA-2025-2473.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0834-1 vom 2025-03-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020497.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0847-1 vom 2025-03-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020505.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0856-1 vom 2025-03-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020508.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0856-1 vom 2025-03-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/OSPHACQPT5GWCIN3WJL55RCYA4OHTBLI/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0856-1 vom 2025-03-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OSPHACQPT5GWCIN3WJL55RCYA4OHTBLI/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2710 vom 2025-03-20",
"url": "https://access.redhat.com/errata/RHSA-2025:2710"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0955-1 vom 2025-03-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020563.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0983-1 vom 2025-03-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020579.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3128 vom 2025-03-25",
"url": "https://access.redhat.com/errata/RHSA-2025:3128"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3127 vom 2025-03-25",
"url": "https://access.redhat.com/errata/RHSA-2025:3127"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3208 vom 2025-03-26",
"url": "https://access.redhat.com/errata/RHSA-2025:3208"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3212 vom 2025-03-26",
"url": "https://access.redhat.com/errata/RHSA-2025:3212"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3214 vom 2025-03-26",
"url": "https://access.redhat.com/errata/RHSA-2025:3214"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3213 vom 2025-03-26",
"url": "https://access.redhat.com/errata/RHSA-2025:3213"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3207 vom 2025-03-26",
"url": "https://access.redhat.com/errata/RHSA-2025:3207"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3211 vom 2025-03-26",
"url": "https://access.redhat.com/errata/RHSA-2025:3211"
},
{
"category": "external",
"summary": "RedHat Security Advisory",
"url": "https://access.redhat.com/errata/RHSA-2025:3216"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3209 vom 2025-03-26",
"url": "https://access.redhat.com/errata/RHSA-2025:3209"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-3208 vom 2025-03-27",
"url": "https://linux.oracle.com/errata/ELSA-2025-3208.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3264 vom 2025-03-26",
"url": "https://access.redhat.com/errata/RHSA-2025:3264"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3260 vom 2025-03-26",
"url": "https://access.redhat.com/errata/RHSA-2025:3260"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1027-1 vom 2025-03-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-March/020612.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-3260 vom 2025-03-27",
"url": "https://linux.oracle.com/errata/ELSA-2025-3260.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4102 vom 2025-04-01",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.15-2025-069 vom 2025-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2025-069.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2025-097 vom 2025-04-01",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2025-097.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1177-1 vom 2025-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020670.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1178-1 vom 2025-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020674.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1176-1 vom 2025-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020671.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1180-1 vom 2025-04-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/DGJ23MSZWYIA7MJ47RNVV6T27Z324VKA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1183-1 vom 2025-04-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020678.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1195-1 vom 2025-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020680.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1194-1 vom 2025-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020681.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5900 vom 2025-04-12",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00062.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1241-1 vom 2025-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020694.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1263-1 vom 2025-04-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/Q4U3LRNKLFTX56NC6NKHFDU35E5WDD75/"
},
{
"category": "external",
"summary": "Container-Optimized OS release notes vom 2025-04-16",
"url": "https://cloud.google.com/container-optimized-os/docs/release-notes#April_14_2025"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1293-1 vom 2025-04-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020712.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2826 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2826.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-218 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-218.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-220 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-220.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2025-088 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2025-088.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-215 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-215.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-219 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-219.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-214 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-214.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-211 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-211.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-212 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-212.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-213 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-213.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-217 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-217.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-216 vom 2025-04-16",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-216.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-1970 vom 2025-04-17",
"url": "https://alas.aws.amazon.com/ALAS-2025-1970.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7445-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7445-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7452-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7452-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7449-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7449-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7451-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7451-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7448-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7448-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7450-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7450-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7453-1 vom 2025-04-23",
"url": "https://ubuntu.com/security/notices/USN-7453-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7455-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7455-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7455-2 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7455-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7459-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7459-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7460-1 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7460-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7449-2 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7449-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7455-3 vom 2025-04-24",
"url": "https://ubuntu.com/security/notices/USN-7455-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7455-4 vom 2025-04-25",
"url": "https://ubuntu.com/security/notices/USN-7455-4"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7231915 vom 2025-04-26",
"url": "https://www.ibm.com/support/pages/node/7231915"
},
{
"category": "external",
"summary": "PoC CVE-2025-21756 vom 2025-04-28",
"url": "https://github.com/hoefler02/CVE-2025-21756"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7459-2 vom 2025-04-28",
"url": "https://ubuntu.com/security/notices/USN-7459-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7468-1 vom 2025-04-28",
"url": "https://ubuntu.com/security/notices/USN-7468-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7455-5 vom 2025-04-29",
"url": "https://ubuntu.com/security/notices/USN-7455-5"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-225 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-225.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-228 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-228.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-227 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-227.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-226 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-226.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASLIVEPATCH-2025-224 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASLIVEPATCH-2025-224.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2025-100 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2025-100.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.10-2025-090 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.10-2025-090.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.15-2025-070 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.15-2025-070.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASKERNEL-5.4-2025-098 vom 2025-04-29",
"url": "https://alas.aws.amazon.com/AL2/ALASKERNEL-5.4-2025-098.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7475-1 vom 2025-05-02",
"url": "https://ubuntu.com/security/notices/USN-7475-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7423 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:7423"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7652 vom 2025-05-15",
"url": "https://access.redhat.com/errata/RHSA-2025:7652"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7682 vom 2025-05-16",
"url": "https://access.redhat.com/errata/RHSA-2025:7682"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7676 vom 2025-05-15",
"url": "https://access.redhat.com/errata/RHSA-2025:7676"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7683 vom 2025-05-16",
"url": "https://access.redhat.com/errata/RHSA-2025:7683"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1574-1 vom 2025-05-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020835.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7510-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7903 vom 2025-05-19",
"url": "https://access.redhat.com/errata/RHSA-2025:7903"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7516-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7897 vom 2025-05-19",
"url": "https://access.redhat.com/errata/RHSA-2025:7897"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7901 vom 2025-05-19",
"url": "https://access.redhat.com/errata/RHSA-2025:7901"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1573-1 vom 2025-05-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020836.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7896 vom 2025-05-19",
"url": "https://access.redhat.com/errata/RHSA-2025:7896"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7902 vom 2025-05-19",
"url": "https://access.redhat.com/errata/RHSA-2025:7902"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7511-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7511-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-2 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7511-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7512-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7512-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-2 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7510-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7517-1 vom 2025-05-16",
"url": "https://ubuntu.com/security/notices/USN-7517-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7518-1 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7518-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-3 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7516-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01600-1 vom 2025-05-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020854.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-3 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7510-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7523-1 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7523-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8057 vom 2025-05-21",
"url": "https://access.redhat.com/errata/RHSA-2025:8057"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8056 vom 2025-05-21",
"url": "https://access.redhat.com/errata/RHSA-2025:8056"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-4 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7510-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7511-3 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7511-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-5 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7510-5"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7521-1 vom 2025-05-20",
"url": "https://ubuntu.com/security/notices/USN-7521-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8058 vom 2025-05-21",
"url": "https://access.redhat.com/errata/RHSA-2025:8058"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01614-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020870.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01620-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020867.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01627-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020866.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-4 vom 2025-05-21",
"url": "https://ubuntu.com/security/notices/USN-7516-4"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8056 vom 2025-05-22",
"url": "https://linux.oracle.com/errata/ELSA-2025-8056.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01633-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020864.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7517-2 vom 2025-05-21",
"url": "https://ubuntu.com/security/notices/USN-7517-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01640-1 vom 2025-05-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020861.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7521-2 vom 2025-05-22",
"url": "https://ubuntu.com/security/notices/USN-7521-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-5 vom 2025-05-23",
"url": "https://ubuntu.com/security/notices/USN-7516-5"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7423 vom 2025-05-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-7423.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7903 vom 2025-05-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-7903.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8137 vom 2025-05-26",
"url": "https://access.redhat.com/errata/RHSA-2025:8137"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-6 vom 2025-05-26",
"url": "https://ubuntu.com/security/notices/USN-7516-6"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4178 vom 2025-05-26",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01707-1 vom 2025-05-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020902.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7517-3 vom 2025-05-26",
"url": "https://ubuntu.com/security/notices/USN-7517-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7524-1 vom 2025-05-26",
"url": "https://ubuntu.com/security/notices/USN-7524-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-6 vom 2025-05-27",
"url": "https://ubuntu.com/security/notices/USN-7510-6"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8248 vom 2025-05-28",
"url": "https://access.redhat.com/errata/RHSA-2025:8248"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7539-1 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7539-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-7 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7510-7"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7540-1 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7540-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7521-3 vom 2025-05-28",
"url": "https://ubuntu.com/security/notices/USN-7521-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7510-8 vom 2025-05-29",
"url": "https://ubuntu.com/security/notices/USN-7510-8"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-7 vom 2025-05-29",
"url": "https://ubuntu.com/security/notices/USN-7516-7"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4193 vom 2025-05-30",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00045.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20343-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020965.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-9 vom 2025-05-29",
"url": "https://ubuntu.com/security/notices/USN-7516-9"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20344-1 vom 2025-05-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-May/020964.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7516-8 vom 2025-05-29",
"url": "https://ubuntu.com/security/notices/USN-7516-8"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2865 vom 2025-05-29",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2865.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-213 vom 2025-05-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000326299/dsa-2025-213-security-update-for-dell-avamar-dell-networker-virtual-edition-nve-and-dell-powerprotect-dp-series-appliance-dell-integrated-data-protection-appliance-idpa-multiple-third-party-vulnerabilities"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8345 vom 2025-06-02",
"url": "https://access.redhat.com/errata/RHSA-2025:8345"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8347 vom 2025-06-02",
"url": "https://access.redhat.com/errata/RHSA-2025:8347"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8346 vom 2025-06-02",
"url": "https://access.redhat.com/errata/RHSA-2025:8346"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8342 vom 2025-06-02",
"url": "https://access.redhat.com/errata/RHSA-2025:8342"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8344 vom 2025-06-02",
"url": "https://access.redhat.com/errata/RHSA-2025:8344"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8333 vom 2025-06-02",
"url": "https://access.redhat.com/errata/RHSA-2025:8333"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8343 vom 2025-06-02",
"url": "https://access.redhat.com/errata/RHSA-2025:8343"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8348 vom 2025-06-02",
"url": "https://access.redhat.com/errata/RHSA-2025:8348"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20355-1 vom 2025-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021015.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20354-1 vom 2025-06-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021016.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8333 vom 2025-06-03",
"url": "https://linux.oracle.com/errata/ELSA-2025-8333.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20283-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021049.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20260-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021058.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20270-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021056.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20192-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021150.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20206-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021137.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20190-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021154.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01844-1 vom 2025-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021438.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01843-1 vom 2025-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021432.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01839-1 vom 2025-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021433.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01840-1 vom 2025-06-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021434.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-1983 vom 2025-06-10",
"url": "https://alas.aws.amazon.com/ALAS-2025-1983.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01849-1 vom 2025-06-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021443.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01853-1 vom 2025-06-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021441.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01851-1 vom 2025-06-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021442.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01869-1 vom 2025-06-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021449.html"
},
{
"category": "external",
"summary": "Siemens Security Advisory SSA-082556 vom 2025-06-10",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01868-1 vom 2025-06-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021447.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01875-1 vom 2025-06-11",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MS3XXVHXB3HEZP3HNHCCJLMN3IGQ7UNZ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01873-1 vom 2025-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021451.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01892-1 vom 2025-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021465.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01901-1 vom 2025-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021471.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01893-1 vom 2025-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021468.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01894-1 vom 2025-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021467.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01899-1 vom 2025-06-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021466.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01919-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021477.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01908-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021473.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01907-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021474.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01906-1 vom 2025-06-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/555WAYKDPARZFWYJBA7IPHKL7OLUGFCD/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01927-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021493.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20381-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021488.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01929-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021498.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01930-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021497.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20387-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021482.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01928-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021499.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20388-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021481.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01922-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021479.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20386-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021483.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20382-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021487.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20383-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021486.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20389-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021480.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20384-1 vom 2025-06-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021485.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01935-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021500.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01932-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021501.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01950-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021510.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01944-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021505.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01958-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021516.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01957-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021517.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01948-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021512.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01949-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021511.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01951-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021509.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01956-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021518.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20402-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021520.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20401-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021521.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20400-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021522.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20399-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021523.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20398-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021524.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20397-1 vom 2025-06-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021525.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9079 vom 2025-06-16",
"url": "https://access.redhat.com/errata/RHSA-2025:9079"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01967-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021533.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01964-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021531.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01965-1 vom 2025-06-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021535.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01972-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021537.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:01983-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021538.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20408-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021550.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20413-1 vom 2025-06-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021547.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02000-1 vom 2025-06-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021568.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20421-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021590.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20419-1 vom 2025-06-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021591.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7593-1 vom 2025-06-24",
"url": "https://ubuntu.com/security/notices/USN-7593-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9497 vom 2025-06-24",
"url": "https://access.redhat.com/errata/RHSA-2025:9497"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9492 vom 2025-06-24",
"url": "https://access.redhat.com/errata/RHSA-2025:9492"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9493 vom 2025-06-24",
"url": "https://access.redhat.com/errata/RHSA-2025:9493"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9494 vom 2025-06-24",
"url": "https://access.redhat.com/errata/RHSA-2025:9494"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9490 vom 2025-06-24",
"url": "https://access.redhat.com/errata/RHSA-2025:9490"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9498 vom 2025-06-24",
"url": "https://access.redhat.com/errata/RHSA-2025:9498"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9491 vom 2025-06-24",
"url": "https://access.redhat.com/errata/RHSA-2025:9491"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9581 vom 2025-06-25",
"url": "https://access.redhat.com/errata/RHSA-2025:9581"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9580 vom 2025-06-25",
"url": "https://access.redhat.com/errata/RHSA-2025:9580"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9584 vom 2025-06-25",
"url": "https://access.redhat.com/errata/RHSA-2025:9584"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9580 vom 2025-06-26",
"url": "https://linux.oracle.com/errata/ELSA-2025-9580.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7602-1 vom 2025-06-26",
"url": "https://ubuntu.com/security/notices/USN-7602-1"
},
{
"category": "external",
"summary": "SEM 2025.2.1 release notes vom 2025-07-02",
"url": "https://documentation.solarwinds.com/en/success_center/sem/content/release_notes/sem_2025-2-1_release_notes.htm"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10211 vom 2025-07-02",
"url": "https://access.redhat.com/errata/RHSA-2025:10211"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-9079 vom 2025-07-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-9079.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-8137 vom 2025-07-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-8137.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10371 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10371"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10379 vom 2025-07-07",
"url": "https://access.redhat.com/errata/RHSA-2025:10379"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10371 vom 2025-07-08",
"url": "https://linux.oracle.com/errata/ELSA-2025-10371.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20406 vom 2025-07-08",
"url": "https://linux.oracle.com/errata/ELSA-2025-20406.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02249-1 vom 2025-07-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021766.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10379 vom 2025-07-08",
"url": "https://linux.oracle.com/errata/ELSA-2025-10379.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02254-1 vom 2025-07-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021770.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02264-1 vom 2025-07-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021785.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2025-082 vom 2025-07-10",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2025-082.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10830 vom 2025-07-14",
"url": "https://access.redhat.com/errata/RHSA-2025:10830"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10829 vom 2025-07-14",
"url": "https://access.redhat.com/errata/RHSA-2025:10829"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02307-1 vom 2025-07-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021804.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02321-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021811.html"
},
{
"category": "external",
"summary": "RedHat Security Advisory",
"url": "https://access.redhat.com/errata/RHSA-2025:11299"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02322-1 vom 2025-07-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021810.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11298 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:11298"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11245 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:11245"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20470 vom 2025-07-16",
"url": "https://linux.oracle.com/errata/ELSA-2025-20470.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02335-1 vom 2025-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021828.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02333-1 vom 2025-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021830.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11298 vom 2025-07-17",
"url": "https://linux.oracle.com/errata/ELSA-2025-11298.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02334-1 vom 2025-07-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021829.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7640-1 vom 2025-07-16",
"url": "https://ubuntu.com/security/notices/USN-7640-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7653-1 vom 2025-07-17",
"url": "https://ubuntu.com/security/notices/USN-7653-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7652-1 vom 2025-07-17",
"url": "https://ubuntu.com/security/notices/USN-7652-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-1 vom 2025-07-17",
"url": "https://ubuntu.com/security/notices/USN-7651-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-1 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7654-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-2 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7654-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-3 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7654-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7655-1 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7655-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-2 vom 2025-07-18",
"url": "https://ubuntu.com/security/notices/USN-7651-2"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20480 vom 2025-07-18",
"url": "https://linux.oracle.com/errata/ELSA-2025-20480.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11411 vom 2025-07-21",
"url": "https://access.redhat.com/errata/RHSA-2025:11411"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02387-1 vom 2025-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021861.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02385-1 vom 2025-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021862.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02388-1 vom 2025-07-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021860.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02390-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021881.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02402-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021875.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02412-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021866.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02405-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021868.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02410-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/T7JYI4RKW2E7EB4ZJ6UB45TTF2H6PEYR/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11428 vom 2025-07-21",
"url": "https://access.redhat.com/errata/RHSA-2025:11428"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02399-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/76DMKQMABVDV4KDJA6FQ7PDOF7RSG4ZQ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02400-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZFZK6V3WCARPDN2N3X7GFGJTK7UFSP6T/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02413-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021865.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02401-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/C2CTS27REDRGOT26DT2AKNCWHEMLXFPV/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02389-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021882.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02398-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/OZIQSMDCERQHP4JSQ3YSIO5TMBD637EV/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02393-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/536XR3DQAUU4EJXWQKQRE6QHNW7W4M5C/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02411-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DEKG43SVEEUNQXJBCRXWGSWJ6NQ36NUC/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02392-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021879.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02394-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021878.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02396-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021876.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02391-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021880.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02403-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BXLF63OLKSA5LWF3BYMVRASA55GHVYJY/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02433-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021883.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02420-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021886.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02428-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021889.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02418-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021888.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02451-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/22P3K2RHZ424E6JGDSKSXUABXRESY6GY/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02416-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021890.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02415-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021891.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02446-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GYAKCPI3CQKIWHWVXLDBJMK5CDOB5VRS/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02436-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JOC4XFCSYMATM6FYIQWRDFK5AQF4P2LT/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02434-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HM6XIBRQQ4DT55UN4XNTKFRWGXRY73A5/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11411 vom 2025-07-22",
"url": "https://linux.oracle.com/errata/ELSA-2025-11411.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02454-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7NNLH3GVII5RPJKDTSNRRAF2IHEZBWAO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02444-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KAPR5ITSSKHG4EAWNWSLSEMDSVTCH3CA/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02438-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/C4GMDP2SNO4HPRFRHQVRBAS7WAZ5PYIZ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02449-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NOIECZ42HAJGKZ7TVGI4LLLNAG27ZF7L/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20483-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021917.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02442-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7BWN4GTGQU33LC3C2LNMXQT72KBQAYTF/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20475-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021919.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02422-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021884.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02421-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021885.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02419-1 vom 2025-07-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021887.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02445-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WYJ3O67PBJST6GKMJJXDEBLGGDV5KJKJ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02440-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ON72ZMOEO6E3K3KZFRVFHX5LUYA6RAXJ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02437-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CCEZBA2U7C5F2MCQC3AIBIKAHNQBPFOI/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02455-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/H2GXZ2EL5OVKMNFWDPFV7NT367YYOFZO/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-3 vom 2025-07-22",
"url": "https://ubuntu.com/security/notices/USN-7651-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02459-1 vom 2025-07-22",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/CNBGONL5CBCKJ2ZQN6XVJFDFNJMHMLDW/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-4 vom 2025-07-22",
"url": "https://ubuntu.com/security/notices/USN-7654-4"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11428 vom 2025-07-23",
"url": "https://linux.oracle.com/errata/ELSA-2025-11428.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-4 vom 2025-07-22",
"url": "https://ubuntu.com/security/notices/USN-7651-4"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02468-1 vom 2025-07-22",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/H7LXLV4ZFW2U2LQ7EL4MR5BCEPMCAILY/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-5 vom 2025-07-24",
"url": "https://ubuntu.com/security/notices/USN-7651-5"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02507-1 vom 2025-07-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021949.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7651-6 vom 2025-07-24",
"url": "https://ubuntu.com/security/notices/USN-7651-6"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20493-1 vom 2025-07-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021967.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20498-1 vom 2025-07-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021965.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11861 vom 2025-07-28",
"url": "https://access.redhat.com/errata/RHSA-2025:11861"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02537-1 vom 2025-07-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021978.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02538-1 vom 2025-07-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021981.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7654-5 vom 2025-07-29",
"url": "https://ubuntu.com/security/notices/USN-7654-5"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-11861 vom 2025-07-30",
"url": "https://linux.oracle.com/errata/ELSA-2025-11861.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12209 vom 2025-07-29",
"url": "https://access.redhat.com/errata/RHSA-2025:12209"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12311 vom 2025-07-30",
"url": "https://access.redhat.com/errata/RHSA-2025:12311"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12525 vom 2025-08-04",
"url": "https://access.redhat.com/errata/RHSA-2025:12525"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20526-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022026.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20527-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022025.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20518-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022033.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20520-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022031.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20528-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022024.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20525-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022027.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12662 vom 2025-08-04",
"url": "https://access.redhat.com/errata/RHSA-2025:12662"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20517-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022034.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20519-1 vom 2025-08-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022032.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12746 vom 2025-08-04",
"url": "https://access.redhat.com/errata/RHSA-2025:12746"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2025-098 vom 2025-08-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2025-098.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:12526 vom 2025-08-05",
"url": "https://access.redhat.com/errata/RHSA-2025:12526"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13061 vom 2025-08-05",
"url": "https://access.redhat.com/errata/RHSA-2025:13061"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13135 vom 2025-08-06",
"url": "https://access.redhat.com/errata/RHSA-2025:13135"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20545-1 vom 2025-08-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022099.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20541-1 vom 2025-08-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022103.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20540-1 vom 2025-08-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022104.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13120 vom 2025-08-06",
"url": "https://access.redhat.com/errata/RHSA-2025:13120"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20542-1 vom 2025-08-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022102.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20546-1 vom 2025-08-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022098.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13029 vom 2025-08-05",
"url": "https://access.redhat.com/errata/RHSA-2025:13029"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7686-1 vom 2025-08-05",
"url": "https://ubuntu.com/security/notices/USN-7686-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20544-1 vom 2025-08-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022100.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13030 vom 2025-08-05",
"url": "https://access.redhat.com/errata/RHSA-2025:13030"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-12746 vom 2025-08-06",
"url": "https://linux.oracle.com/errata/ELSA-2025-12746.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241589 vom 2025-08-06",
"url": "https://www.ibm.com/support/pages/node/7241589"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13590 vom 2025-08-11",
"url": "https://access.redhat.com/errata/RHSA-2025:13590"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13589 vom 2025-08-11",
"url": "https://access.redhat.com/errata/RHSA-2025:13589"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20520 vom 2025-08-11",
"url": "https://linux.oracle.com/errata/ELSA-2025-20520.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-12662 vom 2025-08-11",
"url": "https://linux.oracle.com/errata/ELSA-2025-12662.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13633 vom 2025-08-11",
"url": "https://access.redhat.com/errata/RHSA-2025:13633"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-13589 vom 2025-08-12",
"url": "https://linux.oracle.com/errata/ELSA-2025-13589.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13776 vom 2025-08-13",
"url": "https://access.redhat.com/errata/RHSA-2025:13776"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13781 vom 2025-08-13",
"url": "https://access.redhat.com/errata/RHSA-2025:13781"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14054 vom 2025-08-19",
"url": "https://access.redhat.com/errata/RHSA-2025:14054"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02846-1 vom 2025-08-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022192.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14094 vom 2025-08-19",
"url": "https://access.redhat.com/errata/RHSA-2025:14094"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7703-1 vom 2025-08-20",
"url": "https://ubuntu.com/security/notices/USN-7703-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14136 vom 2025-08-20",
"url": "https://access.redhat.com/errata/RHSA-2025:14136"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02923-1 vom 2025-08-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022237.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7703-2 vom 2025-08-20",
"url": "https://ubuntu.com/security/notices/USN-7703-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7703-3 vom 2025-08-21",
"url": "https://ubuntu.com/security/notices/USN-7703-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7712-1 vom 2025-08-22",
"url": "https://ubuntu.com/security/notices/USN-7712-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7711-1 vom 2025-08-22",
"url": "https://ubuntu.com/security/notices/USN-7711-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7719-1 vom 2025-08-26",
"url": "https://ubuntu.com/security/notices/USN-7719-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14748 vom 2025-08-27",
"url": "https://access.redhat.com/errata/RHSA-2025:14748"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14746 vom 2025-08-27",
"url": "https://access.redhat.com/errata/RHSA-2025:14746"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7703-4 vom 2025-08-28",
"url": "https://ubuntu.com/security/notices/USN-7703-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7727-1 vom 2025-08-29",
"url": "https://ubuntu.com/security/notices/USN-7727-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7727-2 vom 2025-08-29",
"url": "https://ubuntu.com/security/notices/USN-7727-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7726-3 vom 2025-08-29",
"url": "https://ubuntu.com/security/notices/USN-7726-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7726-2 vom 2025-08-29",
"url": "https://ubuntu.com/security/notices/USN-7726-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7726-1 vom 2025-08-29",
"url": "https://ubuntu.com/security/notices/USN-7726-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7725-1 vom 2025-08-29",
"url": "https://ubuntu.com/security/notices/USN-7725-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7725-2 vom 2025-08-29",
"url": "https://ubuntu.com/security/notices/USN-7725-2"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:14985 vom 2025-09-02",
"url": "https://access.redhat.com/errata/RHSA-2025:14985"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15035 vom 2025-09-02",
"url": "https://access.redhat.com/errata/RHSA-2025:15035"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7712-2 vom 2025-09-02",
"url": "https://ubuntu.com/security/notices/USN-7712-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7725-3 vom 2025-09-02",
"url": "https://ubuntu.com/security/notices/USN-7725-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7726-4 vom 2025-09-02",
"url": "https://ubuntu.com/security/notices/USN-7726-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7727-3 vom 2025-09-02",
"url": "https://ubuntu.com/security/notices/USN-7727-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7737-1 vom 2025-09-03",
"url": "https://ubuntu.com/security/notices/USN-7737-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20551 vom 2025-09-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-20551.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:13590 vom 2025-09-08",
"url": "https://errata.build.resf.org/RLSA-2025:13590"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20553 vom 2025-09-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-20553.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15656 vom 2025-09-10",
"url": "https://access.redhat.com/errata/RHSA-2025:15656"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:15660 vom 2025-09-11",
"url": "https://access.redhat.com/errata/RHSA-2025:15660"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7754-2 vom 2025-09-17",
"url": "https://ubuntu.com/security/notices/USN-7754-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7754-1 vom 2025-09-17",
"url": "https://ubuntu.com/security/notices/USN-7754-1"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.4-2025-109 vom 2025-09-16",
"url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.4-2025-109.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7755-2 vom 2025-09-17",
"url": "https://ubuntu.com/security/notices/USN-7755-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7755-1 vom 2025-09-17",
"url": "https://ubuntu.com/security/notices/USN-7755-1"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-14987 vom 2025-09-18",
"url": "https://linux.oracle.com/errata/ELSA-2025-14987.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-14748 vom 2025-09-18",
"url": "https://linux.oracle.com/errata/ELSA-2025-14748.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7726-5 vom 2025-09-18",
"url": "https://ubuntu.com/security/notices/USN-7726-5"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6008 vom 2025-09-23",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00172.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7755-3 vom 2025-09-24",
"url": "https://ubuntu.com/security/notices/USN-7755-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03315-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022621.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03317-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022619.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03343-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022628.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03341-1 vom 2025-09-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022629.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7776-1 vom 2025-09-25",
"url": "https://ubuntu.com/security/notices/USN-7776-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7779-1 vom 2025-09-25",
"url": "https://ubuntu.com/security/notices/USN-7779-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20727-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022691.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20737-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022718.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20787-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022660.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03370-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022642.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20785-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022655.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03374-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022694.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20769-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022673.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03375-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022693.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20738-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022697.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03381-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022722.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20726-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022692.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20728-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022690.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20768-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022674.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20722-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022683.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20784-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022713.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20770-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022672.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20723-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022689.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20725-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022681.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20786-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022654.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20724-1 vom 2025-09-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022682.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03397-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022736.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03391-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022743.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03408-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022734.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03395-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022739.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03400-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022737.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03393-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022740.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03387-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022742.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03406-1 vom 2025-09-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022732.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:17124 vom 2025-10-01",
"url": "https://access.redhat.com/errata/RHSA-2025:17124"
},
{
"category": "external",
"summary": "Dell Security Update vom 2025-10-02",
"url": "https://www.dell.com/support/kbdoc/000376224"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7795-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7797-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7797-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7796-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7796-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7796-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7802-1 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7802-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7797-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7797-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7796-3 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7796-3"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-2 vom 2025-10-02",
"url": "https://ubuntu.com/security/notices/USN-7795-2"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03468-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022783.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03472-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022780.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03476-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022777.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03475-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022778.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03469-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022782.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03465-1 vom 2025-10-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022774.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7809-1 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7809-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03482-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022788.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7795-3 vom 2025-10-08",
"url": "https://ubuntu.com/security/notices/USN-7795-3"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03496-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022795.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03494-1 vom 2025-10-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022794.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03504-1 vom 2025-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SECAEAK6WEIFWFKCJTBA2HF5JSEVDUS4/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03503-1 vom 2025-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JUWAQTIC7XPSFOY6GTF6ZLAS2JNMHEKU/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03514-1 vom 2025-10-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XAWB2PO5O6CBDV27R7BVVXL54MXG5ST5/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03529-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022817.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03528-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022818.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03539-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022824.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03538-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022825.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03571-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022839.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03541-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XKOOHT7ZFB34FTK3MBV76ZBHNFB6V36H/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03554-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TH3AMQOQLP3DYM2S52DBRVQOATOXEZ4A/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03555-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QIU2ENCHZ6TGXFRZ6RCIDKC37OKELKRV/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03566-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022843.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03569-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022840.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03577-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022835.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03563-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EC4PXMLKKMVMYAUI5S3O2XUOAVVXC2CO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03559-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BPHXJO5EMVRKXZC5ZXKEJXDYNB4RJTVU/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03543-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MC656OYGPRT7D2WOKGTVHYQVKRPDOF2M/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03580-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/S6S2ABU6DFOD2DPFHPKIDP3QVGRAYOKO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03578-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JE73VH4T37L5F3VWVHXRSVC6UFH7VY2G/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03548-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SOZC4LP2VEWOVXCP5X7JSFTFZEWXQE6H/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03553-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DVXXSG7PIJG7HTJMMXDXUMVAAMRTWXFG/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03557-1 vom 2025-10-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022848.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4327 vom 2025-10-13",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7796-4 vom 2025-10-13",
"url": "https://ubuntu.com/security/notices/USN-7796-4"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7820-1 vom 2025-10-13",
"url": "https://ubuntu.com/security/notices/USN-7820-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7819-1 vom 2025-10-13",
"url": "https://ubuntu.com/security/notices/USN-7819-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20806-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022878.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20807-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022877.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20808-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022876.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20813-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022871.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20814-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022870.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20819-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022865.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20827-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022898.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20840-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022885.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20841-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022884.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20826-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022899.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20833-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022892.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20835-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022890.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20832-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022893.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20834-1 vom 2025-10-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022891.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-17161 vom 2025-10-21",
"url": "https://linux.oracle.com/errata/ELSA-2025-17161.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7832-1 vom 2025-10-21",
"url": "https://ubuntu.com/security/notices/USN-7832-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7819-2 vom 2025-10-22",
"url": "https://ubuntu.com/security/notices/USN-7819-2"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249042 vom 2025-10-23",
"url": "https://www.ibm.com/support/pages/node/7249042"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-23T22:00:00.000+00:00",
"generator": {
"date": "2025-10-24T08:34:26.401+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-0453",
"initial_release_date": "2025-02-26T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-02-26T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-03-09T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-10T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-03-11T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-12T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-13T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-19T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2025-03-23T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-03-24T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-25T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-26T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Oracle Linux, Red Hat und SUSE aufgenommen"
},
{
"date": "2025-03-31T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-04-01T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-08T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-10T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-13T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-04-14T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-15T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-16T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-21T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-22T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-23T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-24T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-04-27T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-04-28T22:00:00.000+00:00",
"number": "26",
"summary": "PoC f\u00fcr CVE-2025-21756 aufgenommen"
},
{
"date": "2025-04-29T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-05-01T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-13T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-14T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-15T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-18T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE, Ubuntu und Red Hat aufgenommen"
},
{
"date": "2025-05-19T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Ubuntu, SUSE und Red Hat aufgenommen"
},
{
"date": "2025-05-21T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von SUSE, Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2025-05-22T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Ubuntu und Oracle Linux aufgenommen"
},
{
"date": "2025-05-25T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-26T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von Ubuntu, Debian und SUSE aufgenommen"
},
{
"date": "2025-05-27T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2025-05-29T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Ubuntu, Debian, SUSE und Amazon aufgenommen"
},
{
"date": "2025-06-01T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-06-09T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von SUSE und Amazon aufgenommen"
},
{
"date": "2025-06-10T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von SUSE und Siemens aufgenommen"
},
{
"date": "2025-06-11T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-12T22:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-15T22:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-16T22:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-17T22:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-19T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-23T22:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2025-06-24T22:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-25T22:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-01T22:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-07-03T22:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-06T22:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-07T22:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-07-08T22:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2025-07-10T22:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von SUSE und Amazon aufgenommen"
},
{
"date": "2025-07-13T22:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-14T22:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-07-17T22:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-20T22:00:00.000+00:00",
"number": "67",
"summary": "Neue Updates von Oracle Linux, Red Hat und SUSE aufgenommen"
},
{
"date": "2025-07-21T22:00:00.000+00:00",
"number": "68",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-07-22T22:00:00.000+00:00",
"number": "69",
"summary": "Neue Updates von Oracle Linux, Ubuntu und SUSE aufgenommen"
},
{
"date": "2025-07-23T22:00:00.000+00:00",
"number": "70",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-24T22:00:00.000+00:00",
"number": "71",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-27T22:00:00.000+00:00",
"number": "72",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-28T22:00:00.000+00:00",
"number": "73",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-07-29T22:00:00.000+00:00",
"number": "74",
"summary": "Neue Updates von Ubuntu, Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-07-30T22:00:00.000+00:00",
"number": "75",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "76",
"summary": "Referenz(en) aufgenommen:"
},
{
"date": "2025-08-03T22:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von Red Hat und Amazon aufgenommen"
},
{
"date": "2025-08-05T22:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von Red Hat, SUSE und Ubuntu aufgenommen"
},
{
"date": "2025-08-06T22:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von Oracle Linux und IBM aufgenommen"
},
{
"date": "2025-08-10T22:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-11T22:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-08-12T22:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-18T22:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
},
{
"date": "2025-08-20T22:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-08-21T22:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-08-24T22:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-08-26T22:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-08-27T22:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-08-28T22:00:00.000+00:00",
"number": "91",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-01T22:00:00.000+00:00",
"number": "92",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-02T22:00:00.000+00:00",
"number": "93",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-03T22:00:00.000+00:00",
"number": "94",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-08T22:00:00.000+00:00",
"number": "95",
"summary": "Neue Updates von Oracle Linux und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-09-09T22:00:00.000+00:00",
"number": "96",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-09-10T22:00:00.000+00:00",
"number": "97",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-09-16T22:00:00.000+00:00",
"number": "98",
"summary": "Neue Updates von Ubuntu und Amazon aufgenommen"
},
{
"date": "2025-09-17T22:00:00.000+00:00",
"number": "99",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-18T22:00:00.000+00:00",
"number": "100",
"summary": "Neue Updates von Oracle Linux und Ubuntu aufgenommen"
},
{
"date": "2025-09-22T22:00:00.000+00:00",
"number": "101",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-09-23T22:00:00.000+00:00",
"number": "102",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-24T22:00:00.000+00:00",
"number": "103",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-25T22:00:00.000+00:00",
"number": "104",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-09-28T22:00:00.000+00:00",
"number": "105",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-30T22:00:00.000+00:00",
"number": "106",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "107",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-10-05T22:00:00.000+00:00",
"number": "108",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-07T22:00:00.000+00:00",
"number": "109",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-08T22:00:00.000+00:00",
"number": "110",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-09T22:00:00.000+00:00",
"number": "111",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "112",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-13T22:00:00.000+00:00",
"number": "113",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-14T22:00:00.000+00:00",
"number": "114",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-20T22:00:00.000+00:00",
"number": "115",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "116",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "117",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "117"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Avamar",
"product": {
"name": "Dell Avamar",
"product_id": "T039664",
"product_identification_helper": {
"cpe": "cpe:/a:dell:avamar:-"
}
}
},
{
"category": "product_name",
"name": "Dell NetWorker",
"product": {
"name": "Dell NetWorker",
"product_id": "T034583",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.4.0.0",
"product_id": "T045879"
}
},
{
"category": "product_version",
"name": "8.4.0.0",
"product": {
"name": "Dell PowerProtect Data Domain 8.4.0.0",
"product_id": "T045879-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.4.0.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.10.1.70",
"product_id": "T045881"
}
},
{
"category": "product_version",
"name": "7.10.1.70",
"product": {
"name": "Dell PowerProtect Data Domain 7.10.1.70",
"product_id": "T045881-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.10.1.70"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain \u003c7.13.1.40",
"product_id": "T047343"
}
},
{
"category": "product_version",
"name": "7.13.1.40",
"product": {
"name": "Dell PowerProtect Data Domain 7.13.1.40",
"product_id": "T047343-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:7.13.1.40"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain \u003c8.3.1.10",
"product_id": "T047344"
}
},
{
"category": "product_version",
"name": "8.3.1.10",
"product": {
"name": "Dell PowerProtect Data Domain 8.3.1.10",
"product_id": "T047344-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:powerprotect_data_domain:8.3.1.10"
}
}
}
],
"category": "product_name",
"name": "PowerProtect Data Domain"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Google Container-Optimized OS",
"product": {
"name": "Google Container-Optimized OS",
"product_id": "1607324",
"product_identification_helper": {
"cpe": "cpe:/o:google:container-optimized_os:-"
}
}
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.5.0.19",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.19",
"product_id": "T047864"
}
},
{
"category": "product_version",
"name": "10.5.0.19",
"product": {
"name": "IBM DataPower Gateway 10.5.0.19",
"product_id": "T047864-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.19"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.0.7",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.0.7",
"product_id": "T047866"
}
},
{
"category": "product_version",
"name": "10.6.0.7",
"product": {
"name": "IBM DataPower Gateway 10.6.0.7",
"product_id": "T047866-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.7"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP11 IF04",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP11 IF04",
"product_id": "T043169"
}
},
{
"category": "product_version",
"name": "7.5.0 UP11 IF04",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP11 IF04",
"product_id": "T043169-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up11_if04"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP13",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP13",
"product_id": "T045828"
}
},
{
"category": "product_version",
"name": "7.5.0 UP13",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP13",
"product_id": "T045828-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up13"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T046484",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.49",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.49",
"product_id": "T042010"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.49",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.49",
"product_id": "T042010-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.49"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "1500 CPU",
"product": {
"name": "Siemens SIMATIC S7 1500 CPU",
"product_id": "T025776",
"product_identification_helper": {
"cpe": "cpe:/h:siemens:simatic_s7:1500_cpu"
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7"
}
],
"category": "vendor",
"name": "Siemens"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.2.1",
"product": {
"name": "SolarWinds Security Event Manager \u003c2025.2.1",
"product_id": "T044986"
}
},
{
"category": "product_version",
"name": "2025.2.1",
"product": {
"name": "SolarWinds Security Event Manager 2025.2.1",
"product_id": "T044986-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:solarwinds:security_event_manager:2025.2.1"
}
}
}
],
"category": "product_name",
"name": "Security Event Manager"
}
],
"category": "vendor",
"name": "SolarWinds"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-49732",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2022-49732"
},
{
"cve": "CVE-2024-49570",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-49570"
},
{
"cve": "CVE-2024-52557",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-52557"
},
{
"cve": "CVE-2024-52559",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-52560",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-52560"
},
{
"cve": "CVE-2024-54456",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-54456"
},
{
"cve": "CVE-2024-54458",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-54458"
},
{
"cve": "CVE-2024-57834",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57852",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57852"
},
{
"cve": "CVE-2024-57953",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57953"
},
{
"cve": "CVE-2024-57973",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57975",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57975"
},
{
"cve": "CVE-2024-57976",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57976"
},
{
"cve": "CVE-2024-57977",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57977"
},
{
"cve": "CVE-2024-57978",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57982",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57982"
},
{
"cve": "CVE-2024-57983",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57983"
},
{
"cve": "CVE-2024-57984",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57984"
},
{
"cve": "CVE-2024-57985",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57985"
},
{
"cve": "CVE-2024-57986",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57987",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57987"
},
{
"cve": "CVE-2024-57988",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57988"
},
{
"cve": "CVE-2024-57989",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57989"
},
{
"cve": "CVE-2024-57990",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57991",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57991"
},
{
"cve": "CVE-2024-57992",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57992"
},
{
"cve": "CVE-2024-57993",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57994",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57994"
},
{
"cve": "CVE-2024-57995",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57995"
},
{
"cve": "CVE-2024-57996",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57998",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57998"
},
{
"cve": "CVE-2024-57999",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58000",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58000"
},
{
"cve": "CVE-2024-58001",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58001"
},
{
"cve": "CVE-2024-58002",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58003",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58003"
},
{
"cve": "CVE-2024-58004",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58004"
},
{
"cve": "CVE-2024-58005",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58008",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58008"
},
{
"cve": "CVE-2024-58009",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58010",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58010"
},
{
"cve": "CVE-2024-58011",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58015",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58015"
},
{
"cve": "CVE-2024-58016",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58016"
},
{
"cve": "CVE-2024-58017",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58018",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58018"
},
{
"cve": "CVE-2024-58019",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58021",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2024-58021"
},
{
"cve": "CVE-2025-21705",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21705"
},
{
"cve": "CVE-2025-21706",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21707",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21707"
},
{
"cve": "CVE-2025-21708",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21709",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21709"
},
{
"cve": "CVE-2025-21710",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21710"
},
{
"cve": "CVE-2025-21711",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21712",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21712"
},
{
"cve": "CVE-2025-21713",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21713"
},
{
"cve": "CVE-2025-21714",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21715",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21715"
},
{
"cve": "CVE-2025-21716",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21716"
},
{
"cve": "CVE-2025-21717",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21717"
},
{
"cve": "CVE-2025-21718",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21719",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21720",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21720"
},
{
"cve": "CVE-2025-21721",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21721"
},
{
"cve": "CVE-2025-21722",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21722"
},
{
"cve": "CVE-2025-21723",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21724",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21725",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21725"
},
{
"cve": "CVE-2025-21726",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21729",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21729"
},
{
"cve": "CVE-2025-21730",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21730"
},
{
"cve": "CVE-2025-21731",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21737",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21737"
},
{
"cve": "CVE-2025-21738",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21740",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21740"
},
{
"cve": "CVE-2025-21741",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21746",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21746"
},
{
"cve": "CVE-2025-21747",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21747"
},
{
"cve": "CVE-2025-21748",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21748"
},
{
"cve": "CVE-2025-21749",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21751",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21751"
},
{
"cve": "CVE-2025-21752",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21752"
},
{
"cve": "CVE-2025-21753",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21755",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21755"
},
{
"cve": "CVE-2025-21756",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21757",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21757"
},
{
"cve": "CVE-2025-21758",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21759",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21768",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21768"
},
{
"cve": "CVE-2025-21769",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21769"
},
{
"cve": "CVE-2025-21770",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21770"
},
{
"cve": "CVE-2025-21771",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21771"
},
{
"cve": "CVE-2025-21772",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21774",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21774"
},
{
"cve": "CVE-2025-21775",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21777",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21777"
},
{
"cve": "CVE-2025-21778",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21778"
},
{
"cve": "CVE-2025-21779",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21783",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21783"
},
{
"cve": "CVE-2025-21784",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21786",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21786"
},
{
"cve": "CVE-2025-21787",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21788",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21788"
},
{
"cve": "CVE-2025-21789",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21789"
},
{
"cve": "CVE-2025-21790",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21790"
},
{
"cve": "CVE-2025-21791",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21792",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21792"
},
{
"cve": "CVE-2025-21793",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21795",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21797",
"product_status": {
"known_affected": [
"67646",
"T034583",
"T045828",
"T004914",
"T032255",
"T039664",
"T043169",
"T044986",
"T047866",
"2951",
"T002207",
"T045879",
"T000126",
"T046484",
"T047343",
"398363",
"T025776",
"1607324",
"T042010",
"T045881",
"T047864",
"T047344"
]
},
"release_date": "2025-02-26T23:00:00.000+00:00",
"title": "CVE-2025-21797"
}
]
}
WID-SEC-W-2025-1439
Vulnerability from csaf_certbund - Published: 2025-06-30 22:00 - Updated: 2025-09-23 22:00Summary
Dell Secure Connect Gateway: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Dell Secure Connect Gateway ist eine Softwarelösung, die als sicherer, zentralisierter Punkt für die Verwaltung des Fernzugriffs und des Supports für Hardware und Software von Dell Technologies dient.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Dell Secure Connect Gateway ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Dell Secure Connect Gateway ist eine Softwarel\u00f6sung, die als sicherer, zentralisierter Punkt f\u00fcr die Verwaltung des Fernzugriffs und des Supports f\u00fcr Hardware und Software von Dell Technologies dient.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Dell Secure Connect Gateway ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1439 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1439.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1439 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1439"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-260 vom 2025-06-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000337528/dsa-2025-260-dell-secure-connect-gateway-security-update-for-multiple-third-party-component-vulnerabilities"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03283-1 vom 2025-09-19",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022596.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03314-1 vom 2025-09-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022615.html"
}
],
"source_lang": "en-US",
"title": "Dell Secure Connect Gateway: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
"tracking": {
"current_release_date": "2025-09-23T22:00:00.000+00:00",
"generator": {
"date": "2025-09-24T05:21:15.583+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1439",
"initial_release_date": "2025-06-30T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-06-30T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-09-21T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-23T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.30.0.14",
"product": {
"name": "Dell Secure Connect Gateway \u003c5.30.0.14",
"product_id": "T044974"
}
},
{
"category": "product_version",
"name": "5.30.0.14",
"product": {
"name": "Dell Secure Connect Gateway 5.30.0.14",
"product_id": "T044974-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:secure_connect_gateway:5.30.0.14"
}
}
}
],
"category": "product_name",
"name": "Secure Connect Gateway"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-39028",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2022-39028"
},
{
"cve": "CVE-2023-4016",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-4016"
},
{
"cve": "CVE-2023-40403",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-40403"
},
{
"cve": "CVE-2023-46316",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-46316"
},
{
"cve": "CVE-2023-52426",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52426"
},
{
"cve": "CVE-2023-52831",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52831"
},
{
"cve": "CVE-2023-52924",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52924"
},
{
"cve": "CVE-2023-52925",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52925"
},
{
"cve": "CVE-2023-52926",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52926"
},
{
"cve": "CVE-2023-52927",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-10041",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-10041"
},
{
"cve": "CVE-2024-11168",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-11168"
},
{
"cve": "CVE-2024-12243",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-12243"
},
{
"cve": "CVE-2024-26634",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-26634"
},
{
"cve": "CVE-2024-26708",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-26708"
},
{
"cve": "CVE-2024-26810",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-26810"
},
{
"cve": "CVE-2024-26873",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-26873"
},
{
"cve": "CVE-2024-29018",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-29018"
},
{
"cve": "CVE-2024-35826",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-35826"
},
{
"cve": "CVE-2024-35910",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-38606",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-38606"
},
{
"cve": "CVE-2024-40635",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-40635"
},
{
"cve": "CVE-2024-40980",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-40980"
},
{
"cve": "CVE-2024-41005",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41055",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-41055"
},
{
"cve": "CVE-2024-41077",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-41077"
},
{
"cve": "CVE-2024-41149",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-41149"
},
{
"cve": "CVE-2024-42307",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-42307"
},
{
"cve": "CVE-2024-43790",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-43790"
},
{
"cve": "CVE-2024-43802",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-43802"
},
{
"cve": "CVE-2024-43820",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-43820"
},
{
"cve": "CVE-2024-44974",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-44974"
},
{
"cve": "CVE-2024-45009",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-45009"
},
{
"cve": "CVE-2024-45010",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-45010"
},
{
"cve": "CVE-2024-45306",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-45306"
},
{
"cve": "CVE-2024-46736",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-46736"
},
{
"cve": "CVE-2024-46782",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-46782"
},
{
"cve": "CVE-2024-46796",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-46796"
},
{
"cve": "CVE-2024-47220",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-47220"
},
{
"cve": "CVE-2024-47408",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-47408"
},
{
"cve": "CVE-2024-47794",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-47794"
},
{
"cve": "CVE-2024-49571",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49571"
},
{
"cve": "CVE-2024-49761",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49761"
},
{
"cve": "CVE-2024-49924",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49924"
},
{
"cve": "CVE-2024-49940",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49940"
},
{
"cve": "CVE-2024-49994",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-49994"
},
{
"cve": "CVE-2024-50029",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50029"
},
{
"cve": "CVE-2024-50036",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50036"
},
{
"cve": "CVE-2024-50056",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50056"
},
{
"cve": "CVE-2024-50085",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50085"
},
{
"cve": "CVE-2024-50126",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50126"
},
{
"cve": "CVE-2024-50140",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50140"
},
{
"cve": "CVE-2024-50152",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50152"
},
{
"cve": "CVE-2024-50185",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50185"
},
{
"cve": "CVE-2024-50290",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50290"
},
{
"cve": "CVE-2024-50294",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-50294"
},
{
"cve": "CVE-2024-52559",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-52559"
},
{
"cve": "CVE-2024-53057",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53063",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53063"
},
{
"cve": "CVE-2024-53123",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53123"
},
{
"cve": "CVE-2024-53140",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53140"
},
{
"cve": "CVE-2024-53147",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53147"
},
{
"cve": "CVE-2024-53163",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53163"
},
{
"cve": "CVE-2024-53176",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53176"
},
{
"cve": "CVE-2024-53177",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53177"
},
{
"cve": "CVE-2024-53178",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53178"
},
{
"cve": "CVE-2024-53226",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53226"
},
{
"cve": "CVE-2024-53680",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-53680"
},
{
"cve": "CVE-2024-54683",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-54683"
},
{
"cve": "CVE-2024-55549",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-55549"
},
{
"cve": "CVE-2024-56171",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56171"
},
{
"cve": "CVE-2024-56568",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56568"
},
{
"cve": "CVE-2024-56579",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56579"
},
{
"cve": "CVE-2024-56633",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56633"
},
{
"cve": "CVE-2024-56638",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56638"
},
{
"cve": "CVE-2024-56640",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56640"
},
{
"cve": "CVE-2024-56647",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56647"
},
{
"cve": "CVE-2024-56702",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56702"
},
{
"cve": "CVE-2024-56703",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56703"
},
{
"cve": "CVE-2024-56718",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56718"
},
{
"cve": "CVE-2024-56719",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56719"
},
{
"cve": "CVE-2024-56720",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56720"
},
{
"cve": "CVE-2024-56751",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56751"
},
{
"cve": "CVE-2024-56758",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56758"
},
{
"cve": "CVE-2024-56770",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-56770"
},
{
"cve": "CVE-2024-57807",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57807"
},
{
"cve": "CVE-2024-57834",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57834"
},
{
"cve": "CVE-2024-57889",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57889"
},
{
"cve": "CVE-2024-57900",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57900"
},
{
"cve": "CVE-2024-57947",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57947"
},
{
"cve": "CVE-2024-57948",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57948"
},
{
"cve": "CVE-2024-57973",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57973"
},
{
"cve": "CVE-2024-57974",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57974"
},
{
"cve": "CVE-2024-57978",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57978"
},
{
"cve": "CVE-2024-57979",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57980",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57980"
},
{
"cve": "CVE-2024-57981",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-57990",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57990"
},
{
"cve": "CVE-2024-57993",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57993"
},
{
"cve": "CVE-2024-57994",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57994"
},
{
"cve": "CVE-2024-57996",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-57997",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57997"
},
{
"cve": "CVE-2024-57999",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-57999"
},
{
"cve": "CVE-2024-58002",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58002"
},
{
"cve": "CVE-2024-58005",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58006",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58006"
},
{
"cve": "CVE-2024-58007",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58007"
},
{
"cve": "CVE-2024-58009",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58011",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58011"
},
{
"cve": "CVE-2024-58012",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58012"
},
{
"cve": "CVE-2024-58013",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58013"
},
{
"cve": "CVE-2024-58014",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58017",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58019",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58019"
},
{
"cve": "CVE-2024-58020",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58034",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58034"
},
{
"cve": "CVE-2024-58051",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58052",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58052"
},
{
"cve": "CVE-2024-58054",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58054"
},
{
"cve": "CVE-2024-58055",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58055"
},
{
"cve": "CVE-2024-58056",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58056"
},
{
"cve": "CVE-2024-58057",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58057"
},
{
"cve": "CVE-2024-58058",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58061",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58061"
},
{
"cve": "CVE-2024-58063",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58069",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58069"
},
{
"cve": "CVE-2024-58072",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58076",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58076"
},
{
"cve": "CVE-2024-58078",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58078"
},
{
"cve": "CVE-2024-58079",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58079"
},
{
"cve": "CVE-2024-58080",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58080"
},
{
"cve": "CVE-2024-58083",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58083"
},
{
"cve": "CVE-2024-58085",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2024-58086",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-58086"
},
{
"cve": "CVE-2024-8176",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2024-8176"
},
{
"cve": "CVE-2025-0395",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-0395"
},
{
"cve": "CVE-2025-1094",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-1094"
},
{
"cve": "CVE-2025-1215",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-1215"
},
{
"cve": "CVE-2025-1795",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-1795"
},
{
"cve": "CVE-2025-21631",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21631"
},
{
"cve": "CVE-2025-21635",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21635"
},
{
"cve": "CVE-2025-21636",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21636"
},
{
"cve": "CVE-2025-21637",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21637"
},
{
"cve": "CVE-2025-21638",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21647",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21647"
},
{
"cve": "CVE-2025-21659",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21659"
},
{
"cve": "CVE-2025-21665",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21665"
},
{
"cve": "CVE-2025-21667",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21667"
},
{
"cve": "CVE-2025-21668",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21668"
},
{
"cve": "CVE-2025-21671",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21671"
},
{
"cve": "CVE-2025-21673",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21673"
},
{
"cve": "CVE-2025-21680",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21680"
},
{
"cve": "CVE-2025-21681",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21681"
},
{
"cve": "CVE-2025-21684",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21684"
},
{
"cve": "CVE-2025-21687",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21687"
},
{
"cve": "CVE-2025-21688",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21688"
},
{
"cve": "CVE-2025-21689",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21689"
},
{
"cve": "CVE-2025-21690",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21690"
},
{
"cve": "CVE-2025-21692",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21692"
},
{
"cve": "CVE-2025-21693",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21693"
},
{
"cve": "CVE-2025-21697",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21697"
},
{
"cve": "CVE-2025-21699",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21699"
},
{
"cve": "CVE-2025-21700",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21700"
},
{
"cve": "CVE-2025-21701",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21703",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21703"
},
{
"cve": "CVE-2025-21704",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21705",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21705"
},
{
"cve": "CVE-2025-21706",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21706"
},
{
"cve": "CVE-2025-21708",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21708"
},
{
"cve": "CVE-2025-21711",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21714",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21714"
},
{
"cve": "CVE-2025-21715",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21715"
},
{
"cve": "CVE-2025-21716",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21716"
},
{
"cve": "CVE-2025-21718",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21718"
},
{
"cve": "CVE-2025-21719",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21723",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21723"
},
{
"cve": "CVE-2025-21724",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21725",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21725"
},
{
"cve": "CVE-2025-21726",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21731",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21731"
},
{
"cve": "CVE-2025-21732",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21732"
},
{
"cve": "CVE-2025-21733",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21733"
},
{
"cve": "CVE-2025-21734",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21734"
},
{
"cve": "CVE-2025-21735",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21736",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21736"
},
{
"cve": "CVE-2025-21738",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21738"
},
{
"cve": "CVE-2025-21739",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21739"
},
{
"cve": "CVE-2025-21741",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21741"
},
{
"cve": "CVE-2025-21742",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21742"
},
{
"cve": "CVE-2025-21743",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21743"
},
{
"cve": "CVE-2025-21744",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21749",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21749"
},
{
"cve": "CVE-2025-21750",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21750"
},
{
"cve": "CVE-2025-21753",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21754",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21754"
},
{
"cve": "CVE-2025-21756",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21759",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21759"
},
{
"cve": "CVE-2025-21760",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21772",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21773",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21773"
},
{
"cve": "CVE-2025-21775",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21775"
},
{
"cve": "CVE-2025-21776",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21779",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21779"
},
{
"cve": "CVE-2025-21780",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21780"
},
{
"cve": "CVE-2025-21781",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21781"
},
{
"cve": "CVE-2025-21782",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21782"
},
{
"cve": "CVE-2025-21784",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21784"
},
{
"cve": "CVE-2025-21785",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21785"
},
{
"cve": "CVE-2025-21790",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21790"
},
{
"cve": "CVE-2025-21791",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21791"
},
{
"cve": "CVE-2025-21793",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21793"
},
{
"cve": "CVE-2025-21794",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21794"
},
{
"cve": "CVE-2025-21795",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21799",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21799"
},
{
"cve": "CVE-2025-21802",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21802"
},
{
"cve": "CVE-2025-21804",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21804"
},
{
"cve": "CVE-2025-21810",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21810"
},
{
"cve": "CVE-2025-21815",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21815"
},
{
"cve": "CVE-2025-21819",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21819"
},
{
"cve": "CVE-2025-21820",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21820"
},
{
"cve": "CVE-2025-21821",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21821"
},
{
"cve": "CVE-2025-21823",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21823"
},
{
"cve": "CVE-2025-21825",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21825"
},
{
"cve": "CVE-2025-21828",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21828"
},
{
"cve": "CVE-2025-21829",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21829"
},
{
"cve": "CVE-2025-21830",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21830"
},
{
"cve": "CVE-2025-21831",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21831"
},
{
"cve": "CVE-2025-21832",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21832"
},
{
"cve": "CVE-2025-21835",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21838",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21838"
},
{
"cve": "CVE-2025-21844",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21847",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21847"
},
{
"cve": "CVE-2025-21848",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21850",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21850"
},
{
"cve": "CVE-2025-21855",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21855"
},
{
"cve": "CVE-2025-21856",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21856"
},
{
"cve": "CVE-2025-21857",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21857"
},
{
"cve": "CVE-2025-21858",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21861",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21861"
},
{
"cve": "CVE-2025-21862",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-21866",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21866"
},
{
"cve": "CVE-2025-21869",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21869"
},
{
"cve": "CVE-2025-21870",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21870"
},
{
"cve": "CVE-2025-21871",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21871"
},
{
"cve": "CVE-2025-21876",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21876"
},
{
"cve": "CVE-2025-21877",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21877"
},
{
"cve": "CVE-2025-21878",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21878"
},
{
"cve": "CVE-2025-21883",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21883"
},
{
"cve": "CVE-2025-21885",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21885"
},
{
"cve": "CVE-2025-21886",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21886"
},
{
"cve": "CVE-2025-21888",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21888"
},
{
"cve": "CVE-2025-21890",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21890"
},
{
"cve": "CVE-2025-21891",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21891"
},
{
"cve": "CVE-2025-21892",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-21892"
},
{
"cve": "CVE-2025-22134",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22134"
},
{
"cve": "CVE-2025-22228",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22228"
},
{
"cve": "CVE-2025-22247",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22247"
},
{
"cve": "CVE-2025-22868",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22868"
},
{
"cve": "CVE-2025-22869",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-24014",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-24014"
},
{
"cve": "CVE-2025-24813",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-24813"
},
{
"cve": "CVE-2025-24855",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-24855"
},
{
"cve": "CVE-2025-24928",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-24928"
},
{
"cve": "CVE-2025-2588",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-2588"
},
{
"cve": "CVE-2025-26465",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2025-26466",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-26466"
},
{
"cve": "CVE-2025-26597",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-26597"
},
{
"cve": "CVE-2025-27113",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-27113"
},
{
"cve": "CVE-2025-27219",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-27219"
},
{
"cve": "CVE-2025-27220",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-27220"
},
{
"cve": "CVE-2025-27363",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-27363"
},
{
"cve": "CVE-2025-29087",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-29087"
},
{
"cve": "CVE-2025-29088",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-29088"
},
{
"cve": "CVE-2025-31115",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-31115"
},
{
"cve": "CVE-2025-31335",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-31335"
},
{
"cve": "CVE-2025-31650",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-31650"
},
{
"cve": "CVE-2025-31651",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-31651"
},
{
"cve": "CVE-2025-32414",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-32414"
},
{
"cve": "CVE-2025-32415",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-32728",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-32728"
},
{
"cve": "CVE-2025-3360",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-3360"
},
{
"cve": "CVE-2025-4207",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-4207"
},
{
"cve": "CVE-2025-4382",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-4382"
},
{
"cve": "CVE-2025-47268",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-47268"
},
{
"cve": "CVE-2025-4802",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-4802"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T044974",
"T002207"
]
},
"release_date": "2025-06-30T22:00:00.000+00:00",
"title": "CVE-2025-48734"
}
]
}
ICSA-24-102-01
Vulnerability from csaf_cisa - Published: 2024-04-09 00:00 - Updated: 2025-10-14 00:00Summary
Siemens SIMATIC S7-1500
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1.
Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice and Terms of Use
This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy & Use policy (https://www.cisa.gov/privacy-policy).
Advisory Conversion Disclaimer
This ICSA is a verbatim republication of Siemens ProductCERT SSA-265688 from a direct conversion of the vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{
"document": {
"acknowledgments": [
{
"organization": "Siemens ProductCERT",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1.\n\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "This product is provided subject to this Notification (https://www.cisa.gov/notification) and this Privacy \u0026 Use policy (https://www.cisa.gov/privacy-policy).",
"title": "Legal Notice and Terms of Use"
},
{
"category": "other",
"text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-265688 from a direct conversion of the vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Critical Manufacturing",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-265688.json"
},
{
"category": "self",
"summary": "SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-102-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-102-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-102-01 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-102-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/ics-alerts/ics-alert-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/news-events/news/targeted-cyber-intrusion-detection-and-mitigation-strategies-update-b"
}
],
"title": "Siemens SIMATIC S7-1500",
"tracking": {
"current_release_date": "2025-10-14T00:00:00.000000Z",
"generator": {
"date": "2025-10-16T21:33:14.845754Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-24-102-01",
"initial_release_date": "2024-04-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2024-04-09T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-05-14T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added CVE-2024-2511"
},
{
"date": "2024-07-09T00:00:00.000000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added CVE-2024-5535"
},
{
"date": "2024-11-12T00:00:00.000000Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Added CVE-2024-9143"
},
{
"date": "2025-03-11T00:00:00.000000Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Added CVE-2024-36484, CVE-2024-36902, CVE-2024-36904, CVE-2024-36905, CVE-2024-36916, CVE-2024-36929, CVE-2024-36939, CVE-2024-36940, CVE-2024-36959, CVE-2024-44987, CVE-2024-44989, CVE-2024-44990, CVE-2024-45016, CVE-2024-45018, CVE-2024-46679, CVE-2024-46743, CVE-2024-46744, CVE-2024-46745, CVE-2024-46750, CVE-2024-46759, CVE-2024-46783, CVE-2024-47660, CVE-2024-50299, CVE-2024-50301, CVE-2024-53101"
},
{
"date": "2025-04-08T00:00:00.000000Z",
"legacy_version": "1.5",
"number": "6",
"summary": "Added CVE-2024-50302 (incl. product-specific impact description) and multiple other CVEs"
},
{
"date": "2025-06-10T00:00:00.000000Z",
"legacy_version": "1.6",
"number": "7",
"summary": "Added 63 CVEs"
},
{
"date": "2025-07-08T00:00:00.000000Z",
"legacy_version": "1.7",
"number": "8",
"summary": "Added 71 CVEs"
},
{
"date": "2025-08-12T00:00:00.000000Z",
"legacy_version": "1.8",
"number": "9",
"summary": "Added 147 CVEs"
},
{
"date": "2025-09-09T00:00:00.000000Z",
"legacy_version": "1.9",
"number": "10",
"summary": "Added 51 CVEs"
},
{
"date": "2025-10-14T00:00:00.000000Z",
"legacy_version": "2.0",
"number": "11",
"summary": "Added CVE-2025-9230, CVE-2023-50781, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4090",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-4090"
},
{
"cve": "CVE-2021-38202",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-38202"
},
{
"cve": "CVE-2021-47002",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "SUNRPC: null pointer dereference in svc_rqst_free(). When alloc_pages_node() returns null in svc_rqst_alloc(), the null rq_scratch_page pointer will be dereferenced when calling put_page() in svc_rqst_free().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-47002"
},
{
"cve": "CVE-2021-47107",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "NFSD: READDIR buffer overflow. If a client sends a READDIR count argument that is too small (say, zero), then the buffer size calculation in the new init_dirlist helper functions results in an underflow, allowing the XDR stream functions to write beyond the actual buffer. This calculation has always been suspect. NFSD has never sanity- checked the READDIR count argument, but the old entry encoders managed the problem correctly. With the commits below, entry encoding changed, exposing the underflow to the pointer arithmetic in xdr_reserve_space(). Modern NFS clients attempt to retrieve as much data as possible for each READDIR request.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-47107"
},
{
"cve": "CVE-2021-47316",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfsd: NULL dereference in nfs3svc_encode_getaclres.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2021-47316"
},
{
"cve": "CVE-2022-38096",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-38096"
},
{
"cve": "CVE-2022-43945",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-43945"
},
{
"cve": "CVE-2022-48827",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "NFSD: vulnerability caused by loff_t overflow on the server when a client reads near the maximum offset, causing the server to return an EINVAL error, which the client retries indefinitely, instead of handling out-of-range READ requests by returning a short result with an EOF flag.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-48827"
},
{
"cve": "CVE-2022-48828",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NFSD: Vulnerability caused by an underflow in ia_size due to a mismatch between signed and unsigned 64-bit file size values, which can cause issues when handling large file sizes from NFS clients.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-48828"
},
{
"cve": "CVE-2022-48829",
"cwe": {
"id": "CWE-253",
"name": "Incorrect Check of Function Return Value"
},
"notes": [
{
"category": "summary",
"text": "NFSD: Vulnerability handling large file sizes for NFSv3 improperly capping client size values larger than s64_max, leading to unexpected behavior and potential data corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-48829"
},
{
"cve": "CVE-2023-1652",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-1652"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-6121",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-6121"
},
{
"cve": "CVE-2023-6129",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions.\r\n\r\nIf an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences.\r\n\r\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions.\r\n\r\nThe consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However unless the compiler uses the vector registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service.\r\n\r\nThe POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used. This implies that TLS server applications using OpenSSL can be potentially impacted. However\r\nwe are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-6129"
},
{
"cve": "CVE-2023-6237",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Checking excessively long invalid RSA public keys may take a long time. Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the \u0027-pubin\u0027 and \u0027-check\u0027 options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-6237"
},
{
"cve": "CVE-2023-6817",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.\n\nWe recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-6817"
},
{
"cve": "CVE-2023-6931",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-6931"
},
{
"cve": "CVE-2023-6932",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-6932"
},
{
"cve": "CVE-2023-28746",
"cwe": {
"id": "CWE-1342",
"name": "Information Exposure through Microarchitectural State after Transient Execution"
},
"notes": [
{
"category": "summary",
"text": "Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-28746"
},
{
"cve": "CVE-2023-45898",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-45898"
},
{
"cve": "CVE-2023-47233",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-50781",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-50781"
},
{
"cve": "CVE-2023-52447",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Defer the free of inner map when necessary when updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpf_map_fd_put_ptr() decreases the ref-counter of the inner map directly through bpf_map_put(), if the ref-counter is the last one (which is true for most cases), the inner map will be freed by ops-\u003emap_free() in a kworker. But for now, most .map_free() callbacks don\u0027t use synchronize_rcu() or its variants to wait for the elapse of a RCU grace period, so after the invocation of ops-\u003emap_free completes, the bpf program which is accessing the inner map may incur use-after-free vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-52447"
},
{
"cve": "CVE-2023-52458",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblock: add check that partition length needs to be aligned with block size",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-52458"
},
{
"cve": "CVE-2023-52614",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nPM / devfreq: Fix buffer overflow in trans_stat_show",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-52614"
},
{
"cve": "CVE-2023-52620",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: disallow timeout for anonymous sets\r\n\r\nNever used from userspace, disallow these parameters.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-52620"
},
{
"cve": "CVE-2024-0584",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-0584"
},
{
"cve": "CVE-2024-0727",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-2511",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Use of the low-level GF(2m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named curves\" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2m)) curves that can\u0027t represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an \"exotic\" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with \"exotic\" explicit binary (GF(2m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-22099",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C.\n\nThis issue affects Linux kernel: v2.6.12-rc2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-22099"
},
{
"cve": "CVE-2024-23307",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-23848",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-23848"
},
{
"cve": "CVE-2024-24857",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A race condition was found in the Linux kernel\u0027s net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-24857"
},
{
"cve": "CVE-2024-24858",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A race condition was found in the Linux kernel\u0027s net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-24858"
},
{
"cve": "CVE-2024-24859",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A race condition was found in the Linux kernel\u0027s net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-24859"
},
{
"cve": "CVE-2024-25739",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-\u003eleb_size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-25739"
},
{
"cve": "CVE-2024-26629",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"notes": [
{
"category": "summary",
"text": "nfsd: The test on so_count in nfsd4_release_lockowner() is potentially harmful. It can transiently return a false positive resulting in a return of NFS4ERR_LOCKS_HELD when in fact no locks are held. This is clearly a protocol violation and with the Linux NFS client it can cause incorrect behaviour.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26629"
},
{
"cve": "CVE-2024-26642",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: disallow anonymous set with timeout flag",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26642"
},
{
"cve": "CVE-2024-26643",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26643"
},
{
"cve": "CVE-2024-26651",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "sr9800: Local Denial of Service Vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26651"
},
{
"cve": "CVE-2024-26659",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "xhci: isoc Babble and Buffer Overrun events are not handled properly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26659"
},
{
"cve": "CVE-2024-26787",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "mmc: mmci: stm32: Fixed issue with overlapping mappings in the DMA API.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26787"
},
{
"cve": "CVE-2024-26810",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nvfio/pci: Lock external INTx masking ops",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26810"
},
{
"cve": "CVE-2024-26812",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nvfio/pci: Create persistent INTx handler",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26812"
},
{
"cve": "CVE-2024-26816",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"notes": [
{
"category": "summary",
"text": "x86, relocs: relocations in .notes section. When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the \"startup_xen\" entry point.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26816"
},
{
"cve": "CVE-2024-26820",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26820"
},
{
"cve": "CVE-2024-26851",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: nf_conntrack_h323: Add protection for bmp length out of range.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26851"
},
{
"cve": "CVE-2024-26852",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/ipv6: possible UAF in ip6_route_mpath_notify().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26855",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26855"
},
{
"cve": "CVE-2024-26859",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/bnx2x: Race condition leading to system crash during EEH error handling.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26859"
},
{
"cve": "CVE-2024-26861",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wireguard: receive: data-race around receiving_counter.counter.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26861"
},
{
"cve": "CVE-2024-26863",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26863"
},
{
"cve": "CVE-2024-26870",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26870"
},
{
"cve": "CVE-2024-26872",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "RDMA/srpt: use-after-free Write in srpt_refresh_port().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26872"
},
{
"cve": "CVE-2024-26875",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "media: pvrusb2: fix uaf in pvr2_context_set_notify.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26875"
},
{
"cve": "CVE-2024-26877",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "crypto: xilinx - call finalize with bh disabled.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26877"
},
{
"cve": "CVE-2024-26878",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26878"
},
{
"cve": "CVE-2024-26880",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26880"
},
{
"cve": "CVE-2024-26882",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26882"
},
{
"cve": "CVE-2024-26883",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Fix stackmap overflow check on 32-bit arches.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26883"
},
{
"cve": "CVE-2024-26884",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Fix hashtab overflow check on 32-bit arches.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26884"
},
{
"cve": "CVE-2024-26885",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbpf: Fix DEVMAP_HASH overflow check on 32-bit arches\r\n\r\nThe devmap code allocates a number hash buckets equal to the next power\r\nof two of the max_entries value provided when creating the map. When\r\nrounding up to the next power of two, the 32-bit variable storing the\r\nnumber of buckets can overflow, and the code checks for overflow by\r\nchecking if the truncated 32-bit value is equal to 0. However, on 32-bit\r\narches the rounding up itself can overflow mid-way through, because it\r\nends up doing a left-shift of 32 bits on an unsigned long value. If the\r\nsize of an unsigned long is four bytes, this is undefined behaviour, so\r\nthere is no guarantee that we\u0027ll end up with a nice and tidy 0-value at\r\nthe end.\r\n\r\nSyzbot managed to turn this into a crash on arm32 by creating a\r\nDEVMAP_HASH with max_entries \u003e 0x80000000 and then trying to update it.\r\nFix this by moving the overflow check to before the rounding up\r\noperation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26885"
},
{
"cve": "CVE-2024-26889",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: hci_core: Fix possible buffer overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26889"
},
{
"cve": "CVE-2024-26891",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "iommu/vt-d: Don\u0027t issue ATS Invalidation request when device is disconnected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26891"
},
{
"cve": "CVE-2024-26894",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26894"
},
{
"cve": "CVE-2024-26895",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26895"
},
{
"cve": "CVE-2024-26897",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26897"
},
{
"cve": "CVE-2024-26898",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26898"
},
{
"cve": "CVE-2024-26901",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26901"
},
{
"cve": "CVE-2024-26903",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: rfcomm: Fixed null-ptr-deref in rfcomm_check_security.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26903"
},
{
"cve": "CVE-2024-26906",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26906"
},
{
"cve": "CVE-2024-26907",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "RDMA/mlx5: Fixed fortify source warning while accessing Eth segment.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26907"
},
{
"cve": "CVE-2024-26920",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntracing/trigger: Fix to return error if failed to alloc snapshot",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26920"
},
{
"cve": "CVE-2024-26923",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-26925",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC worker could collect expired objects and get the released commit lock within the same GC sequence. nf_tables_module_autoload() temporarily releases the mutex to load module dependencies, then it goes back to replay the transaction again. Move it at the end of the abort phase after nft_gc_seq_end() is called.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26925"
},
{
"cve": "CVE-2024-26934",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nUSB: core: Fix deadlock in usb_deauthorize_interface()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26935",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: core: Fix unremoved procfs host directory regression",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26935"
},
{
"cve": "CVE-2024-26937",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/i915/gt: Reset queue_priority_hint on parking",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26937"
},
{
"cve": "CVE-2024-26950",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwireguard: netlink: access device through ctx instead of peer",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26950"
},
{
"cve": "CVE-2024-26951",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwireguard: netlink: check for dangling peer via is_dead instead of empty list",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26951"
},
{
"cve": "CVE-2024-26958",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfs: fix UAF in direct writes",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26960",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmm: swap: fix race between free_swap_and_cache() and swapoff()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26960"
},
{
"cve": "CVE-2024-26961",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmac802154: fix llsec key resources release in mac802154_llsec_key_del",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26961"
},
{
"cve": "CVE-2024-26973",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so the file handle is actually 12 bytes long and the last two bytes remain uninitialized. This is not great at we potentially leak uninitialized information with the handle to userspace. Properly initialize the full handle length.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26973"
},
{
"cve": "CVE-2024-26974",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncrypto: qat - resolve race condition during AER recovery",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26974"
},
{
"cve": "CVE-2024-26982",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\nSquashfs: check the inode number is not the invalid value of zero",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26982"
},
{
"cve": "CVE-2024-26988",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninit/main.c: Fix potential static_command_line memory overflow",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26988"
},
{
"cve": "CVE-2024-26993",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-27004",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: Get runtime PM before walking tree during disable_unused",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27004"
},
{
"cve": "CVE-2024-27013",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntun: limit printing rate when illegal packet received by tun dev\r\n\r\nvhost_worker will call tun call backs to receive packets. If too many\r\nillegal packets arrives, tun_do_read will keep dumping packet contents.\r\nWhen console is enabled, it will costs much more cpu time to dump\r\npacket and soft lockup will be detected.\r\n\r\nnet_ratelimit mechanism can be used to limit the dumping rate.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27020",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in nft_expr_type_get().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27020"
},
{
"cve": "CVE-2024-27024",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in the Linux kernel: net/rds: WARNING in rds_conn_connect_if_down If connection isn\u0027t established yet, get_mr() will fail, trigger connection after get_mr().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27024"
},
{
"cve": "CVE-2024-27025",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27025"
},
{
"cve": "CVE-2024-27038",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: clk: clk_core_get NULL dereference It is possible for clk_core_get to dereference a NULL in the following sequence: clk_core_get() of_clk_get_hw_from_clkspec() __of_clk_get_hw_from_provider() __clk_get_hw() __clk_get_hw() can return NULL which is dereferenced by clk_core_get() at hw-\u003ecore. Prior to commit dde4eff47c82 (\"clk: Look for parents with clkdev based clk_lookups\") the check IS_ERR_OR_NULL() was performed which would have caught the NULL. Reading the description of this function it talks about returning NULL but that cannot be so at the moment. Update the function to check for hw before dereferencing it and return NULL if hw is NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27038"
},
{
"cve": "CVE-2024-27047",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerablity in Linux kernel: net: phy: phy_get_internal_delay accessing an empty array The phy_get_internal_delay function could try to access to an empty array in the case that the driver is calling phy_get_internal_delay without defining delay_values and rx-internal-delay-ps or tx-internal-delay-ps is defined to 0 in the device-tree. This will lead to \"unable to handle kernel NULL pointer dereference at virtual address 0\".",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27047"
},
{
"cve": "CVE-2024-27052",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still be running, when the driver is stopped.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27052"
},
{
"cve": "CVE-2024-27053",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in the Linux kernel: wifi: wilc1000: RCU usage in connect path",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27053"
},
{
"cve": "CVE-2024-27059",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27065",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27065"
},
{
"cve": "CVE-2024-27072",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmedia: usbtv: Remove useless locks in usbtv_video_free()\r\n\r\nRemove locks calls in usbtv_video_free() because\r\nare useless and may led to a deadlock as reported here:\r\nhttps://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000\r\nAlso remove usbtv_stop() call since it will be called when\r\nunregistering the device.\r\n\r\nBefore \u0027c838530d230b\u0027 this issue would only be noticed if you\r\ndisconnect while streaming and now it is noticeable even when\r\ndisconnecting while not streaming.\r\n\r\n\r\n[hverkuil: fix minor spelling mistake in log message]",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27072"
},
{
"cve": "CVE-2024-27076",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in the Linux kernel: media: imx: csc/scaler: v4l2_ctrl_handler memory leak Free the memory allocated in v4l2_ctrl_handler_init on release.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27076"
},
{
"cve": "CVE-2024-27077",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: media: v4l2-mem2mem: a memleak in v4l2_m2m_register_entity The entity-\u003ename (i.e. name) is allocated in v4l2_m2m_register_entity but isn\u0027t freed in its following error-handling paths. This patch adds such deallocation to prevent memleak of entity-\u003ename.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27077"
},
{
"cve": "CVE-2024-27078",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: media: v4l2-tpg: some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpg_free is called only when tpg_alloc return 0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27078"
},
{
"cve": "CVE-2024-27395",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix Use-After-Free in ovs_ct_exit\n\nSince kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof ovs_ct_limit_exit, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27395"
},
{
"cve": "CVE-2024-27396",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gtp: Fix Use-After-Free in gtp_dellink\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof gtp_dellink, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27397",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: use timestamp to check for set element timeout\r\n\r\nAdd a timestamp field at the beginning of the transaction, store it\r\nin the nftables per-netns area.\r\n\r\nUpdate set backend .insert, .deactivate and sync gc path to use the\r\ntimestamp, this avoids that an element expires while control plane\r\ntransaction is still unfinished.\r\n\r\n.lookup and .update, which are used from packet path, still use the\r\ncurrent time to check if the element has expired. And .get path and dump\r\nalso since this runs lockless under rcu read size lock. Then, there is\r\nasync gc which also needs to check the current time since it runs\r\nasynchronously from a workqueue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27397"
},
{
"cve": "CVE-2024-27419",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netrom: data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27419"
},
{
"cve": "CVE-2024-27431",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don\u0027t initialise the xdp_rxq_info data structure being used in the xdp_buff that backs the XDP program invocation. Tobias noticed that this leads to random values being returned as the xdp_md-\u003erx_queue_index value for XDP programs running in a cpumap. This means we\u0027re basically returning the contents of the uninitialised memory, which is bad. Fix this by zero-initialising the rxq data structure before running the XDP program.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27431"
},
{
"cve": "CVE-2024-27436",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27436"
},
{
"cve": "CVE-2024-27437",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Disable auto-enable of exclusive INTx IRQ\n\nCurrently for devices requiring masking at the irqchip for INTx, ie.\ndevices without DisINTx support, the IRQ is enabled in request_irq()\nand subsequently disabled as necessary to align with the masked status\nflag. This presents a window where the interrupt could fire between\nthese events, resulting in the IRQ incrementing the disable depth twice.\nThis would be unrecoverable for a user since the masked flag prevents\nnested enables through vfio.\n\nInstead, invert the logic using IRQF_NO_AUTOEN such that exclusive INTx\nis never auto-enabled, then unmask as required.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-27437"
},
{
"cve": "CVE-2024-33621",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-\u003esk in ipvlan_process_v4 / 6_outbound.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-33621"
},
{
"cve": "CVE-2024-33847",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "f2fs: compress: Released compress inode f2fs image may be corrupted. The reason is partial truncation assume compressed inode has reserved blocks, after partial truncation, valid block count may change w/o .i_blocks and .total_valid_block_count update, resulting in corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-33847"
},
{
"cve": "CVE-2024-34027",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "f2fs: compress: filesystem metadata including blkaddr in dnode, inode fields and .total_valid_block_count may be corrupted after SPO case.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-34027"
},
{
"cve": "CVE-2024-35789",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\r\n\r\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\r\nfast_rx entry still holds a pointer to the VLAN\u0027s netdev, which can cause\r\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\r\nafter the VLAN change.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35805",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndm snapshot: fix lockup in dm_exception_table_exit\r\n\r\nThere was reported lockup when we exit a snapshot with many exceptions.\r\nFix this by adding \"cond_resched\" to the loop that frees the exceptions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35805"
},
{
"cve": "CVE-2024-35807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35807"
},
{
"cve": "CVE-2024-35811",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35813",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmmc: core: Avoid negative index with array access\r\n\r\nCommit 4d0c8d0aef63 (\"mmc: core: Use mrq.sbc in close-ended ffu\") assigns\r\nprev_idata = idatas[i - 1], but doesn\u0027t check that the iterator i is\r\ngreater than zero. Let\u0027s fix this by adding a check.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35813"
},
{
"cve": "CVE-2024-35815",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\r\n\r\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\r\nthat is not embedded inside struct aio_kiocb. With the current code,\r\ndepending on the compiler, the req-\u003eki_ctx read happens either before\r\nthe IOCB_AIO_RW test or after that test. Move the req-\u003eki_ctx read such\r\nthat it is guaranteed that the IOCB_AIO_RW test happens first.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35815"
},
{
"cve": "CVE-2024-35823",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nvt: fix unicode buffer corruption when deleting characters\r\n\r\nThis is the same issue that was fixed for the VGA text buffer in commit\r\n39cdb68c64d8 (\"vt: fix memory overlapping when deleting chars in the\r\nbuffer\"). The cure is also the same i.e. replace memcpy() with memmove()\r\ndue to the overlaping buffers.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35823"
},
{
"cve": "CVE-2024-35828",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35828"
},
{
"cve": "CVE-2024-35845",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35845"
},
{
"cve": "CVE-2024-35849",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbtrfs: fix information leak in btrfs_ioctl_logical_to_ino()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35849"
},
{
"cve": "CVE-2024-35877",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nx86/mm/pat: fix VM_PAT handling in COW mappings\r\n\r\nPAT handling won\u0027t do the right thing in COW mappings: the first PTE (or,\r\nin fact, all PTEs) can be replaced during write faults to point at anon\r\nfolios. Reliably recovering the correct PFN and cachemode using\r\nfollow_phys() from PTEs will not work in COW mappings.\r\n\r\nUsing follow_phys(), we might just get the address+protection of the anon\r\nfolio (which is very wrong), or fail on swap/nonswap entries, failing\r\nfollow_phys() and triggering a WARN_ON_ONCE() in untrack_pfn() and\r\ntrack_pfn_copy(), not properly calling free_pfn_range().\r\n\r\nIn free_pfn_range(), we either wouldn\u0027t call memtype_free() or would call\r\nit with the wrong range, possibly leaking memory.\r\n\r\nTo fix that, let\u0027s update follow_phys() to refuse returning anon folios,\r\nand fallback to using the stored PFN inside vma-\u003evm_pgoff for COW mappings\r\nif we run into that.\r\n\r\nWe will now properly handle untrack_pfn() with COW mappings, where we\r\ndon\u0027t need the cachemode. We\u0027ll have to fail fork()-\u003etrack_pfn_copy() if\r\nthe first page was replaced by an anon folio, though: we\u0027d have to store\r\nthe cachemode in the VMA to make this work, likely growing the VMA size.\r\n\r\nFor now, lets keep it simple and let track_pfn_copy() just fail in that\r\ncase: it would have failed in the past with swap/nonswap entries already,\r\nand it would have done the wrong thing with anon folios.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35877"
},
{
"cve": "CVE-2024-35884",
"cwe": {
"id": "CWE-923",
"name": "Improper Restriction of Communication Channel to Intended Endpoints"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nudp: do not accept non-tunnel GSO skbs landing in a tunnel\r\n\r\nWhen rx-udp-gro-forwarding is enabled UDP packets might be GROed when\r\nbeing forwarded. If such packets might land in a tunnel this can cause\r\nvarious issues and udp_gro_receive makes sure this isn\u0027t the case by\r\nlooking for a matching socket. This is performed in\r\nudp4/6_gro_lookup_skb but only in the current netns. This is an issue\r\nwith tunneled packets when the endpoint is in another netns. In such\r\ncases the packets will be GROed at the UDP level, which leads to various\r\nissues later on. The same thing can happen with rx-gro-list.\r\n\r\nWe saw this with geneve packets being GROed at the UDP level. In such\r\ncase gso_size is set; later the packet goes through the geneve rx path,\r\nthe geneve header is pulled, the offset are adjusted and frag_list skbs\r\nare not adjusted with regard to geneve. When those skbs hit\r\nskb_fragment, it will misbehave. Different outcomes are possible\r\ndepending on what the GROed skbs look like; from corrupted packets to\r\nkernel crashes.\r\n\r\nOne example is a BUG_ON[1] triggered in skb_segment while processing the\r\nfrag_list. Because gso_size is wrong (geneve header was pulled)\r\nskb_segment thinks there is \"geneve header size\" of data in frag_list,\r\nalthough it\u0027s in fact the next packet. The BUG_ON itself has nothing to\r\ndo with the issue. This is only one of the potential issues.\r\n\r\nLooking up for a matching socket in udp_gro_receive is fragile: the\r\nlookup could be extended to all netns (not speaking about performances)\r\nbut nothing prevents those packets from being modified in between and we\r\ncould still not find a matching socket. It\u0027s OK to keep the current\r\nlogic there as it should cover most cases but we also need to make sure\r\nwe handle tunnel packets being GROed too early.\r\n\r\nThis is done by extending the checks in udp_unexpected_gso: GSO packets\r\nlacking the SKB_GSO_UDP_TUNNEL/_CSUM bits and landing in a tunnel must\r\nbe segmented.\r\n\r\n[1] kernel BUG at net/core/skbuff.c:4408!\r\n RIP: 0010:skb_segment+0xd2a/0xf70\r\n __udp_gso_segment+0xaa/0x560",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35884"
},
{
"cve": "CVE-2024-35886",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv6: Fix infinite recursion in fib6_dump_done().\r\n\r\nsyzkaller reported infinite recursive calls of fib6_dump_done() during\r\nnetlink socket destruction.\r\n\r\nFrom the log, syzkaller sent an AF_UNSPEC RTM_GETROUTE message, and then\r\nthe response was generated. The following recvmmsg() resumed the dump\r\nfor IPv6, but the first call of inet6_dump_fib() failed at kzalloc() due\r\nto the fault injection.\r\n\r\n 12:01:34 executing program 3:\r\n r0 = socket$nl_route(0x10, 0x3, 0x0)\r\n sendmsg$nl_route(r0, ... snip ...)\r\n recvmmsg(r0, ... snip ...) (fail_nth: 8)\r\n\r\nHere, fib6_dump_done() was set to nlk_sk(sk)-\u003ecb.done, and the next call\r\nof inet6_dump_fib() set it to nlk_sk(sk)-\u003ecb.args[3]. syzkaller stopped\r\nreceiving the response halfway through, and finally netlink_sock_destruct()\r\ncalled nlk_sk(sk)-\u003ecb.done().\r\n\r\nfib6_dump_done() calls fib6_dump_end() and nlk_sk(sk)-\u003ecb.done() if it\r\nis still not NULL. fib6_dump_end() rewrites nlk_sk(sk)-\u003ecb.done() by\r\nnlk_sk(sk)-\u003ecb.args[3], but it has the same function, not NULL, calling\r\nitself recursively and hitting the stack guard page.\r\n\r\nTo avoid the issue, let\u0027s set the destructor after kzalloc().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35886"
},
{
"cve": "CVE-2024-35888",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb-\u003ehead.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35888"
},
{
"cve": "CVE-2024-35893",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/sched: act_skbmod: prevent kernel-infoleak\r\n\r\nsyzbot found that tcf_skbmod_dump() was copying four bytes\r\nfrom kernel stack to user space.\r\n\r\nThe issue here is that \u0027struct tc_skbmod\u0027 has a four bytes hole.\r\n\r\nWe need to clear the structure before filling fields.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35893"
},
{
"cve": "CVE-2024-35895",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Prevent lock inversion deadlock in map delete elem\n\nsyzkaller started using corpuses where a BPF tracing program deletes\nelements from a sockmap/sockhash map. Because BPF tracing programs can be\ninvoked from any interrupt context, locks taken during a map_delete_elem\noperation must be hardirq-safe. Otherwise a deadlock due to lock inversion\nis possible, as reported by lockdep:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026htab-\u003ebuckets[i].lock);\n local_irq_disable();\n lock(\u0026host-\u003elock);\n lock(\u0026htab-\u003ebuckets[i].lock);\n \u003cInterrupt\u003e\n lock(\u0026host-\u003elock);\n\nLocks in sockmap are hardirq-unsafe by design. We expects elements to be\ndeleted from sockmap/sockhash only in task (normal) context with interrupts\nenabled, or in softirq context.\n\nDetect when map_delete_elem operation is invoked from a context which is\n_not_ hardirq-unsafe, that is interrupts are disabled, and bail out with an\nerror.\n\nNote that map updates are not affected by this issue. BPF verifier does not\nallow updating sockmap/sockhash from a BPF tracing program today.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35896",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: validate user input for expected length\r\n\r\nI got multiple syzbot reports showing old bugs exposed\r\nby BPF after commit 20f2505fb436 (\"bpf: Try to avoid kzalloc\r\nin cgroup/{s,g}etsockopt\")\r\n\r\nsetsockopt() @optlen argument should be taken into account\r\nbefore copying data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35896"
},
{
"cve": "CVE-2024-35897",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\r\n\r\nHook unregistration is deferred to the commit phase, same occurs with\r\nhook updates triggered by the table dormant flag. When both commands are\r\ncombined, this results in deleting a basechain while leaving its hook\r\nstill registered in the core.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35897"
},
{
"cve": "CVE-2024-35898",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\r\n\r\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\r\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\r\nAnd thhere is not any protection when iterate over nf_tables_flowtables\r\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\r\ndata-race of nf_tables_flowtables list entry.\r\n\r\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\r\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\r\nnft_flowtable_type_get() to protect the entire type query process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35898"
},
{
"cve": "CVE-2024-35899",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: flush pending destroy work before exit_net release\r\n\r\nSimilar to 2c9f0293280e (\"netfilter: nf_tables: flush pending destroy\r\nwork before netlink notifier\") to address a race between exit_net and\r\nthe destroy workqueue.\r\n\r\nThe trace below shows an element to be released via destroy workqueue\r\nwhile exit_net path (triggered via module removal) has already released\r\nthe set that is used in such transaction.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35899"
},
{
"cve": "CVE-2024-35900",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: reject new basechain after table flag update\r\n\r\nWhen dormant flag is toggled, hooks are disabled in the commit phase by\r\niterating over current chains in table (existing and new).\r\n\r\nThe following configuration allows for an inconsistent state:\r\n\r\n add table x\r\n add chain x y { type filter hook input priority 0; }\r\n add table x { flags dormant; }\r\n add chain x w { type filter hook input priority 1; }\r\n\r\nwhich triggers the following warning when trying to unregister chain w\r\nwhich is already unregistered.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35900"
},
{
"cve": "CVE-2024-35902",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/rds: possible cp null dereference cp might be null, calling cp-\u003ecp_conn would produce null dereference. Cp is a parameter of __rds_rdma_map and is not reassigned.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35902"
},
{
"cve": "CVE-2024-35905",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35910",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test a patch I wrote two years ago. When TCP sockets are closed, we call inet_csk_clear_xmit_timers() to \u0027stop\u0027 the timers. inet_csk_clear_xmit_timers() can be called from any context, including when socket lock is held. This is the reason it uses sk_stop_timer(), aka del_timer(). This means that ongoing timers might finish much later. For user sockets, this is fine because each running timer holds a reference on the socket, and the user socket holds a reference on the netns. For kernel sockets, we risk that the netns is freed before timer can complete, because kernel sockets do not hold reference on the netns. This patch adds inet_csk_clear_xmit_timers_sync() function that using sk_stop_timer_sync() to make sure all timers are terminated before the kernel socket is released. Modules using kernel sockets close them in their netns exit() handler. Also add sock_not_owned_by_me() helper to get LOCKDEP support : inet_csk_clear_xmit_timers_sync() must not be called while socket lock is held. It is very possible we can revert in the future commit 3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\") which attempted to solve the issue in rds only. (net/smc/af_smc.c and net/mptcp/subflow.c have similar code) We probably can remove the check_net() tests from tcp_out_of_resources() and __tcp_close() in the future.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-35915",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35915"
},
{
"cve": "CVE-2024-35922",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "fbmon: prevent division by zero in fb_videomode_from_videomode()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35922"
},
{
"cve": "CVE-2024-35925",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "block: prevent division by zero in blk_rq_stat_sum()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35925"
},
{
"cve": "CVE-2024-35930",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35930"
},
{
"cve": "CVE-2024-35933",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: btintel: Fix null ptr deref in btintel_read_version",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35933"
},
{
"cve": "CVE-2024-35934",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35934"
},
{
"cve": "CVE-2024-35935",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "btrfs: send: handle path ref underflow in header iterate_inode_ref()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35935"
},
{
"cve": "CVE-2024-35936",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "summary",
"text": "btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35936"
},
{
"cve": "CVE-2024-35940",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "pstore/zone: Add a null pointer check to the psz_kmsg_read",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35940"
},
{
"cve": "CVE-2024-35944",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35944"
},
{
"cve": "CVE-2024-35950",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "drm/client: Fully protect modes with dev-\u003emode_config.mutex",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-35955",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "kprobes: Fix possible use-after-free issue on kprobe registration",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35958",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "net: ena: Fix incorrect descriptor free behavior",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35958"
},
{
"cve": "CVE-2024-35960",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "net/mlx5: Properly link new fs rules into the tree",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35960"
},
{
"cve": "CVE-2024-35962",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"notes": [
{
"category": "summary",
"text": "netfilter: complete validation of user input",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35962"
},
{
"cve": "CVE-2024-35965",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: L2CAP: Fix not validating setsockopt user input\r\n\r\nCheck user input length before copying data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35965"
},
{
"cve": "CVE-2024-35966",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: RFCOMM: Fix not validating setsockopt user input",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35966"
},
{
"cve": "CVE-2024-35967",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: SCO: Fix not validating setsockopt user input",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35967"
},
{
"cve": "CVE-2024-35969",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35973",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "geneve: fix header validation in geneve_xmit_skb",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35973"
},
{
"cve": "CVE-2024-35976",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "xsk: validate user input for XDP_UMEM|COMPLETION_FILL_RING",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35976"
},
{
"cve": "CVE-2024-35978",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: Fix memory leak in hci_req_sync_complete()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35978"
},
{
"cve": "CVE-2024-35982",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "batman-adv: Avoid infinite loop trying to resize local TT",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35982"
},
{
"cve": "CVE-2024-35983",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35983"
},
{
"cve": "CVE-2024-35984",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "i2c: smbus: fix NULL function pointer dereference",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35984"
},
{
"cve": "CVE-2024-35988",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "riscv: Fix TASK_SIZE on 64-bit NOMMU. On NOMMU, userspace memory can come from anywhere in physical RAM. The current definition of TASK_SIZE is wrong if any RAM exists above 4G,\r\ncausing spurious failures in the userspace access routines.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35988"
},
{
"cve": "CVE-2024-35990",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "dma: xilinx_dpdma: Fix locking",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35990"
},
{
"cve": "CVE-2024-35996",
"cwe": {
"id": "CWE-655",
"name": "Insufficient Psychological Acceptability"
},
"notes": [
{
"category": "summary",
"text": "cpu: Re-enable CPU mitigations by default for !X86 architectures",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35996"
},
{
"cve": "CVE-2024-35997",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-35997"
},
{
"cve": "CVE-2024-36004",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "summary",
"text": "i40e: Do not use WQ_MEM_RECLAIM flag for workqueue",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36004"
},
{
"cve": "CVE-2024-36005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: nf_tables: honor table dormant flag from netdev release event path",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36005"
},
{
"cve": "CVE-2024-36006",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmlxsw: spectrum_acl_tcam: Fix incorrect list API usage",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36006"
},
{
"cve": "CVE-2024-36007",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmlxsw: spectrum_acl_tcam: Fix warning during rehash\r\n\r\nAs previously explained, the rehash delayed work migrates filters from\r\none region to another. This is done by iterating over all chunks (all\r\nthe filters with the same priority) in the region and in each chunk\r\niterating over all the filters.\r\n\r\nWhen the work runs out of credits it stores the current chunk and entry\r\nas markers in the per-work context so that it would know where to resume\r\nthe migration from the next time the work is scheduled.\r\n\r\nUpon error, the chunk marker is reset to NULL, but without resetting the\r\nentry markers despite being relative to it. This can result in migration\r\nbeing resumed from an entry that does not belong to the chunk being\r\nmigrated. In turn, this will eventually lead to a chunk being iterated\r\nover as if it is an entry. Because of how the two structures happen to\r\nbe defined, this does not lead to KASAN splats, but to warnings such as.\r\n\r\nFix by creating a helper that resets all the markers and call it from\r\nall the places the currently only reset the chunk marker. For good\r\nmeasures also call it when starting a completely new rehash. Add a\r\nwarning to avoid future cases.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36007"
},
{
"cve": "CVE-2024-36008",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv4: check for NULL idev in ip_route_use_hint()\r\n\r\nsyzbot was able to trigger a NULL deref in fib_validate_source()\r\nin an old tree.\r\n\r\nIt appears the bug exists in latest trees.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36008"
},
{
"cve": "CVE-2024-36020",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ni40e: fix vf may be used uninitialized in this function warning\r\n\r\nTo fix the regression introduced by commit 52424f974bc5, which causes\r\nservers hang in very hard to reproduce conditions with resets races.\r\nUsing two sources for the information is the root cause.\r\nIn this function before the fix bumping v didn\u0027t mean bumping vf\r\npointer. But the code used this variables interchangeably, so stale vf\r\ncould point to different/not intended vf.\r\n\r\nRemove redundant \"v\" variable and iterate via single VF pointer across\r\nwhole function instead to guarantee VF pointer validity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36020"
},
{
"cve": "CVE-2024-36270",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36270"
},
{
"cve": "CVE-2024-36286",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36286"
},
{
"cve": "CVE-2024-36288",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "SUNRPC: Fix loop termination condition in gss_free_in_token_pages() The in_token-\u003epages[] array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range [0x04a2013400000008-0x04a201340000000f].",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36288"
},
{
"cve": "CVE-2024-36484",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36484"
},
{
"cve": "CVE-2024-36489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tls: missing memory barrier in tls_init. In tls_init(), a write memory barrier is missing, and store-store reordering may cause NULL dereference in tls_{setsockopt,getsockopt}.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36489"
},
{
"cve": "CVE-2024-36894",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36894"
},
{
"cve": "CVE-2024-36899",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\r\n\r\nThe use-after-free issue occurs as follows: when the GPIO chip device file\r\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\r\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\r\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\r\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\r\nread rwsem. Consequently, a race condition leads to the use-after-free of\r\nwatched_lines.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36902",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() syzbot is able to trigger the following crash [1], caused by unsafe ip6_dst_idev() use. Indeed ip6_dst_idev() can return NULL, and must always be checked.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36902"
},
{
"cve": "CVE-2024-36904",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36905",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36905"
},
{
"cve": "CVE-2024-36916",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg-\u003edelay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. [ 186.556576] ------------[ cut here ]------------ UBSAN: shift-out-of-bounds in block/blk-iocost.c:1366:23 shift exponent 64 is too large for 64-bit type \u0027u64\u0027 (aka \u0027unsigned long long\u0027) CPU: 16 PID: 0 Comm: swapper/16 Tainted: G S E N 6.9.0-0_fbk700_debug_rc2_kbuilder_0_gc85af715cac0 #1 Hardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A23 12/08/2020 Call Trace: \u003cIRQ\u003e dump_stack_lvl+0x8f/0xe0 __ubsan_handle_shift_out_of_bounds+0x22c/0x280 iocg_kick_delay+0x30b/0x310 ioc_timer_fn+0x2fb/0x1f80 __run_timer_base+0x1b6/0x250 ... Avoid that undefined behavior by simply taking the \"delay = 0\" branch if the shift is too large. I am not sure what the symptoms of an undefined value delay will be, but I suspect it could be more than a little annoying to debug.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36916"
},
{
"cve": "CVE-2024-36929",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: core: reject skb_copy(_expand) for fraglist GSO skbs SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skb_copy or skb_copy_expand, in order to prevent a crash on a potential later call to skb_gso_segment.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36929"
},
{
"cve": "CVE-2024-36939",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpc_proc_register() in nfs_net_init(). syzkaller reported a warning [0] triggered while destroying immature netns. rpc_proc_register() was called in init_nfs_fs(), but its error has been ignored since at least the initial commit 1da177e4c3f4 (\"Linux-2.6.12-rc2\"). Recently, commit d47151b79e32 (\"nfs: expose /proc/net/sunrpc/nfs in net namespaces\") converted the procfs to per-netns and made the problem more visible. Even when rpc_proc_register() fails, nfs_net_init() could succeed, and thus nfs_net_exit() will be called while destroying the netns. Then, remove_proc_entry() will be called for non-existing proc directory and trigger the warning below. Let\u0027s handle the error of rpc_proc_register() properly in nfs_net_init(). [0]: name \u0027nfs\u0027 WARNING: CPU: 1 PID: 1710 at fs/proc/generic.c:711 remove_proc_entry+0x1bb/0x2d0 fs/proc/generic.c:711 Modules linked in: CPU: 1 PID: 1710 Comm: syz-executor.2 Not tainted 6.8.0-12822-gcd51db110a7e #12 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:remove_proc_entry+0x1bb/0x2d0 fs/proc/generic.c:711 Code: 41 5d 41 5e c3 e8 85 09 b5 ff 48 c7 c7 88 58 64 86 e8 09 0e 71 02 e8 74 09 b5 ff 4c 89 e6 48 c7 c7 de 1b 80 84 e8 c5 ad 97 ff \u003c0f\u003e 0b eb b1 e8 5c 09 b5 ff 48 c7 c7 88 58 64 86 e8 e0 0d 71 02 eb RSP: 0018:ffffc9000c6d7ce0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: ffff8880422b8b00 RCX: ffffffff8110503c RDX: ffff888030652f00 RSI: ffffffff81105045 RDI: 0000000000000001 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: ffffffff81bb62cb R12: ffffffff84807ffc R13: ffff88804ad6fcc0 R14: ffffffff84807ffc R15: ffffffff85741ff8 FS: 00007f30cfba8640(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ff51afe8000 CR3: 000000005a60a005 CR4: 0000000000770ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: \u003cTASK\u003e rpc_proc_unregister+0x64/0x70 net/sunrpc/stats.c:310 nfs_net_exit+0x1c/0x30 fs/nfs/inode.c:2438 ops_exit_list+0x62/0xb0 net/core/net_namespace.c:170 setup_net+0x46c/0x660 net/core/net_namespace.c:372 copy_net_ns+0x244/0x590 net/core/net_namespace.c:505 create_new_namespaces+0x2ed/0x770 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0xae/0x160 kernel/nsproxy.c:228 ksys_unshare+0x342/0x760 kernel/fork.c:3322 __do_sys_unshare kernel/fork.c:3393 [inline] __se_sys_unshare kernel/fork.c:3391 [inline] __x64_sys_unshare+0x1f/0x30 kernel/fork.c:3391 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x4f/0x110 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x46/0x4e RIP: 0033:0x7f30d0febe5d Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48 RSP: 002b:00007f30cfba7cc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00000000004bbf80 RCX: 00007f30d0febe5d RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c020600 RBP: 00000000004bbf80 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 R13: 000000000000000b R14: 00007f30d104c530 R15: 0000000000000000 \u003c/TASK\u003e",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36939"
},
{
"cve": "CVE-2024-36940",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The \"pctldev\" struct is allocated in devm_pinctrl_register_and_init(). It\u0027s a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freeing it in pinctrl_enable() will lead to a double free. The devm_pinctrl_dev_release() function frees the pindescs and destroys the mutex as well.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36940"
},
{
"cve": "CVE-2024-36959",
"cwe": {
"id": "CWE-668",
"name": "Exposure of Resource to Wrong Sphere"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping operation, here we call it directly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36959"
},
{
"cve": "CVE-2024-36974",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP. If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the kernel, the second time taprio_change() is called. First call (with valid attributes) sets dev-\u003enum_tc to a non zero value. Second call (with arbitrary mqprio attributes) returns early from taprio_parse_mqprio_opt() and bad things can happen.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36974"
},
{
"cve": "CVE-2024-36978",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: sched: sch_multiq: possible OOB write in multiq_tune() q-\u003ebands will be assigned to qopt-\u003ebands to execute subsequent code logic after kmalloc. So the old q-\u003ebands should not be used in kmalloc. Otherwise, an out-of-bounds write will occur.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-36978"
},
{
"cve": "CVE-2024-37356",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-37356"
},
{
"cve": "CVE-2024-38381",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfc: nci: Fix uninit-value in nci_rx_work syzbot reported the following uninit-value access issue [1] nci_rx_work() parses received packet from ndev-\u003erx_q. It should be validated header size, payload size and total packet size before processing the packet. If an invalid packet is detected, it should be silently discarded.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38381"
},
{
"cve": "CVE-2024-38547",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "media: atomisp: ssh_css: null-pointer dereference in load_video_binaries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38547"
},
{
"cve": "CVE-2024-38552",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color transformation function. The issue could occur when the index \u0027i\u0027 exceeds the number of transfer function points (TRANSFER_FUNC_POINTS). The fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the transfer function points. If \u0027i\u0027 is out of bounds, an error message is logged and the function returns false to indicate an error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38552"
},
{
"cve": "CVE-2024-38558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. - OVS_PACKET_ATTR_PACKET - Binary packet content. - OVS_PACKET_ATTR_ACTIONS - Actions to execute on the packet. OVS_PACKET_ATTR_KEY is parsed first to populate sw_flow_key structure with the metadata like conntrack state, input port, recirculation id, etc.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38558"
},
{
"cve": "CVE-2024-38559",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don\u0027t ensure that the string is terminated inside the buffer, this can lead to OOB read when using kstrtouint.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38559"
},
{
"cve": "CVE-2024-38560",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38560"
},
{
"cve": "CVE-2024-38565",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: ar5523: enable proper endpoint verification Syzkaller reports [1] hitting a warning about an endpoint in use not having an expected type to it. Fix the issue by checking for the existence of all proper endpoints with their according types intact. Sadly, this patch has not been tested on real hardware.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38565"
},
{
"cve": "CVE-2024-38567",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a specific 4th endpoint, since it can switch types between bulk and interrupt, other endpoints are trusted implicitly. Similar warning is triggered in a couple of other syzbot issues [2].",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38567"
},
{
"cve": "CVE-2024-38578",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ecryptfs: Fix buffer size for tag 66 packet The \u0027TAG 66 Packet Format\u0027 description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 bytes too small and write_tag_66_packet() will write up to 3 bytes past the end of the buffer. Fix this by increasing the size of the allocation so the whole packet will always fit in the buffer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38578"
},
{
"cve": "CVE-2024-38579",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38579"
},
{
"cve": "CVE-2024-38587",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nspeakup: Fix sizeof() vs ARRAY_SIZE() bug\r\n\r\nThe \"buf\" pointer is an array of u16 values. This code should be\r\nusing ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512),\r\notherwise it can the still got out of bounds.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38587"
},
{
"cve": "CVE-2024-38589",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netrom: fix possible dead-lock in nr_rt_ioctl() syzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1] Make sure we always acquire nr_node_list_lock before nr_node_lock(nr_node).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38589"
},
{
"cve": "CVE-2024-38596",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38596"
},
{
"cve": "CVE-2024-38598",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38598"
},
{
"cve": "CVE-2024-38599",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the xattr nodes aren\u0027t split into parts and spread across multiple eraseblocks, which means that a xattr node must not occupy more than one eraseblock. If the requested xattr value is too large, the xattr node can spill onto the next eraseblock, overwriting the nodes and causing errors.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38599"
},
{
"cve": "CVE-2024-38612",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn\u0027t called. This issue exist since commit 46738b1317e1 (\"ipv6: sr: add option to control lwtunnel support\"), and commit 5559cea2d5aa (\"ipv6: sr: fix possible use-after-free and null-ptr-deref\") replaced unregister_pernet_subsys() with genl_unregister_family() in this error path.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38612"
},
{
"cve": "CVE-2024-38615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "cpufreq: exit() callback is optional The exit() callback is optional and shouldn\u0027t be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn\u0027t present.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38615"
},
{
"cve": "CVE-2024-38619",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb-storage: alauda: Check whether the media is initialized. The member \"uzonesize\" of struct alauda_info will remain 0 if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and alauda_write_lba().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38619"
},
{
"cve": "CVE-2024-38635",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "soundwire: cadence: invalid PDI offset.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38635"
},
{
"cve": "CVE-2024-38659",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX. These attributes are validated (in the function do_setlink in rtnetlink.c) using the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE as NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and IFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation using the policy is for the max size of the attributes and not on exact size so the length of these attributes might be less than the sizes that enic_set_vf_port expects. This might cause an out of bands read access in the memcpys of the data of these attributes in enic_set_vf_port.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38659"
},
{
"cve": "CVE-2024-38662",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Allow delete from sockmap/sockhash only if update is allowed. We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a map_delete on a sockmap/sockhash. We don\u0027t intend to support this artificial use scenario. Extend the existing verifier allowed-program-type check for updating sockmap/sockhash to also cover deleting from a map. From now on only BPF programs which were previously allowed to update sockmap/sockhash can delete from these map types.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38662"
},
{
"cve": "CVE-2024-38780",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-38780"
},
{
"cve": "CVE-2024-39468",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "smb: client: Deadlock in smb2_find_smb_tcon().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-39468"
},
{
"cve": "CVE-2024-39482",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bcache: Variable length array abuse in btree_iter.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-39482"
},
{
"cve": "CVE-2024-39489",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it\u0027s going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-39489"
},
{
"cve": "CVE-2024-39493",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - Fix ADF_DEV_RESET_SYNC memory leak\n\nUsing completion_done to determine whether the caller has gone\naway only works after a complete call. Furthermore it\u0027s still\npossible that the caller has not yet called wait_for_completion,\nresulting in another potential UAF.\n\nFix this by making the caller use cancel_work_sync and then freeing\nthe memory safely.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-39493"
},
{
"cve": "CVE-2024-39502",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "ionic: use after netif_napi_del(). When queues are started, netif_napi_add() and napi_enable() are called. If there are 4 queues and only 3 queues are used for the current configuration, only 3 queues\u0027 napi should be registered and enabled. The ionic_qcq_enable() checks whether the .poll pointer is not NULL for enabling only the using queue\u0027 napi. Unused queues\u0027 napi will not be registered by netif_napi_add(), so the .poll pointer indicates NULL. But it couldn\u0027t distinguish whether the napi was unregistered or not because netif_napi_del() doesn\u0027t reset the .poll pointer to NULL. So, ionic_qcq_enable() calls napi_enable() for the queue, which was unregistered by netif_napi_del().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-39502"
},
{
"cve": "CVE-2024-39503",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "netfilter: ipset: race between namespace cleanup and gc in the list:set type. The namespace cleanup can destroy the list:set type of sets while the gc of the set type is waiting to run in rcu cleanup. The latter uses data from the destroyed set which thus leads use after free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-39503"
},
{
"cve": "CVE-2024-39509",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "HID: core: remove unnecessary WARN_ON() in implement(). There is a warning in a call to implement() when trying to write a value into a field of smaller size in an output report. Since implement() already has a warn message printed out with the help of hid_warn() and value in question gets trimmed with: ... value \u0026= m; ... WARN_ON may be considered superfluous.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-39509"
},
{
"cve": "CVE-2024-40905",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv6: possible race in __fib6_drop_pcpu_from().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40905"
},
{
"cve": "CVE-2024-40912",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: mac80211: deadlock in ieee80211_sta_ps_deliver_wakeup().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40912"
},
{
"cve": "CVE-2024-40916",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40916"
},
{
"cve": "CVE-2024-40934",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "summary",
"text": "HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40934"
},
{
"cve": "CVE-2024-40941",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "wifi: iwlwifi: mvm: don\u0027t read past the mfuart notifcation. In case the firmware sends a notification that claims it has more data than it has, it will read past that was allocated for the notification.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40941"
},
{
"cve": "CVE-2024-40942",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"notes": [
{
"category": "summary",
"text": "wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in ieee80211_if_mesh, to keep track of mpath we need to resolve. If the mpath gets deleted, ex mesh interface is removed, the entries in that list will never get cleaned.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40942"
},
{
"cve": "CVE-2024-40945",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"notes": [
{
"category": "summary",
"text": "iommu: Return right value in iommu_sva_bind_device() iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR value in error cases. Existing drivers (idxd and uacce) only check the return value with IS_ERR(). This could potentially lead to a kernel NULL pointer dereference issue if the function returns NULL instead of an error pointer. In reality, this doesn\u0027t cause any problems because iommu_sva_bind_device() only returns NULL when the kernel is not configured with CONFIG_IOMMU_SVA.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40945"
},
{
"cve": "CVE-2024-40958",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "netns: Make get_net_ns() handle zero refcount net Syzkaller hit a warning: refcount_t: addition on 0; use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40958"
},
{
"cve": "CVE-2024-40959",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40959"
},
{
"cve": "CVE-2024-40960",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ipv6: prevent possible NULL dereference in rt6_probe() syzbot caught a NULL dereference in rt6_probe() [1] Bail out if __in6_dev_get() returns NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40960"
},
{
"cve": "CVE-2024-40961",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ipv6: prevent possible NULL deref in fib6_nh_init() syzbot reminds us that in6_dev_get() can return NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40961"
},
{
"cve": "CVE-2024-40971",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "f2fs: remove clear SB_INLINECRYPT flag in default_options In f2fs_remount, SB_INLINECRYPT flag will be clear and re-set. If create new file or open file during this gap, these files will not use inlinecrypt. Worse case, it may lead to data corruption if wrappedkey_v0 is enable.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40971"
},
{
"cve": "CVE-2024-40978",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "scsi: qedi: crash while reading debugfs attribute. The qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly on a __user pointer, which results into the crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40978"
},
{
"cve": "CVE-2024-40980",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "drop_monitor: replace spin_lock by raw_spin_lock trace_drop_common() is called with preemption disabled, and it acquires a spin_lock. This is problematic for RT kernels because spin_locks are sleeping locks in this configuration, which causes the following splat.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40980"
},
{
"cve": "CVE-2024-40984",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ACPICA: Revert \"ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\"",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40984"
},
{
"cve": "CVE-2024-40993",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: ipset: suspicious rcu_dereference_protected().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40993"
},
{
"cve": "CVE-2024-40995",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/sched: act_api: possible infinite loop in tcf_idr_check_alloc().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-40995"
},
{
"cve": "CVE-2024-41000",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-41000"
},
{
"cve": "CVE-2024-41004",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (get a reference) those event file reference in module init function, and unlock and delete it in module exit function. This is because those are designed for playing as modules. If we make those modules as built-in, those events are left locked in the kernel, and never be removed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-41004"
},
{
"cve": "CVE-2024-41005",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "netpoll: race condition in netpoll_owner_active KCSAN detected a race condition in netpoll.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41006",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "summary",
"text": "netrom: a memory leak in nr_heartbeat_expiry().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-41006"
},
{
"cve": "CVE-2024-41016",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()\r\n\r\nxattr in ocfs2 maybe \u0027non-indexed\u0027, which saved with additional space requested. It\u0027s better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-41016"
},
{
"cve": "CVE-2024-41996",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-41996"
},
{
"cve": "CVE-2024-42070",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42070"
},
{
"cve": "CVE-2024-42082",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "xdp: unused WARN() in __xdp_reg_mem_model().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42082"
},
{
"cve": "CVE-2024-42090",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "summary",
"text": "pinctrl: deadlock in create_pinctrl() when handling -EPROBE_DEFER. In create_pinctrl(), pinctrl_maps_mutex is acquired before calling add_setting(). If add_setting() returns -EPROBE_DEFER, create_pinctrl() calls pinctrl_free(). However, pinctrl_free() attempts to acquire pinctrl_maps_mutex, which is already held by create_pinctrl(), leading to a potential deadlock.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42090"
},
{
"cve": "CVE-2024-42093",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/dpaa2: explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack can cause potential stack overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42093"
},
{
"cve": "CVE-2024-42094",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/iucv: explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack can cause potential stack overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42094"
},
{
"cve": "CVE-2024-42096",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profile_pc().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42096"
},
{
"cve": "CVE-2024-42097",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A missed validation vulnerability in the Linux Kernel\u0027s MIDI sequencer and router support functionality could allow a local user to crash the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42097"
},
{
"cve": "CVE-2024-42114",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42114"
},
{
"cve": "CVE-2024-42259",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/i915/gem: Fix Virtual Memory mapping boundaries calculation\r\n\r\nCalculating the size of the mapped area as the lesser value\r\nbetween the requested size and the actual size does not consider\r\nthe partial mapping offset. This can cause page fault access.\r\n\r\nFix the calculation of the starting and ending addresses, the\r\ntotal size is now deduced from the difference between the end and\r\nstart addresses.\r\n\r\nAdditionally, the calculations have been rewritten in a clearer\r\nand more understandable form.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42259"
},
{
"cve": "CVE-2024-42265",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nprotect the fetch of -\u003efd[fd] in do_dup2() from mispredictions\r\n\r\nboth callers have verified that fd is not greater than -\u003emax_fds;\r\nhowever, misprediction might end up with\r\n tofree = fdt-\u003efd[fd];\r\nbeing speculatively executed. That\u0027s wrong for the same reasons\r\nwhy it\u0027s wrong in close_fd()/file_close_fd_locked(); the same\r\nsolution applies - array_index_nospec(fd, fdt-\u003emax_fds) could differ\r\nfrom fd only in case of speculative execution on mispredicted path.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42265"
},
{
"cve": "CVE-2024-42272",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "sched: act_ct: take care of padding in struct zones_ht_key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42272"
},
{
"cve": "CVE-2024-42276",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnvme-pci: add missing condition check for existence of mapped data\r\n\r\nnvme_map_data() is called when request has physical segments, hence\r\nthe nvme_unmap_data() should have same condition to avoid dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42276"
},
{
"cve": "CVE-2024-42281",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbpf: Fix a segment issue when downgrading gso_size\r\n\r\nLinearize the skb when downgrading gso_size because it may trigger a\r\nBUG_ON() later when the skb is segmented as described in [1,2].",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42281"
},
{
"cve": "CVE-2024-42283",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nexthop: Initialize all fields in dumped nexthops\n\nstruct nexthop_grp contains two reserved fields that are not initialized by\nnla_put_nh_group(), and carry garbage. This can be observed e.g. with\nstrace (edited for clarity):\n\n # ip nexthop add id 1 dev lo\n # ip nexthop add id 101 group 1\n # strace -e recvmsg ip nexthop get id 101\n ...\n recvmsg(... [{nla_len=12, nla_type=NHA_GROUP},\n [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52\n\nThe fields are reserved and therefore not currently used. But as they are, they\nleak kernel memory, and the fact they are not just zero complicates repurposing\nof the fields for new ends. Initialize the full structure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42283"
},
{
"cve": "CVE-2024-42292",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nkobject_uevent: Fix OOB access within zap_modalias_env()\r\n\r\nzap_modalias_env() wrongly calculates size of memory block to move, so\r\nwill cause OOB memory access issue if variable MODALIAS is not the last\r\none within its @env parameter, fixed by correcting size to memmove.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42292"
},
{
"cve": "CVE-2024-42302",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/DPC: Fix use-after-free on concurrent DPC and hot-removal\n\nKeith reports a use-after-free when a DPC event occurs concurrently to\nhot-removal of the same portion of the hierarchy:\n\nThe dpc_handler() awaits readiness of the secondary bus below the\nDownstream Port where the DPC event occurred. To do so, it polls the\nconfig space of the first child device on the secondary bus. If that\nchild device is concurrently removed, accesses to its struct pci_dev\ncause the kernel to oops.\n\nThat\u0027s because pci_bridge_wait_for_secondary_bus() neglects to hold a\nreference on the child device. Before v6.3, the function was only\ncalled on resume from system sleep or on runtime resume. Holding a\nreference wasn\u0027t necessary back then because the pciehp IRQ thread\ncould never run concurrently. (On resume from system sleep, IRQs are\nnot enabled until after the resume_noirq phase. And runtime resume is\nalways awaited before a PCI device is removed.)\n\nHowever starting with v6.3, pci_bridge_wait_for_secondary_bus() is also\ncalled on a DPC event. Commit 53b54ad074de (\"PCI/DPC: Await readiness\nof secondary bus after reset\"), which introduced that, failed to\nappreciate that pci_bridge_wait_for_secondary_bus() now needs to hold a\nreference on the child device because dpc_handler() and pciehp may\nindeed run concurrently. The commit was backported to v5.10+ stable\nkernels, so that\u0027s the oldest one affected.\n\nAdd the missing reference acquisition.\n\nAbridged stack trace:\n\n BUG: unable to handle page fault for address: 00000000091400c0\n CPU: 15 PID: 2464 Comm: irq/53-pcie-dpc 6.9.0\n RIP: pci_bus_read_config_dword+0x17/0x50\n pci_dev_wait()\n pci_bridge_wait_for_secondary_bus()\n dpc_reset_link()\n pcie_do_recovery()\n dpc_handler()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42302"
},
{
"cve": "CVE-2024-42304",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: make sure the first directory block is not a hole",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42304"
},
{
"cve": "CVE-2024-42305",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: check dot and dotdot of dx_root before making dir indexed",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42305"
},
{
"cve": "CVE-2024-42306",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nudf: Avoid using corrupted block bitmap buffer",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42306"
},
{
"cve": "CVE-2024-42312",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsysctl: always initialize i_uid/i_gid\r\n\r\nAlways initialize i_uid/i_gid inside the sysfs core so set_ownership()\r\ncan safely skip setting them.\r\n\r\nCommit 5ec27ec735ba (\"fs/proc/proc_sysctl.c: fix the default values of\r\ni_uid/i_gid on /proc/sys inodes.\") added defaults for i_uid/i_gid when\r\nset_ownership() was not implemented. It also missed adjusting\r\nnet_ctl_set_ownership() to use the same default values in case the\r\ncomputation of a better value failed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-42312"
},
{
"cve": "CVE-2024-43828",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix infinite loop when replaying fast_commit\n\nWhen doing fast_commit replay an infinite loop may occur due to an\nuninitialized extent_status struct. ext4_ext_determine_insert_hole() does\nnot detect the replay and calls ext4_es_find_extent_range(), which will\nreturn immediately without initializing the \u0027es\u0027 variable.\n\nBecause \u0027es\u0027 contains garbage, an integer overflow may happen causing an\ninfinite loop in this function, easily reproducible using fstest generic/039.\n\nThis commit fixes this issue by unconditionally initializing the structure\nin function ext4_es_find_extent_range().\n\nThanks to Zhang Yi, for figuring out the real problem!",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43828"
},
{
"cve": "CVE-2024-43830",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nleds: trigger: Unregister sysfs attributes before calling deactivate()\r\n\r\nTriggers which have trigger specific sysfs attributes typically store\r\nrelated data in trigger-data allocated by the activate() callback and\r\nfreed by the deactivate() callback.\r\n\r\nCalling device_remove_groups() after calling deactivate() leaves a window\r\nwhere the sysfs attributes show/store functions could be called after\r\ndeactivation and then operate on the just freed trigger-data.\r\n\r\nMove the device_remove_groups() call to before deactivate() to close\r\nthis race window.\r\n\r\nThis also makes the deactivation path properly do things in reverse order\r\nof the activation path which calls the activate() callback before calling\r\ndevice_add_groups().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43830"
},
{
"cve": "CVE-2024-43834",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nxdp: fix invalid wait context of page_pool_destroy()\r\n\r\nIf the driver uses a page pool, it creates a page pool with\r\npage_pool_create().\r\nThe reference count of page pool is 1 as default.\r\nA page pool will be destroyed only when a reference count reaches 0.\r\npage_pool_destroy() is used to destroy page pool, it decreases a\r\nreference count.\r\nWhen a page pool is destroyed, -\u003edisconnect() is called, which is\r\nmem_allocator_disconnect().\r\nThis function internally acquires mutex_lock().\r\n\r\nIf the driver uses XDP, it registers a memory model with\r\nxdp_rxq_info_reg_mem_model().\r\nThe xdp_rxq_info_reg_mem_model() internally increases a page pool\r\nreference count if a memory model is a page pool.\r\nNow the reference count is 2.\r\n\r\nTo destroy a page pool, the driver should call both page_pool_destroy()\r\nand xdp_unreg_mem_model().\r\nThe xdp_unreg_mem_model() internally calls page_pool_destroy().\r\nOnly page_pool_destroy() decreases a reference count.\r\n\r\nIf a driver calls page_pool_destroy() then xdp_unreg_mem_model(), we\r\nwill face an invalid wait context warning.\r\nBecause xdp_unreg_mem_model() calls page_pool_destroy() with\r\nrcu_read_lock().\r\nThe page_pool_destroy() internally acquires mutex_lock().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43834"
},
{
"cve": "CVE-2024-43856",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma: fix call order in dmam_free_coherent\n\ndmam_free_coherent() frees a DMA allocation, which makes the\nfreed vaddr available for reuse, then calls devres_destroy()\nto remove and free the data structure used to track the DMA\nallocation. Between the two calls, it is possible for a\nconcurrent task to make an allocation with the same vaddr\nand add it to the devres list.\n\nIf this happens, there will be two entries in the devres list\nwith the same vaddr and devres_destroy() can free the wrong\nentry, triggering the WARN_ON() in dmam_match.\n\nFix by destroying the devres entry before freeing the DMA\nallocation.\n\n kokonut //net/encryption\n http://sponge2/b9145fe6-0f72-4325-ac2f-a84d81075b03",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43856"
},
{
"cve": "CVE-2024-43858",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix array-index-out-of-bounds in diFree",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43858"
},
{
"cve": "CVE-2024-43871",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_release() instead of devres_destroy() within devm_free_percpu().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43871"
},
{
"cve": "CVE-2024-43879",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: cfg80211: Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in cfg80211_calculate_bitrate_he(), leading to warning.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43879"
},
{
"cve": "CVE-2024-43882",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "exec: the execution may gain unintended privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43882"
},
{
"cve": "CVE-2024-43889",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "padata: vulnerability due to a possible divide-by-zero error in padata_mt_helper() during bootup, caused by an uninitialized chunk_size being zero.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43889"
},
{
"cve": "CVE-2024-43890",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tracing: vulnerability due to an overflow in get_free_elt(), which could lead to infinite loops and CPU hangs when the tracing map becomes full.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43890"
},
{
"cve": "CVE-2024-43893",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "serial: core: vulnerability due to a missing check for uartclk being zero, leading to a potential divide-by-zero error when calling ioctl TIOCSSERIAL with an invalid baud_base.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-43893"
},
{
"cve": "CVE-2024-44935",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "sctp: Fix null-ptr-deref in reuseport_add_sock(). A Null Pointer Dereference in reuseport_add_sock() while accessing sk2-\u003esk_reuseport_cb . The repro first creates a listener with SO_REUSEPORT. Then, it creates another listener on the same port and concurrently closes the first listener. The second listen() calls reuseport_add_sock() with the first listener as sk2, where sk2-\u003esk_reuseport_cb is not expected to be cleared concurrently, but the close() does clear it by reuseport_detach_sock().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-44935"
},
{
"cve": "CVE-2024-44944",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-44944"
},
{
"cve": "CVE-2024-44948",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nx86/mtrr: Check if fixed MTRRs exist before saving them\r\n\r\nMTRRs have an obsolete fixed variant for fine grained caching control\r\nof the 640K-1MB region that uses separate MSRs. This fixed variant has\r\na separate capability bit in the MTRR capability MSR.\r\n\r\nSo far all x86 CPUs which support MTRR have this separate bit set, so it\r\nwent unnoticed that mtrr_save_state() does not check the capability bit\r\nbefore accessing the fixed MTRR MSRs.\r\n\r\nThough on a CPU that does not support the fixed MTRR capability this\r\nresults in a #GP. The #GP itself is harmless because the RDMSR fault is\r\nhandled gracefully, but results in a WARN_ON().\r\n\r\nAdd the missing capability check to prevent this.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-44948"
},
{
"cve": "CVE-2024-44960",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: gadget: core: Check for unset descriptor. It needs to be reassured that the descriptor has been set before looking at maxpacket. This fixes a null pointer panic in this case. This may happen if the gadget doesn\u0027t properly set up the endpoint for the current speed, or the gadget descriptors are malformed and the descriptor for the speed/endpoint are not found. No current gadget driver is known to have this problem, but this may cause a hard-to-find bug during development of new gadgets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-44960"
},
{
"cve": "CVE-2024-44987",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-44987"
},
{
"cve": "CVE-2024-44989",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm real_dev null pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-44989"
},
{
"cve": "CVE-2024-44990",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok We must check if there is an active slave before dereferencing the pointer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-44990"
},
{
"cve": "CVE-2024-45016",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-45018",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-45018"
},
{
"cve": "CVE-2024-46679",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-46679"
},
{
"cve": "CVE-2024-46743",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-46743"
},
{
"cve": "CVE-2024-46744",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-46744"
},
{
"cve": "CVE-2024-46745",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in input_mt_init_slots(). While this allocation failure is handled properly and request is rejected, it results in syzkaller reports. Additionally, such request may put undue burden on the system which will try to free a lot of memory for a bogus request. Fix it by limiting allowed number of slots to 100. This can easily be extended if we see devices that can track more than 100 contacts.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-46745"
},
{
"cve": "CVE-2024-46750",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-46750"
},
{
"cve": "CVE-2024-46759",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-46759"
},
{
"cve": "CVE-2024-46783",
"cwe": {
"id": "CWE-229",
"name": "Improper Handling of Values"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-46783"
},
{
"cve": "CVE-2024-46854",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: dpaa: Pad packets to ETH_ZLEN\r\n\r\nWhen sending packets under 60 bytes, up to three bytes of the buffer following the data may be leaked. Avoid this by extending all packets to ETH_ZLEN, ensuring nothing is leaked in the padding. This bug can be reproduced by running\r\n\r\n\t$ ping -s 11 destination",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-46854"
},
{
"cve": "CVE-2024-46865",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfou: fix initialization of grc\r\nThe grc must be initialize first. There can be a condition where if fou is NULL, goto out will be executed and grc would be used uninitialized.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-46865"
},
{
"cve": "CVE-2024-47660",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily In some setups directories can have many (usually negative) dentries. Hence __fsnotify_update_child_dentry_flags() function can take a significant amount of time. Since the bulk of this function happens under inode-\u003ei_lock this causes a significant contention on the lock when we remove the watch from the directory as the __fsnotify_update_child_dentry_flags() call from fsnotify_recalc_mask() races with __fsnotify_update_child_dentry_flags() calls from __fsnotify_parent() happening on children. This can lead upto softlockup reports reported by users. Fix the problem by calling fsnotify_update_children_dentry_flags() to set PARENT_WATCHED flags only when parent starts watching children. When parent stops watching children, clear false positive PARENT_WATCHED flags lazily in __fsnotify_parent() for each accessed child.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47660"
},
{
"cve": "CVE-2024-47672",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: iwlwifi: mvm: don\u0027t wait for tx queues if firmware is dead\r\n\r\nThere is a WARNING in iwl_trans_wait_tx_queues_empty() (that was recently converted from just a message), that can be hit if we wait for TX queues to become empty after firmware died. Clearly, we can\u0027t expect anything from the firmware after it\u0027s declared dead.\r\n\r\nDon\u0027t call iwl_trans_wait_tx_queues_empty() in this case. While it could be a good idea to stop the flow earlier, the flush functions do some maintenance work that is not related to the firmware, so keep that part of the code running even when the firmware is not running.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47672"
},
{
"cve": "CVE-2024-47684",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: check skb is non-NULL in tcp_rto_delta_us()\r\n\r\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\r\nkernel that are running ceph and recently hit a null ptr dereference in\r\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\r\nsaw it getting hit from the RACK case as well. Here are examples of the oops\r\nmessages we saw in each of those cases:\r\n\r\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\r\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\r\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\r\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\r\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\r\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\r\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\r\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\r\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\r\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\r\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\r\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\r\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\r\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\r\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\r\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\r\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\r\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\r\nJul 26 15:05:02 rx [11061395.919488]\r\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\r\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\r\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\r\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\r\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\r\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\r\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\r\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\r\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\r\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\r\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\r\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\r\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\r\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\r\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\r\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\r\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\r\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\r\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\r\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\r\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\r\n---truncated---",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47684"
},
{
"cve": "CVE-2024-47685",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()\r\n\r\nsyzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th-\u003eres1)\r\n\r\nUse skb_put_zero() to clear the whole TCP header, as done in nf_reject_ip_tcphdr_put()\r\n\r\nBUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\r\n nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\r\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\r\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\r\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\r\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\r\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\r\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\r\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\r\n nf_hook include/linux/netfilter.h:269 [inline]\r\n NF_HOOK include/linux/netfilter.h:312 [inline]\r\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\r\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\r\n __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775\r\n process_backlog+0x4ad/0xa50 net/core/dev.c:6108\r\n __napi_poll+0xe7/0x980 net/core/dev.c:6772\r\n napi_poll net/core/dev.c:6841 [inline]\r\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:6963\r\n handle_softirqs+0x1ce/0x800 kernel/softirq.c:554\r\n __do_softirq+0x14/0x1a kernel/softirq.c:588\r\n do_softirq+0x9a/0x100 kernel/softirq.c:455\r\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:382\r\n local_bh_enable include/linux/bottom_half.h:33 [inline]\r\n rcu_read_unlock_bh include/linux/rcupdate.h:908 [inline]\r\n __dev_queue_xmit+0x2692/0x5610 net/core/dev.c:4450\r\n dev_queue_xmit include/linux/netdevice.h:3105 [inline]\r\n neigh_resolve_output+0x9ca/0xae0 net/core/neighbour.c:1565\r\n neigh_output include/net/neighbour.h:542 [inline]\r\n ip6_finish_output2+0x2347/0x2ba0 net/ipv6/ip6_output.c:141\r\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\r\n ip6_finish_output+0xbb8/0x14b0 net/ipv6/ip6_output.c:226\r\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\r\n ip6_output+0x356/0x620 net/ipv6/ip6_output.c:247\r\n dst_output include/net/dst.h:450 [inline]\r\n NF_HOOK include/linux/netfilter.h:314 [inline]\r\n ip6_xmit+0x1ba6/0x25d0 net/ipv6/ip6_output.c:366\r\n inet6_csk_xmit+0x442/0x530 net/ipv6/inet6_connection_sock.c:135\r\n __tcp_transmit_skb+0x3b07/0x4880 net/ipv4/tcp_output.c:1466\r\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\r\n tcp_connect+0x35b6/0x7130 net/ipv4/tcp_output.c:4143\r\n tcp_v6_connect+0x1bcc/0x1e40 net/ipv6/tcp_ipv6.c:333\r\n __inet_stream_connect+0x2ef/0x1730 net/ipv4/af_inet.c:679\r\n inet_stream_connect+0x6a/0xd0 net/ipv4/af_inet.c:750\r\n __sys_connect_file net/socket.c:2061 [inline]\r\n __sys_connect+0x606/0x690 net/socket.c:2078\r\n __do_sys_connect net/socket.c:2088 [inline]\r\n __se_sys_connect net/socket.c:2085 [inline]\r\n __x64_sys_connect+0x91/0xe0 net/socket.c:2085\r\n x64_sys_call+0x27a5/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:43\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nUninit was stored to memory at:\r\n nf_reject_ip6_tcphdr_put+0x60c/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:249\r\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\r\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\r\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\r\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\r\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\r\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\r\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\r\n nf_hook include/linux/netfilter.h:269 [inline]\r\n NF_HOOK include/linux/netfilter.h:312 [inline]\r\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\r\n __netif_receive_skb_one_core\r\n---truncated---",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47685"
},
{
"cve": "CVE-2024-47692",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfsd: return -EINVAL when namelen is 0\r\nWhen we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdup_user() to return ZERO_SIZE_PTR.\r\nWhen we access the name.data that has been assigned the value of ZERO_SIZE_PTR in nfs4_client_to_reclaim(), null pointer dereference is triggered.\r\n\r\n[ T1205] ==================================================================\r\n[ T1205] BUG: KASAN: null-ptr-deref in nfs4_client_to_reclaim+0xe9/0x260\r\n[ T1205] Read of size 1 at addr 0000000000000010 by task nfsdcld/1205\r\n[ T1205]\r\n[ T1205] CPU: 11 PID: 1205 Comm: nfsdcld Not tainted 5.10.0-00003-g2c1423731b8d #406\r\n[ T1205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014\r\n[ T1205] Call Trace:\r\n[ T1205] dump_stack+0x9a/0xd0\r\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\r\n[ T1205] __kasan_report.cold+0x34/0x84\r\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\r\n[ T1205] kasan_report+0x3a/0x50\r\n[ T1205] nfs4_client_to_reclaim+0xe9/0x260\r\n[ T1205] ? nfsd4_release_lockowner+0x410/0x410\r\n[ T1205] cld_pipe_downcall+0x5ca/0x760\r\n[ T1205] ? nfsd4_cld_tracking_exit+0x1d0/0x1d0\r\n[ T1205] ? down_write_killable_nested+0x170/0x170\r\n[ T1205] ? avc_policy_seqno+0x28/0x40\r\n[ T1205] ? selinux_file_permission+0x1b4/0x1e0\r\n[ T1205] rpc_pipe_write+0x84/0xb0\r\n[ T1205] vfs_write+0x143/0x520\r\n[ T1205] ksys_write+0xc9/0x170\r\n[ T1205] ? __ia32_sys_read+0x50/0x50\r\n[ T1205] ? ktime_get_coarse_real_ts64+0xfe/0x110\r\n[ T1205] ? ktime_get_coarse_real_ts64+0xa2/0x110\r\n[ T1205] do_syscall_64+0x33/0x40\r\n[ T1205] entry_SYSCALL_64_after_hwframe+0x67/0xd1\r\n[ T1205] RIP: 0033:0x7fdbdb761bc7\r\n[ T1205] Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 514\r\n[ T1205] RSP: 002b:00007fff8c4b7248 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\r\n[ T1205] RAX: ffffffffffffffda RBX: 000000000000042b RCX: 00007fdbdb761bc7\r\n[ T1205] RDX: 000000000000042b RSI: 00007fff8c4b75f0 RDI: 0000000000000008\r\n[ T1205] RBP: 00007fdbdb761bb0 R08: 0000000000000000 R09: 0000000000000001\r\n[ T1205] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000042b\r\n[ T1205] R13: 0000000000000008 R14: 00007fff8c4b75f0 R15: 0000000000000000\r\n[ T1205] ==================================================================",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47692"
},
{
"cve": "CVE-2024-47696",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nRDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency\r\n\r\nIn the commit aee2424246f9 (\"RDMA/iwcm: Fix a use-after-free related to destroying CM IDs\"), the function flush_workqueue is invoked to flush the work queue iwcm_wq.\r\n\r\nBut at that time, the work queue iwcm_wq was created via the function alloc_ordered_workqueue without the flag WQ_MEM_RECLAIM.\r\n\r\nBecause the current process is trying to flush the whole iwcm_wq, if iwcm_wq doesn\u0027t have the flag WQ_MEM_RECLAIM, verify that the current process is not reclaiming memory or running on a workqueue which doesn\u0027t have the flag WQ_MEM_RECLAIM as that can break forward-progress guarantee leading to a deadlock.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47696"
},
{
"cve": "CVE-2024-47697",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error\r\n\r\nEnsure index in rtl2830_pid_filter does not exceed 31 to prevent out-of-bounds access.\r\n\r\ndev-\u003efilters is a 32-bit value, so set_bit and clear_bit functions should only operate on indices from 0 to 31. If index is 32, it will attempt to access a non-existent 33rd bit, leading to out-of-bounds access.\r\nChange the boundary check from index \u003e 32 to index \u003e= 32 to resolve this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47697"
},
{
"cve": "CVE-2024-47699",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix potential null-ptr-deref in nilfs_btree_insert()\r\n\r\nPatch series \"nilfs2: fix potential issues with empty b-tree nodes\".\r\n\r\nThis series addresses three potential issues with empty b-tree nodes that can occur with corrupted filesystem images, including one recently discovered by syzbot.\r\n\r\n\r\nThis patch (of 3):\r\n\r\nIf a b-tree is broken on the device, and the b-tree height is greater than 2 (the level of the root node is greater than 1) even if the number of child nodes of the b-tree root is 0, a NULL pointer dereference occurs in nilfs_btree_prepare_insert(), which is called from nilfs_btree_insert().\r\n\r\nThis is because, when the number of child nodes of the b-tree root is 0, nilfs_btree_do_lookup() does not set the block buffer head in any of path[x].bp_bh, leaving it as the initial value of NULL, but if the level of the b-tree root node is greater than 1, nilfs_btree_get_nonroot_node(), which accesses the buffer memory of path[x].bp_bh, is called.\r\n\r\nFix this issue by adding a check to nilfs_btree_root_broken(), which performs sanity checks when reading the root node from the device, to detect this inconsistency.\r\n\r\nThanks to Lizhi Xu for trying to solve the bug and clarifying the cause early on.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47699"
},
{
"cve": "CVE-2024-47701",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-47705",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblock: fix potential invalid pointer dereference in blk_add_partition\r\n\r\nThe blk_add_partition() function initially used a single if-condition (IS_ERR(part)) to check for errors when adding a partition. This was modified to handle the specific case of -ENXIO separately, allowing the function to proceed without logging the error in this case. However, this change unintentionally left a path where md_autodetect_dev() could be called without confirming that part is a valid pointer.\r\n\r\nThis commit separates the error handling logic by splitting the initial if-condition, improving code readability and handling specific error scenarios explicitly. The function now distinguishes the general error case from -ENXIO without altering the existing behavior of md_autodetect_dev() calls.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47705"
},
{
"cve": "CVE-2024-47706",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblock, bfq: fix possible UAF for bfqq-\u003ebic with merge chain\r\n\r\nIn this case, IO from Process 1 will get bfqq2 from BIC1 first, and then\r\nget bfqq3 through merge chain, and finially handle IO by bfqq3.\r\nHowerver, current code will think bfqq2 is owned by BIC1, like initial\r\nstate, and set bfqq2-\u003ebic to BIC1.\r\n\r\nAllocated by task 20776:\r\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\r\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\r\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\r\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\r\n slab_post_alloc_hook mm/slab.h:763 [inline]\r\n slab_alloc_node mm/slub.c:3458 [inline]\r\n kmem_cache_alloc_node+0x1a4/0x6f0 mm/slub.c:3503\r\n ioc_create_icq block/blk-ioc.c:370 [inline]\r\n---truncated---",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47706"
},
{
"cve": "CVE-2024-47707",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ipv6: A NULL dereference vulnerability may occur in rt6_uncached_list_flush_dev() due to the necessary check being removed by a previous commit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47707"
},
{
"cve": "CVE-2024-47709",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "can: bcm: A warning is triggered when connect() is issued again for a socket whose connect()ed device has been unregistered. However, if the socket is just close()d without the 2nd connect(), the remaining bo-\u003ebcm_proc_read triggers unnecessary remove_proc_entry() in bcm_release().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47709"
},
{
"cve": "CVE-2024-47710",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "sock_map: vulnerability result of adding a cond_resched() in sock_hash_free() to prevent CPU soft lockups when destroying maps with a large number of buckets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47710"
},
{
"cve": "CVE-2024-47713",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"notes": [
{
"category": "summary",
"text": "wifi: mac80211: vulnerability caused by implementing a two-phase skb reclamation in ieee80211_do_stop() to avoid warnings and potential issues caused by calling __dev_queue_xmit() with interrupts disabled.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47713"
},
{
"cve": "CVE-2024-47718",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "wifi: rtw88: vulnerability may lead to a use-after-free (UAF) error if firmware loading is not properly synchronized during USB initialization and disconnection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47718"
},
{
"cve": "CVE-2024-47723",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix out-of-bounds in dbNextAG() and diAlloc()\r\n\r\nIn dbNextAG() , there is no check for the case where bmp-\u003edb_numag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should be added in dbMount().\r\n\r\nAnd in dbNextAG(), a check for the case where agpref is greater than bmp-\u003edb_numag should be added, so an out-of-bounds exception should be prevented.\r\n\r\nAdditionally, a check for the case where agno is greater or same than MAXAG should be added in diAlloc() to prevent out-of-bounds.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47723"
},
{
"cve": "CVE-2024-47735",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "RDMA/hns: missuse of spin_lock_irq()/spin_unlock_irq() when spin_lock_irqsave()/spin_lock_irqrestore() was hold.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47735"
},
{
"cve": "CVE-2024-47737",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47737"
},
{
"cve": "CVE-2024-47747",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition. In the ether3_probe function, a timer is initialized with a callback function ether3_ledoff, bound to \u0026prev(dev)-\u003etimer. Once the timer is started, there is a risk of a race condition if the module or device is removed, triggering the ether3_remove function to perform cleanup.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-47747"
},
{
"cve": "CVE-2024-49851",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "summary",
"text": "tpm: Clean up TPM space after command failure tpm_dev_transmit prepares the TPM space before attempting command transmission. However if the command fails no rollback of this preparation is done. This can result in transient handles being leaked if the device is subsequently closed with no further commands performed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49851"
},
{
"cve": "CVE-2024-49889",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: avoid use-after-free in ext4_ext_show_leaf()\r\n\r\nIn ext4_find_extent(), path may be freed by error or be reallocated, so\r\nusing a previously saved *ppath may have been freed and thus may trigger\r\nuse-after-free, as follows:\r\n\r\next4_split_extent\r\n path = *ppath;\r\n ext4_split_extent_at(ppath)\r\n path = ext4_find_extent(ppath)\r\n ext4_split_extent_at(ppath)\r\n // ext4_find_extent fails to free path\r\n // but zeroout succeeds\r\n ext4_ext_show_leaf(inode, path)\r\n eh = path[depth].p_hdr\r\n // path use-after-free !!!\r\n\r\nSimilar to ext4_split_extent_at(), we use *ppath directly as an input to\r\next4_ext_show_leaf(). Fix a spelling error by the way.\r\n\r\nSame problem in ext4_ext_handle_unwritten_extents(). Since \u0027path\u0027 is only\r\nused in ext4_ext_show_leaf(), remove \u0027path\u0027 and use *ppath directly.\r\n\r\nThis issue is triggered only when EXT_DEBUG is defined and therefore does\r\nnot affect functionality.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49889"
},
{
"cve": "CVE-2024-49890",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd/pm: ensure the fw_info is not null before using it\r\n\r\nThis resolves the dereference null return value warning reported by Coverity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49890"
},
{
"cve": "CVE-2024-49892",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd/display: Initialize get_bytes_per_element\u0027s default to 1\r\n\r\nVariables, used as denominators and maybe not assigned to other values, should not be 0. bytes_per_element_y \u0026 bytes_per_element_c are initialized by get_bytes_per_element() which should never return 0.\r\n\r\nThis fixes 10 DIVIDE_BY_ZERO issues reported by Coverity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49892"
},
{
"cve": "CVE-2024-49894",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd/display: Fix index out of bounds in degamma hardware format translation\r\n\r\nFixes index out of bounds issue in\r\n`cm_helper_translate_curve_to_degamma_hw_format` function. The issue\r\ncould occur when the index \u0027i\u0027 exceeds the number of transfer function\r\npoints (TRANSFER_FUNC_POINTS).\r\n\r\nThe fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the\r\ntransfer function points. If \u0027i\u0027 is out of bounds the function returns\r\nfalse to indicate an error.\r\n\r\nReported by smatch:\r\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.red\u0027 1025 \u003c= s32max\r\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.green\u0027 1025 \u003c= s32max\r\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.blue\u0027 1025 \u003c= s32max",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49894"
},
{
"cve": "CVE-2024-49900",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: Fix uninit-value access of new_ea in ea_buffer\r\n\r\nsyzbot reports that lzo1x_1_do_compress is using uninit-value:\r\n\r\n=====================================================\r\nBUG: KMSAN: uninit-value in lzo1x_1_do_compress+0x19f9/0x2510 lib/lzo/lzo1x_compress.c:178\r\n\r\n...\r\n\r\nUninit was stored to memory at:\r\n ea_put fs/jfs/xattr.c:639 [inline]\r\n\r\n...\r\n\r\nLocal variable ea_buf created at:\r\n __jfs_setxattr+0x5d/0x1ae0 fs/jfs/xattr.c:662\r\n __jfs_xattr_set+0xe6/0x1f0 fs/jfs/xattr.c:934\r\n\r\n=====================================================\r\n\r\nThe reason is ea_buf-\u003enew_ea is not initialized properly.\r\n\r\nFix this by using memset to empty its content at the beginning\r\nin ea_get().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49900"
},
{
"cve": "CVE-2024-49902",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "jfs: vulnerability caused by assigning msm_gpu-\u003epdev earlier in the initialization process to prevent null pointer dereferences in msm_gpu_cleanup.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49902"
},
{
"cve": "CVE-2024-49903",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: Fix uaf in dbFreeBits\r\n\r\n[syzbot reported]\r\n==================================================================\r\nBUG: KASAN: slab-use-after-free in __mutex_lock_common kernel/locking/mutex.c:587 [inline]\r\nBUG: KASAN: slab-use-after-free in __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752\r\nRead of size 8 at addr ffff8880229254b0 by task syz-executor357/5216\r\n\r\nCPU: 0 UID: 0 PID: 5216 Comm: syz-executor357 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0\r\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024\r\nCall Trace:\r\n \u003cTASK\u003e\r\n __dump_stack lib/dump_stack.c:93 [inline]\r\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\r\n print_address_description mm/kasan/report.c:377 [inline]\r\n print_report+0x169/0x550 mm/kasan/report.c:488\r\n kasan_report+0x143/0x180 mm/kasan/report.c:601\r\n __mutex_lock_common kernel/locking/mutex.c:587 [inline]\r\n __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752\r\n dbFreeBits+0x7ea/0xd90 fs/jfs/jfs_dmap.c:2390\r\n dbFreeDmap fs/jfs/jfs_dmap.c:2089 [inline]\r\n dbFree+0x35b/0x680 fs/jfs/jfs_dmap.c:409\r\n dbDiscardAG+0x8a9/0xa20 fs/jfs/jfs_dmap.c:1650\r\n jfs_ioc_trim+0x433/0x670 fs/jfs/jfs_discard.c:100\r\n jfs_ioctl+0x2d0/0x3e0 fs/jfs/ioctl.c:131\r\n vfs_ioctl fs/ioctl.c:51 [inline]\r\n __do_sys_ioctl fs/ioctl.c:907 [inline]\r\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\r\n\r\nFreed by task 5218:\r\n kasan_save_stack mm/kasan/common.c:47 [inline]\r\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\r\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579\r\n poison_slab_object+0xe0/0x150 mm/kasan/common.c:240\r\n __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256\r\n kasan_slab_free include/linux/kasan.h:184 [inline]\r\n slab_free_hook mm/slub.c:2252 [inline]\r\n slab_free mm/slub.c:4473 [inline]\r\n kfree+0x149/0x360 mm/slub.c:4594\r\n dbUnmount+0x11d/0x190 fs/jfs/jfs_dmap.c:278\r\n jfs_mount_rw+0x4ac/0x6a0 fs/jfs/jfs_mount.c:247\r\n jfs_remount+0x3d1/0x6b0 fs/jfs/super.c:454\r\n reconfigure_super+0x445/0x880 fs/super.c:1083\r\n vfs_cmd_reconfigure fs/fsopen.c:263 [inline]\r\n vfs_fsconfig_locked fs/fsopen.c:292 [inline]\r\n __do_sys_fsconfig fs/fsopen.c:473 [inline]\r\n __se_sys_fsconfig+0xb6e/0xf80 fs/fsopen.c:345\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\n[Analysis]\r\nThere are two paths (dbUnmount and jfs_ioc_trim) that generate race condition when accessing bmap, which leads to the occurrence of uaf.\r\n\r\nUse the lock s_umount to synchronize them, in order to avoid uaf caused by race condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49903"
},
{
"cve": "CVE-2024-49930",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "wifi: ath11k: fix array out-of-bound access in SoC stats. Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx() function access ath11k_soc_dp_stats::hal_reo_error using the REO destination SRNG ring ID, which is incorrect. SRNG ring ID differ from normal ring ID, and this usage leads to out-of-bounds array access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49930"
},
{
"cve": "CVE-2024-49938",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\r\n\r\nSyzbot points out that skb_trim() has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. The intent here is clearly just to reset the length to zero before resubmitting, so switch to calling __skb_set_length(skb, 0) directly. In addition, __skb_set_length() already contains a call to skb_reset_tail_pointer(), so remove the redundant call.\r\n\r\nThe syzbot report came from ath9k_hif_usb_reg_in_cb(), but there\u0027s a similar usage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we\u0027re at it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49938"
},
{
"cve": "CVE-2024-49944",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start. In sctp_listen_start() invoked by sctp_inet_listen(), it should set the sk_state back to CLOSED if sctp_autobind() fails due to whatever reason. Otherwise, next time when calling sctp_inet_listen(), if sctp_sk(sk)-\u003ereuse is already set via setsockopt(SCTP_REUSE_PORT), sctp_sk(sk)-\u003ebind_hash will be dereferenced as sk_state is LISTENING, which causes a crash as bind_hash is NULL",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49944"
},
{
"cve": "CVE-2024-49948",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49948"
},
{
"cve": "CVE-2024-49949",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49949"
},
{
"cve": "CVE-2024-49952",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49952"
},
{
"cve": "CVE-2024-49955",
"cwe": {
"id": "CWE-672",
"name": "Operation on a Resource after Expiration or Release"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nACPI: battery: Fix possible crash when unregistering a battery hook\r\n\r\nWhen a battery hook returns an error when adding a new battery, then the battery hook is automatically unregistered.\r\nHowever the battery hook provider cannot know that, so it will later call battery_hook_unregister() on the already unregistered battery hook, resulting in a crash.\r\n\r\nFix this by using the list head to mark already unregistered battery hooks as already being unregistered so that they can be ignored by battery_hook_unregister().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49955"
},
{
"cve": "CVE-2024-49973",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "r8169: RTL8125 added fields to the tally counter, this change could cause the chip to perform Direct Memory Access on these new fields, potentially writing to unallocated memory.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49973"
},
{
"cve": "CVE-2024-49977",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: stmmac: port_transmit_rate_kbps could be set to a value of 0, which is then passed to the \"div_s64\" function when tc-cbs is disabled. This leads to a zero-division error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49977"
},
{
"cve": "CVE-2024-49997",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skb_put_padto() to pad Ethernet frames properly. The mentioned function zeroes the expanded buffer. In case the packet cannot be padded it is silently dropped. Statistics are also not incremented. This driver does not support statistics in the old 32-bit format or the new 64-bit format. These will be added in the future. In its current form, the patch should be easily backported to stable versions. Ethernet MACs on Amazon-SE and Danube cannot do padding of the packets in hardware, so software padding must be applied.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-49997"
},
{
"cve": "CVE-2024-50001",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/mlx5: Fix error path in multi-packet WQE transmit\r\n\r\nRemove the erroneous unmap in case no DMA mapping was established\r\n\r\nThe multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under memory pressure, when the IOMMU driver just can\u0027t allocate more memory for page tables. While the code tries to handle this in the path below the err_unmap label it erroneously unmaps one entry from the sq\u0027s FIFO list of active mappings. Since the current map attempt failed this unmap is removing some random DMA mapping that might still be required. If the PCI function now presents that IOVA, the IOMMU may assumes a rogue DMA access and e.g. on s390 puts the PCI function in error state.\r\n\r\nThe erroneous behavior was seen in a stress-test environment that created memory pressure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50001"
},
{
"cve": "CVE-2024-50006",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50006"
},
{
"cve": "CVE-2024-50008",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "wifi: mwifiex: memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexible-array member in `struct host_cmd_ds_802_11_scan_ext`.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50008"
},
{
"cve": "CVE-2024-50010",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nexec: don\u0027t WARN for racy path_noexec check\r\n\r\nBoth i_mode and noexec checks wrapped in WARN_ON stem from an artifact\r\nof the previous implementation. They used to legitimately check for the\r\ncondition, but that got moved up in two commits:\r\n633fb6ac3980 (\"exec: move S_ISREG() check earlier\")\r\n0fd338b2d2cd (\"exec: move path_noexec() check earlier\")\r\n\r\nInstead of being removed said checks are WARN_ON\u0027ed instead, which has some debug value.\r\n\r\nHowever, the spurious path_noexec check is racy, resulting in unwarranted warnings should someone race with setting the noexec flag.\r\n\r\nOne can note there is more to perm-checking whether execve is allowed and none of the conditions are guaranteed to still hold after they were tested for.\r\n\r\nAdditionally this does not validate whether the code path did any perm checking to begin with -- it will pass if the inode happens to be regular.\r\n\r\nKeep the redundant path_noexec() check even though it\u0027s mindless nonsense checking for guarantee that isn\u0027t given so drop the WARN.\r\n\r\nReword the commentary and do small tidy ups while here.\r\n\r\n[brauner: keep redundant path_noexec() check]",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50010"
},
{
"cve": "CVE-2024-50015",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "summary",
"text": "ext4: dax: Overflowing extents beyond inode size when partially writing.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50015"
},
{
"cve": "CVE-2024-50033",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nslip: make slhc_remember() more robust against malicious packets\r\n\r\nsyzbot found that slhc_remember() was missing checks against\r\nmalicious packets [1].\r\n\r\nslhc_remember() only checked the size of the packet was at least 20,\r\nwhich is not good enough.\r\n\r\nWe need to make sure the packet includes the IPv4 and TCP header\r\nthat are supposed to be carried.\r\n\r\nAdd iph and th pointers to make the code more readable.\r\n\r\n[1]\r\n\r\nBUG: KMSAN: uninit-value in slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666\r\n slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666\r\n ppp_receive_nonmp_frame+0xe45/0x35e0 drivers/net/ppp/ppp_generic.c:2455\r\n ppp_receive_frame drivers/net/ppp/ppp_generic.c:2372 [inline]\r\n ppp_do_recv+0x65f/0x40d0 drivers/net/ppp/ppp_generic.c:2212\r\n ppp_input+0x7dc/0xe60 drivers/net/ppp/ppp_generic.c:2327\r\n pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379\r\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113\r\n __release_sock+0x1da/0x330 net/core/sock.c:3072\r\n release_sock+0x6b/0x250 net/core/sock.c:3626\r\n pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903\r\n sock_sendmsg_nosec net/socket.c:729 [inline]\r\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\r\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\r\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\r\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\r\n __do_sys_sendmmsg net/socket.c:2771 [inline]\r\n __se_sys_sendmmsg net/socket.c:2768 [inline]\r\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\r\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nUninit was created at:\r\n slab_post_alloc_hook mm/slub.c:4091 [inline]\r\n slab_alloc_node mm/slub.c:4134 [inline]\r\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186\r\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\r\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\r\n alloc_skb include/linux/skbuff.h:1322 [inline]\r\n sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732\r\n pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867\r\n sock_sendmsg_nosec net/socket.c:729 [inline]\r\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\r\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\r\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\r\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\r\n __do_sys_sendmmsg net/socket.c:2771 [inline]\r\n __se_sys_sendmmsg net/socket.c:2768 [inline]\r\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\r\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nCPU: 0 UID: 0 PID: 5460 Comm: syz.2.33 Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0\r\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50033"
},
{
"cve": "CVE-2024-50035",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nppp: fix ppp_async_encode() illegal access\r\n\r\nsyzbot reported an issue in ppp_async_encode() [1]\r\n\r\nIn this case, pppoe_sendmsg() is called with a zero size.\r\nThen ppp_async_encode() is called with an empty skb.\r\n\r\nBUG: KMSAN: uninit-value in ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline]\r\n BUG: KMSAN: uninit-value in ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675\r\n ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline]\r\n ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675\r\n ppp_async_send+0x130/0x1b0 drivers/net/ppp/ppp_async.c:634\r\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2280 [inline]\r\n ppp_input+0x1f1/0xe60 drivers/net/ppp/ppp_generic.c:2304\r\n pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379\r\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113\r\n __release_sock+0x1da/0x330 net/core/sock.c:3072\r\n release_sock+0x6b/0x250 net/core/sock.c:3626\r\n pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903\r\n sock_sendmsg_nosec net/socket.c:729 [inline]\r\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\r\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\r\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\r\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\r\n __do_sys_sendmmsg net/socket.c:2771 [inline]\r\n __se_sys_sendmmsg net/socket.c:2768 [inline]\r\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\r\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nUninit was created at:\r\n slab_post_alloc_hook mm/slub.c:4092 [inline]\r\n slab_alloc_node mm/slub.c:4135 [inline]\r\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4187\r\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\r\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\r\n alloc_skb include/linux/skbuff.h:1322 [inline]\r\n sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732\r\n pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867\r\n sock_sendmsg_nosec net/socket.c:729 [inline]\r\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\r\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\r\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\r\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\r\n __do_sys_sendmmsg net/socket.c:2771 [inline]\r\n __se_sys_sendmmsg net/socket.c:2768 [inline]\r\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\r\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nCPU: 1 UID: 0 PID: 5411 Comm: syz.1.14 Not tainted 6.12.0-rc1-syzkaller-00165-g360c1f1f24c6 #0\r\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50035"
},
{
"cve": "CVE-2024-50039",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/sched: accept TCA_STAB only for root qdisc\r\n\r\nMost qdiscs maintain their backlog using qdisc_pkt_len(skb) on the assumption it is invariant between the enqueue() and dequeue() handlers.\r\n\r\nUnfortunately syzbot can crash a host rather easily using a TBF + SFQ combination, with an STAB on SFQ [1]\r\n\r\nWe can\u0027t support TCA_STAB on arbitrary level, this would require to maintain per-qdisc storage.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50039"
},
{
"cve": "CVE-2024-50040",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50040"
},
{
"cve": "CVE-2024-50044",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change\r\n\r\nrfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl always attempt to lock it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50044"
},
{
"cve": "CVE-2024-50045",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50045"
},
{
"cve": "CVE-2024-50046",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nNFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()\r\n\r\nOn the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server.\r\nAccidentally, the nfs42_complete_copies() got a NULL-pointer dereference crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50046"
},
{
"cve": "CVE-2024-50058",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nserial: protect uart_port_dtr_rts() in uart_shutdown() too\r\n\r\nCommit af224ca2df29 (serial: core: Prevent unsafe uart port access, part 3) added few uport == NULL checks. It added one to uart_shutdown(), so the commit assumes, uport can be NULL in there. But right after that protection, there is an unprotected \"uart_port_dtr_rts(uport, false);\" call. That is invoked only if HUPCL is set, so I assume that is the reason why we do not see lots of these reports.\r\n\r\nOr it cannot be NULL at this point at all for some reason :P.\r\n\r\nUntil the above is investigated, stay on the safe side and move this dereference to the if too.\r\n\r\nI got this inconsistency from Coverity under CID 1585130. Thanks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50058"
},
{
"cve": "CVE-2024-50095",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nRDMA/mad: Improve handling of timed out WRs of mad agent\r\n\r\nCurrent timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no. of WRs are to be handled inside timeout handler.\r\n\r\nThis leads to softlockup with below trace in some use cases where rdma-cm path is used to establish connection between peer nodes\r\n\r\n\r\nSimplified timeout handler by creating local list of timed out WRs and invoke send handler post creating the list. The new method acquires/releases lock once to fetch the list and hence helps to reduce locking contetiong when processing higher no. of WRs",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50095"
},
{
"cve": "CVE-2024-50121",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "nfsd: problematic nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net. In the normal case, when we excute `echo 0 \u003e /proc/fs/nfsd/threads`, the function `nfs4_state_destroy_net` in `nfs4_state_shutdown_net` will release all resources related to the hashed `nfs4_client`.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50121"
},
{
"cve": "CVE-2024-50127",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: sched: fix use-after-free in taprio_change()\r\n\r\nIn \u0027taprio_change()\u0027, \u0027admin\u0027 pointer may become dangling due to sched switch / removal caused by \u0027advance_sched()\u0027, and critical section protected by \u0027q-current_entry_lock\u0027 is too small to prevent from such a scenario (which causes use-after-free detected by KASAN). Fix this by prefer \u0027rcu_replace_pointer()\u0027 ver \u0027rcu_assign_pointer()\u0027 to update \u0027admin\u0027 immediately before an attempt to schedule freeing.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50127"
},
{
"cve": "CVE-2024-50131",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntracing: Consider the NULL character when validating the event length\r\n\r\nstrlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL terminating character.\r\n\r\nThis commit checks this condition and returns failure for it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50131"
},
{
"cve": "CVE-2024-50134",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA\r\n\r\nReplace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a \"memcpy: detected field-spanning write error\".\r\n\r\nNote as mentioned in the added comment it seems the original length calculation for the allocated and send hgsmi buffer is 4 bytes too large.\r\nChanging this is not the goal of this patch, so this behavior is kept.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50134"
},
{
"cve": "CVE-2024-50142",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nxfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset\r\n\r\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:Validate address prefix lengths in the xfrm selector.\")\r\n\r\nsyzbot created an SA with\r\n usersa.sel.family = AF_UNSPEC\r\n usersa.sel.prefixlen_s = 128\r\n usersa.family = AF_INET\r\n\r\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn\u0027t put limits on prefixlen_{s,d}. But then copy_from_user_state sets x-\u003esel.family to usersa.family (AF_INET). Do the same conversion inverify_newsa_info before validating prefixlen_{s,d}, since that\u0027s howprefixlen is going to be used later on.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50142"
},
{
"cve": "CVE-2024-50148",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: bnep: fix wild-memory-access in proto_unregister\r\n\r\nAs bnep_init() ignore bnep_sock_init()\u0027s return value, and bnep_sock_init() will cleanup all resource. Then when remove bnep module will call bnep_sock_cleanup() to cleanup sock\u0027s resource.\r\nTo solve above issue just return bnep_sock_init()\u0027s return value in bnep_exit().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50148"
},
{
"cve": "CVE-2024-50150",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: typec: altmode should keep reference to parent\r\n\r\nThe altmode device release refers to its parent device, but without keeping\r\na reference to it.\r\n\r\nWhen registering the altmode, get a reference to the parent and put it in\r\nthe release function.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50150"
},
{
"cve": "CVE-2024-50151",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsmb: client: fix OOBs when building SMB2_IOCTL request\r\n\r\nWhen using encryption, either enforced by the server or when using\r\n\u0027seal\u0027 mount option, the client will squash all compound request buffers\r\ndown for encryption into a single iov in smb2_set_next_command().\r\n\r\nSMB2_ioctl_init() allocates a small buffer (448 bytes) to hold the\r\nSMB2_IOCTL request in the first iov, and if the user passes an input\r\nbuffer that is greater than 328 bytes, smb2_set_next_command() will\r\nend up writing off the end of @rqst-\u003eiov[0].iov_base as shown below:\r\n\r\n mount.cifs //srv/share /mnt -o ...,seal\r\n ln -s $(perl -e \"print(\u0027a\u0027)for 1..1024\") /mnt/link\r\n\r\n BUG: KASAN: slab-out-of-bounds in\r\n smb2_set_next_command.cold+0x1d6/0x24c [cifs]\r\n Write of size 4116 at addr ffff8881148fcab8 by task ln/859",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50151"
},
{
"cve": "CVE-2024-50153",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: target: core: Fix null-ptr-deref in target_alloc_device()\r\n\r\nThere is a null-ptr-deref issue reported by KASAN:\r\n\r\nBUG: KASAN: null-ptr-deref in target_alloc_device+0xbc4/0xbe0 [target_core_mod]\r\n...\r\n kasan_report+0xb9/0xf0\r\n target_alloc_device+0xbc4/0xbe0 [target_core_mod]\r\n core_dev_setup_virtual_lun0+0xef/0x1f0 [target_core_mod]\r\n target_core_init_configfs+0x205/0x420 [target_core_mod]\r\n do_one_initcall+0xdd/0x4e0\r\n...\r\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\r\n\r\nIn target_alloc_device(), if allocing memory for dev queues fails, then\r\ndev will be freed by dev-\u003etransport-\u003efree_device(), but dev-\u003etransport\r\nis not initialized at that time, which will lead to a null pointer\r\nreference problem.\r\n\r\nFixing this bug by freeing dev with hba-\u003ebackend-\u003eops-\u003efree_device().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50153"
},
{
"cve": "CVE-2024-50188",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "net: phy: dp83869: fix memory corruption when enabling fiber. When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 \u0026lt;\u0026lt; 10) rather than a bit number (10). This corrupts some other memory location -- in case of arm64 the priv pointer in the same structure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50188"
},
{
"cve": "CVE-2024-50205",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()\r\n\r\nThe step variable is initialized to zero. It is changed in the loop,\r\nbut if it\u0027s not changed it will remain zero. Add a variable check\r\nbefore the division.\r\n\r\nThe observed behavior was introduced by commit 826b5de90c0b\r\n(\"ALSA: firewire-lib: fix insufficient PCM rule for period/buffer size\"),\r\nand it is difficult to show that any of the interval parameters will\r\nsatisfy the snd_interval_test() condition with data from the\r\namdtp_rate_table[] table.\r\n\r\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50205"
},
{
"cve": "CVE-2024-50210",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()\r\n\r\nIf get_clock_desc() succeeds, it calls fget() for the clockid\u0027s fd,\r\nand get the clk-\u003erwsem read lock, so the error path should release\r\nthe lock to make the lock balance and fput the clockid\u0027s fd to make\r\nthe refcount balance and release the fd related resource.\r\n\r\nHowever the below commit left the error path locked behind resulting in\r\nunbalanced locking. Check timespec64_valid_strict() before\r\nget_clock_desc() to fix it, because the \"ts\" is not changed\r\nafter that.\r\n\r\n[pabeni@redhat.com: fixed commit message typo]",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50210"
},
{
"cve": "CVE-2024-50251",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50251"
},
{
"cve": "CVE-2024-50262",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50262"
},
{
"cve": "CVE-2024-50299",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50299"
},
{
"cve": "CVE-2024-50301",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50301"
},
{
"cve": "CVE-2024-50302",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let\u0027s zero-initialize it during allocation to make sure that it can\u0027t be ever used to leak kernel memory via specially-crafted report.",
"title": "Summary"
},
{
"category": "summary",
"text": "The information disclosure is limited to HID driver report data. Successful exploitation requires the installation of malicious code on the device.",
"title": "For SIMATIC S7-1500 TM MFP - GNU/Linux subsystem"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-50302"
},
{
"cve": "CVE-2024-53042",
"cwe": {
"id": "CWE-662",
"name": "Improper Synchronization"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()\r\n\r\nThere are code paths from which the function is called without holding\r\nthe RCU read lock, resulting in a suspicious RCU usage warning [1].\r\n\r\nFix by using l3mdev_master_upper_ifindex_by_index() which will acquire\r\nthe RCU read lock before calling\r\nl3mdev_master_upper_ifindex_by_index_rcu().\r\n\r\n[1]\r\nWARNING: suspicious RCU usage\r\n6.12.0-rc3-custom-gac8f72681cf2 #141 Not tainted\r\n-----------------------------\r\nnet/core/dev.c:876 RCU-list traversed in non-reader section!!\r\n\r\nother info that might help us debug this:\r\n\r\nrcu_scheduler_active = 2, debug_locks = 1\r\n1 lock held by ip/361:\r\n #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-53042"
},
{
"cve": "CVE-2024-53057",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53059",
"cwe": {
"id": "CWE-460",
"name": "Improper Cleanup on Thrown Exception"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()\r\n\r\n1. The size of the response packet is not validated.\r\n2. The response buffer is not freed.\r\n\r\nResolve these issues by switching to iwl_mvm_send_cmd_status(), which handles both size validation and frees the buffer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-53059"
},
{
"cve": "CVE-2024-53101",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr-\u003eia_mode, attr-\u003eia_uid and attr-\u003eia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren\u0027t set. Initialize all fields of newattrs to avoid uninitialized variables, by checking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-53101"
},
{
"cve": "CVE-2024-53124",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "net: fix data-races around sk sk_forward_alloc.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-53124"
},
{
"cve": "CVE-2024-56631",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\nscsi: sg: Fix slab-use-after-free read in sg_release()\r\nFix a use-after-free bug in sg_release(), detected by syzbot with KASAN:\r\n\r\nThe fix has been tested and validated by syzbot. This patch closes the\r\nbug reported at the following syzkaller link and ensures proper\r\nsequencing of resource cleanup and mutex operations, eliminating the\r\nrisk of use-after-free errors in sg_release().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-56631"
},
{
"cve": "CVE-2024-56672",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblk-cgroup: Fix UAF in blkcg_unpin_online()\r\n\r\nblkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To\r\nwalk up, it uses blkcg_parent(blkcg) but it was calling that after\r\nblkcg_destroy_blkgs(blkcg) which could free the blkcg",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-56672"
},
{
"cve": "CVE-2024-57901",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"notes": [
{
"category": "summary",
"text": "af_packet: vlan_get_protocol_dgram() vs MSG_PEEK Blamed allowing a crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57901"
},
{
"cve": "CVE-2024-57902",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\naf_packet: fix vlan_get_tci() vs MSG_PEEK\r\n\r\nBlamed commit forgot MSG_PEEK case, allowing a crash [1] as found\r\nby syzbot.\r\n\r\nRework vlan_get_tci() to not touch skb at all,\r\nso that it can be used from many cpus on the same skb.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57902"
},
{
"cve": "CVE-2024-57913",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: gadget: f_fs: Remove WARN_ON in functionfs_bind",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57913"
},
{
"cve": "CVE-2024-57929",
"cwe": {
"id": "CWE-672",
"name": "Operation on a Resource after Expiration or Release"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndm array: fix releasing a faulty array block twice in dm_array_cursor_end\r\n\r\nWhen dm_bm_read_lock() fails due to locking or checksum errors, it\r\nreleases the faulty block implicitly while leaving an invalid output\r\npointer behind. The caller of dm_bm_read_lock() should not operate on\r\nthis invalid dm_block pointer, or it will lead to undefined result.\r\nFor example, the dm_array_cursor incorrectly caches the invalid pointer\r\non reading a faulty array block, causing a double release in\r\ndm_array_cursor_end(), then hitting the BUG_ON in dm-bufio cache_put().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57929"
},
{
"cve": "CVE-2024-57940",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the cluster chain, and there is an unused directory entry in the cluster, dentry will not be incremented, causing condition dentry \u003c max_dentries unable to prevent an infinite loop. This infinite loop causes s_lock not to be released, and other tasks will hang, such as exfat_sync_fs().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57940"
},
{
"cve": "CVE-2024-57948",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmac802154: check local interfaces before deleting sdata list\r\n\r\nsyzkaller reported a corrupted list in ieee802154_if_remove. [1]\r\n\r\nRemove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4\r\nhardware device from the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57948"
},
{
"cve": "CVE-2024-57951",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhrtimers: Handle CPU state correctly on hotplug\r\n\r\nConsider a scenario where a CPU transitions from CPUHP_ONLINE to halfway\r\nthrough a CPU hotunplug down to CPUHP_HRTIMERS_PREPARE, and then back to\r\nCPUHP_ONLINE:\r\n\r\nSince hrtimers_prepare_cpu() does not run, cpu_base.hres_active remains set\r\nto 1 throughout. However, during a CPU unplug operation, the tick and the\r\nclockevents are shut down at CPUHP_AP_TICK_DYING. On return to the online\r\nstate, for instance CFS incorrectly assumes that the hrtick is already\r\nactive, and the chance of the clockevent device to transition to oneshot\r\nmode is also lost forever for the CPU, unless it goes back to a lower state\r\nthan CPUHP_HRTIMERS_PREPARE once.\r\n\r\nThis round-trip reveals another issue; cpu_base.online is not set to 1\r\nafter the transition, which appears as a WARN_ON_ONCE in enqueue_hrtimer().\r\n\r\nAside of that, the bulk of the per CPU state is not reset either, which\r\nmeans there are dangling pointers in the worst case.\r\n\r\nAddress this by adding a corresponding startup() callback, which resets the\r\nstale per CPU state and sets the online flag.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57951"
},
{
"cve": "CVE-2024-57977",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "memcg: A soft lockup vulnerability in the product with about 56,000 tasks were in the OOM cgroup, it was traversing them when the soft lockup was triggered.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57977"
},
{
"cve": "CVE-2024-57979",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "pps: Fix a use-after-free",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57981",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "usb: xhci: NULL pointer dereference on certain command aborts. If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is later aborted, when the abort completion is handled the dequeue pointer is advanced to the first TRB of the next segment. If no further commands are queued, xhci_handle_stopped_cmd_ring() sees the ring pointers unequal and assumes that there is a pending command, so it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-58005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tpm: Change to kvalloc() in eventlog/acpi.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58009",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58014",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58016",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "safesetid: check size of policy writes",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58016"
},
{
"cve": "CVE-2024-58017",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58020",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "HID: multitouch: Add NULL check in mt_input_configured",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58051",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipmi: ipmb: Add check devm_kasprintf() returned value",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58058",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ubifs: skip dumping tnc tree when zroot is null",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58063",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "wifi: rtlwifi: fix memory leaks and invalid access at probe error path",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58071",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "team: prevent adding a device which is already a team device lower",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58071"
},
{
"cve": "CVE-2024-58072",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: rtlwifi: remove unused check_buddy_priv",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tomoyo: don\u0027t emit warning in tomoyo_write_control()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2025-21638",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: rto_min/max: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.rto_min/max\u0027 is used.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.sctp_hmac_alg\u0027 is\nused.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21647",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\nsched: sch_cake: add bounds checks to host bulk flow fairness counts",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21647"
},
{
"cve": "CVE-2025-21648",
"cwe": {
"id": "CWE-789",
"name": "Memory Allocation with Excessive Size Value"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\r\n\r\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\r\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\r\nresizing hashtable because __GFP_NOWARN is unset. See:\r\n\r\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\r\n\r\nNote: hashtable resize is only possible from init_netns.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21653",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21653"
},
{
"cve": "CVE-2025-21664",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "dm thin: make get_first_thin use rcu-safe list first function",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21664"
},
{
"cve": "CVE-2025-21666",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "vsock: prevent null-ptr-deref in vsock_has_data|has_space",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21666"
},
{
"cve": "CVE-2025-21669",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "vsock/virtio: discard packets if the transport changes",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21669"
},
{
"cve": "CVE-2025-21678",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "gtp: Destroy device along with udp socket\u0027s netns dismantle",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21678"
},
{
"cve": "CVE-2025-21683",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "bpf: Fix bpf_sk_select_reuseport() memory leak",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21683"
},
{
"cve": "CVE-2025-21692",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "net: sched: fix ets qdisc OOB Indexing",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21692"
},
{
"cve": "CVE-2025-21694",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "fs/proc: softlockup in __read_vmcore",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21694"
},
{
"cve": "CVE-2025-21704",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: cdc-acm: Check control transfer buffer size before access",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21711",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "net/rose: prevent integer overflows in rose_setsockopt()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21719",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipmr: do not call mr_mfc_uses_dev() for unres entries",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21726",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "padata: avoid UAF for reorder_work",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "padata: fix UAF in padata_reorder",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpf_send_signal() kfunc, it will cause issues because this kfunc can sleep.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21735",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "NFC: nci: Add bounds checking in nci_hci_create_pipe()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21744",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\r\n\r\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\r\nclass_dev_iter_(init|next)(), but does not end iterating with\r\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\r\n\r\nFix by ending the iterating with class_dev_iter_exit().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21753",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "btrfs: fix use-after-free when attempting to join an aborted transaction",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21756",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21760",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "ndisc: extend RCU protection in ndisc_send_skb()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "openvswitch: use RCU protection in ovs_vport_cmd_fill_info()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "neighbour: use RCU protection in __neigh_notify()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "ndisc: use RCU protection in ndisc_alloc_skb()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21772",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "partitions: mac: fix handling of bogus partition table",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21776",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "USB: hub: Ignore non-compliant devices with too many configs or interfaces. A test program can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21787",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "team: better TEAM_OPTION_TYPE_STRING validation",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21795",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NFSD: hang in nfsd4_shutdown_callback. If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP notifies NFSD that the connection was dropped.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21806",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: let net.core.dev_weight always be non-zero. The following problem was encountered during stability test: (NULL net_device).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21806"
},
{
"cve": "CVE-2025-21814",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ptp: Ensure info-\u003eenable callback is always set",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21826",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: nf_tables: reject mismatching sum of field_len with set key length. The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapo_init(). The set key length provides the total size of the key aligned to 32-bits. Register-based arithmetics still allows for combining mismatching set key length and field length description, eg. set key length 10 and field description [ 5, 4 ] leading to pipapo width of 12.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21826"
},
{
"cve": "CVE-2025-21835",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: gadget: f_midi: fix MIDI Streaming descriptor lengths",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21844",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "smb: client: Add check for next_buffer in receive_encrypted_standard()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "acct: perform last write from workqueue",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21858",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "geneve: Fix use-after-free in geneve_find_dev()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "USB: gadget: f_midi: f_midi_complete to call queue_work",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21862",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "drop_monitor: incorrect initialization order. If drop_monitor is built as a kernel module, syzkaller may have time to send a netlink NET_DM_CMD_START message during the module loading. This will call the net_dm_monitor_start() function that uses a spinlock that has not yet been initialized.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21865",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Commit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns dismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl() to destroy devices in each netns as done in geneve and ip tunnels. However, this could trigger -\u003edellink() twice for the same device during -\u003eexit_batch_rtnl().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2025-21865"
}
]
}
GHSA-572C-4F8H-65C4
Vulnerability from github – Published: 2025-02-27 03:34 – Updated: 2025-11-03 21:32
VLAI?
Details
In the Linux kernel, the following vulnerability has been resolved:
printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
Shifting 1 << 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring well-defined behavior.
This change explicitly avoids any potential overflow by ensuring that the shift occurs on an unsigned 32-bit integer.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-58017"
],
"database_specific": {
"cwe_ids": [
"CWE-190"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-02-27T03:15:12Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nprintk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX\n\nShifting 1 \u003c\u003c 31 on a 32-bit int causes signed integer overflow, which\nleads to undefined behavior. To prevent this, cast 1 to u32 before\nperforming the shift, ensuring well-defined behavior.\n\nThis change explicitly avoids any potential overflow by ensuring that\nthe shift occurs on an unsigned 32-bit integer.",
"id": "GHSA-572c-4f8h-65c4",
"modified": "2025-11-03T21:32:58Z",
"published": "2025-02-27T03:34:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-58017"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/3d6f83df8ff2d5de84b50377e4f0d45e25311c7a"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/404e5fd918a0b14abec06c7eca128f04c9b98e41"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4a2c4e7265b8eed83c25d86d702cea06493cab18"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/4acf6bab775dbd22a9a799030a808a7305e01d63"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/54c14022fa2ba427dc543455c2cf9225903a7174"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/9a6d43844de2479a3ff8d674c3e2a16172e01598"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bb8ff054e19fe27f4e5eaac1b05e462894cfe9b1"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/dfb7b179741ee09506dc7719d92f9e1cea01f10e"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00028.html"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
SSA-265688
Vulnerability from csaf_siemens - Published: 2024-04-09 00:00 - Updated: 2025-10-14 00:00Summary
SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1.
Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1.\n\nSiemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
},
{
"category": "self",
"summary": "SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-265688.json"
}
],
"title": "SSA-265688: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP V1.1",
"tracking": {
"current_release_date": "2025-10-14T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-265688",
"initial_release_date": "2024-04-09T00:00:00Z",
"revision_history": [
{
"date": "2024-04-09T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-05-14T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added CVE-2024-2511"
},
{
"date": "2024-07-09T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added CVE-2024-5535"
},
{
"date": "2024-11-12T00:00:00Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Added CVE-2024-9143"
},
{
"date": "2025-03-11T00:00:00Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Added CVE-2024-36484, CVE-2024-36902, CVE-2024-36904, CVE-2024-36905, CVE-2024-36916, CVE-2024-36929, CVE-2024-36939, CVE-2024-36940, CVE-2024-36959, CVE-2024-44987, CVE-2024-44989, CVE-2024-44990, CVE-2024-45016, CVE-2024-45018, CVE-2024-46679, CVE-2024-46743, CVE-2024-46744, CVE-2024-46745, CVE-2024-46750, CVE-2024-46759, CVE-2024-46783, CVE-2024-47660, CVE-2024-50299, CVE-2024-50301, CVE-2024-53101"
},
{
"date": "2025-04-08T00:00:00Z",
"legacy_version": "1.5",
"number": "6",
"summary": "Added CVE-2024-50302 (incl. product-specific impact description) and multiple other CVEs"
},
{
"date": "2025-06-10T00:00:00Z",
"legacy_version": "1.6",
"number": "7",
"summary": "Added 63 CVEs"
},
{
"date": "2025-07-08T00:00:00Z",
"legacy_version": "1.7",
"number": "8",
"summary": "Added 71 CVEs"
},
{
"date": "2025-08-12T00:00:00Z",
"legacy_version": "1.8",
"number": "9",
"summary": "Added 147 CVEs"
},
{
"date": "2025-09-09T00:00:00Z",
"legacy_version": "1.9",
"number": "10",
"summary": "Added 51 CVEs"
},
{
"date": "2025-10-14T00:00:00Z",
"legacy_version": "2.0",
"number": "11",
"summary": "Added CVE-2025-9230, CVE-2023-50781, CVE-2023-6129, CVE-2023-6237, CVE-2024-0727"
}
],
"status": "interim",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 TM MFP - GNU/Linux subsystem"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-4090",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw, a local attacker with user privilege may gain access to out-of-bounds memory, leading to a system integrity and confidentiality threat.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-4090"
},
{
"cve": "CVE-2021-38202",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-38202"
},
{
"cve": "CVE-2021-47002",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "SUNRPC: null pointer dereference in svc_rqst_free(). When alloc_pages_node() returns null in svc_rqst_alloc(), the null rq_scratch_page pointer will be dereferenced when calling put_page() in svc_rqst_free().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-47002"
},
{
"cve": "CVE-2021-47107",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "NFSD: READDIR buffer overflow. If a client sends a READDIR count argument that is too small (say, zero), then the buffer size calculation in the new init_dirlist helper functions results in an underflow, allowing the XDR stream functions to write beyond the actual buffer. This calculation has always been suspect. NFSD has never sanity- checked the READDIR count argument, but the old entry encoders managed the problem correctly. With the commits below, entry encoding changed, exposing the underflow to the pointer arithmetic in xdr_reserve_space(). Modern NFS clients attempt to retrieve as much data as possible for each READDIR request.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-47107"
},
{
"cve": "CVE-2021-47316",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfsd: NULL dereference in nfs3svc_encode_getaclres.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2021-47316"
},
{
"cve": "CVE-2022-38096",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file \u0027/dev/dri/renderD128 (or Dxxx)\u0027. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-38096"
},
{
"cve": "CVE-2022-43945",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-43945"
},
{
"cve": "CVE-2022-48827",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "NFSD: vulnerability caused by loff_t overflow on the server when a client reads near the maximum offset, causing the server to return an EINVAL error, which the client retries indefinitely, instead of handling out-of-range READ requests by returning a short result with an EOF flag.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-48827"
},
{
"cve": "CVE-2022-48828",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NFSD: Vulnerability caused by an underflow in ia_size due to a mismatch between signed and unsigned 64-bit file size values, which can cause issues when handling large file sizes from NFS clients.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-48828"
},
{
"cve": "CVE-2022-48829",
"cwe": {
"id": "CWE-253",
"name": "Incorrect Check of Function Return Value"
},
"notes": [
{
"category": "summary",
"text": "NFSD: Vulnerability handling large file sizes for NFSv3 improperly capping client size values larger than s64_max, leading to unexpected behavior and potential data corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-48829"
},
{
"cve": "CVE-2023-1652",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-1652"
},
{
"cve": "CVE-2023-5678",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn\u0027t make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn\u0027t check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the \"-pubcheck\" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-6121",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6121"
},
{
"cve": "CVE-2023-6129",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions.\r\n\r\nIf an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences.\r\n\r\nThe POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions.\r\n\r\nThe consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However unless the compiler uses the vector registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service.\r\n\r\nThe POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used. This implies that TLS server applications using OpenSSL can be potentially impacted. However\r\nwe are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6129"
},
{
"cve": "CVE-2023-6237",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Checking excessively long invalid RSA public keys may take a long time. Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the \u0027-pubin\u0027 and \u0027-check\u0027 options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6237"
},
{
"cve": "CVE-2023-6817",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free.\n\nWe recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6817"
},
{
"cve": "CVE-2023-6931",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A heap out-of-bounds write vulnerability in the Linux kernel\u0027s Performance Events system component can be exploited to achieve local privilege escalation.\n\nA perf_event\u0027s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group().\n\nWe recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6931"
},
{
"cve": "CVE-2023-6932",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free vulnerability in the Linux kernel\u0027s ipv4: igmp component can be exploited to achieve local privilege escalation.\n\nA race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread.\n\nWe recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6932"
},
{
"cve": "CVE-2023-28746",
"cwe": {
"id": "CWE-1342",
"name": "Information Exposure through Microarchitectural State after Transient Execution"
},
"notes": [
{
"category": "summary",
"text": "Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-28746"
},
{
"cve": "CVE-2023-45898",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "The Linux kernel before 6.5.4 has an es1 use-after-free in fs/ext4/extents_status.c, related to ext4_es_insert_extent.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-45898"
},
{
"cve": "CVE-2023-47233",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-50781",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-50781"
},
{
"cve": "CVE-2023-52447",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Defer the free of inner map when necessary when updating or deleting an inner map in map array or map htab, the map may still be accessed by non-sleepable program or sleepable program. However bpf_map_fd_put_ptr() decreases the ref-counter of the inner map directly through bpf_map_put(), if the ref-counter is the last one (which is true for most cases), the inner map will be freed by ops-\u003emap_free() in a kworker. But for now, most .map_free() callbacks don\u0027t use synchronize_rcu() or its variants to wait for the elapse of a RCU grace period, so after the invocation of ops-\u003emap_free completes, the bpf program which is accessing the inner map may incur use-after-free vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-52447"
},
{
"cve": "CVE-2023-52458",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblock: add check that partition length needs to be aligned with block size",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-52458"
},
{
"cve": "CVE-2023-52614",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nPM / devfreq: Fix buffer overflow in trans_stat_show",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-52614"
},
{
"cve": "CVE-2023-52620",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: disallow timeout for anonymous sets\r\n\r\nNever used from userspace, disallow these parameters.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-52620"
},
{
"cve": "CVE-2024-0584",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-0584"
},
{
"cve": "CVE-2024-0727",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue. OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass(). We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-2511",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is being used (but not if early_data support is also configured and the default anti-replay protection is in use). In this case, under certain conditions, the session cache can get into an incorrect state and it will fail to flush properly as it fills. The session cache will continue to grow in an unbounded manner. A malicious client could deliberately create the scenario for this failure to force a Denial of Service. It may also happen by accident in normal operation. This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS clients. The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL 1.0.2 is also not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-2511"
},
{
"cve": "CVE-2024-5535",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or a crash. In particular this issue could result in up to 255 bytes of arbitrary private data from memory being sent to the peer leading to a loss of confidentiality. However, only applications that directly call the SSL_select_next_proto function with a 0 length list of supported client protocols are affected by this issue. This would normally never be a valid scenario and is typically not under attacker control but may occur by accident in the case of a configuration or programming error in the calling application. The OpenSSL API function SSL_select_next_proto is typically used by TLS applications that support ALPN (Application Layer Protocol Negotiation) or NPN (Next Protocol Negotiation). NPN is older, was never standardised and is deprecated in favour of ALPN. We believe that ALPN is significantly more widely deployed than NPN. The SSL_select_next_proto function accepts a list of protocols from the server and a list of protocols from the client and returns the first protocol that appears in the server list that also appears in the client list. In the case of no overlap between the two lists it returns the first item in the client list. In either case it will signal whether an overlap between the two lists was found. In the case where SSL_select_next_proto is called with a zero length client list it fails to notice this condition and returns the memory immediately following the client list pointer (and reports that there was no overlap in the lists). This function is typically called from a server side application callback for ALPN or a client side application callback for NPN. In the case of ALPN the list of protocols supplied by the client is guaranteed by libssl to never be zero in length. The list of server protocols comes from the application and should never normally be expected to be of zero length. In this case if the SSL_select_next_proto function has been called as expected (with the list supplied by the client passed in the client/client_len parameters), then the application will not be vulnerable to this issue. If the application has accidentally been configured with a zero length server list, and has accidentally passed that zero length server list in the client/client_len parameters, and has additionally failed to correctly handle a \"no overlap\" response (which would normally result in a handshake failure in ALPN) then it will be vulnerable to this problem. In the case of NPN, the protocol permits the client to opportunistically select a protocol when there is no overlap. OpenSSL returns the first client protocol in the no overlap case in support of this. The list of client protocols comes from the application and should never normally be expected to be of zero length. However if the SSL_select_next_proto function is accidentally called with a client_len of 0 then an invalid memory pointer will be returned instead. If the application uses this output as the opportunistic protocol then the loss of confidentiality will occur. This issue has been assessed as Low severity because applications are most likely to be vulnerable if they are using NPN instead of ALPN - but NPN is not widely used. It also requires an application configuration or programming error. Finally, this issue would not typically be under attacker control making active exploitation unlikely. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue. Due to the low severity of this issue we are not issuing new releases of OpenSSL at this time. The fix will be included in the next releases when they become available.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-5535"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: Use of the low-level GF(2m) elliptic curve APIs with untrusted explicit values for the field polynomial can lead to out-of-bounds memory reads or writes. Impact summary: Out of bound memory writes can lead to an application crash or even a possibility of a remote code execution, however, in all the protocols involving Elliptic Curve Cryptography that we\u0027re aware of, either only \"named curves\" are supported, or, if explicit curve parameters are supported, they specify an X9.62 encoding of binary (GF(2m)) curves that can\u0027t represent problematic input values. Thus the likelihood of existence of a vulnerable application is low. In particular, the X9.62 encoding is used for ECC keys in X.509 certificates, so problematic inputs cannot occur in the context of processing X.509 certificates. Any problematic use-cases would have to be using an \"exotic\" curve encoding. The affected APIs include: EC_GROUP_new_curve_GF2m(), EC_GROUP_new_from_params(), and various supporting BN_GF2m_*() functions. Applications working with \"exotic\" explicit binary (GF(2m)) curve parameters, that make it possible to represent invalid field polynomials with a zero constant term, via the above or similar APIs, may terminate abruptly as a result of reading or writing outside of array bounds. Remote code execution cannot easily be ruled out. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-22099",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C.\n\nThis issue affects Linux kernel: v2.6.12-rc2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-22099"
},
{
"cve": "CVE-2024-23307",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-23307"
},
{
"cve": "CVE-2024-23848",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-23848"
},
{
"cve": "CVE-2024-24857",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A race condition was found in the Linux kernel\u0027s net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-24857"
},
{
"cve": "CVE-2024-24858",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A race condition was found in the Linux kernel\u0027s net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-24858"
},
{
"cve": "CVE-2024-24859",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A race condition was found in the Linux kernel\u0027s net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-24859"
},
{
"cve": "CVE-2024-25739",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-\u003eleb_size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-25739"
},
{
"cve": "CVE-2024-26629",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"notes": [
{
"category": "summary",
"text": "nfsd: The test on so_count in nfsd4_release_lockowner() is potentially harmful. It can transiently return a false positive resulting in a return of NFS4ERR_LOCKS_HELD when in fact no locks are held. This is clearly a protocol violation and with the Linux NFS client it can cause incorrect behaviour.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26629"
},
{
"cve": "CVE-2024-26642",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: disallow anonymous set with timeout flag",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26642"
},
{
"cve": "CVE-2024-26643",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26643"
},
{
"cve": "CVE-2024-26651",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "sr9800: Local Denial of Service Vulnerability.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26651"
},
{
"cve": "CVE-2024-26659",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "xhci: isoc Babble and Buffer Overrun events are not handled properly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26659"
},
{
"cve": "CVE-2024-26787",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "mmc: mmci: stm32: Fixed issue with overlapping mappings in the DMA API.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26787"
},
{
"cve": "CVE-2024-26810",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nvfio/pci: Lock external INTx masking ops",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26810"
},
{
"cve": "CVE-2024-26812",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nvfio/pci: Create persistent INTx handler",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26812"
},
{
"cve": "CVE-2024-26816",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"notes": [
{
"category": "summary",
"text": "x86, relocs: relocations in .notes section. When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the \"startup_xen\" entry point.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26816"
},
{
"cve": "CVE-2024-26820",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26820"
},
{
"cve": "CVE-2024-26851",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: nf_conntrack_h323: Add protection for bmp length out of range.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26851"
},
{
"cve": "CVE-2024-26852",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/ipv6: possible UAF in ip6_route_mpath_notify().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26852"
},
{
"cve": "CVE-2024-26855",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26855"
},
{
"cve": "CVE-2024-26859",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/bnx2x: Race condition leading to system crash during EEH error handling.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26859"
},
{
"cve": "CVE-2024-26861",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wireguard: receive: data-race around receiving_counter.counter.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26861"
},
{
"cve": "CVE-2024-26863",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: hsr: Fix uninit-value access in hsr_get_node().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26863"
},
{
"cve": "CVE-2024-26870",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26870"
},
{
"cve": "CVE-2024-26872",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "RDMA/srpt: use-after-free Write in srpt_refresh_port().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26872"
},
{
"cve": "CVE-2024-26875",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "media: pvrusb2: fix uaf in pvr2_context_set_notify.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26875"
},
{
"cve": "CVE-2024-26877",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "crypto: xilinx - call finalize with bh disabled.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26877"
},
{
"cve": "CVE-2024-26878",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: quota: Fix potential NULL pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26878"
},
{
"cve": "CVE-2024-26880",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: dm: call the resume method on internal suspend.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26880"
},
{
"cve": "CVE-2024-26882",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26882"
},
{
"cve": "CVE-2024-26883",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Fix stackmap overflow check on 32-bit arches.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26883"
},
{
"cve": "CVE-2024-26884",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Fix hashtab overflow check on 32-bit arches.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26884"
},
{
"cve": "CVE-2024-26885",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbpf: Fix DEVMAP_HASH overflow check on 32-bit arches\r\n\r\nThe devmap code allocates a number hash buckets equal to the next power\r\nof two of the max_entries value provided when creating the map. When\r\nrounding up to the next power of two, the 32-bit variable storing the\r\nnumber of buckets can overflow, and the code checks for overflow by\r\nchecking if the truncated 32-bit value is equal to 0. However, on 32-bit\r\narches the rounding up itself can overflow mid-way through, because it\r\nends up doing a left-shift of 32 bits on an unsigned long value. If the\r\nsize of an unsigned long is four bytes, this is undefined behaviour, so\r\nthere is no guarantee that we\u0027ll end up with a nice and tidy 0-value at\r\nthe end.\r\n\r\nSyzbot managed to turn this into a crash on arm32 by creating a\r\nDEVMAP_HASH with max_entries \u003e 0x80000000 and then trying to update it.\r\nFix this by moving the overflow check to before the rounding up\r\noperation.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26885"
},
{
"cve": "CVE-2024-26889",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: hci_core: Fix possible buffer overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26889"
},
{
"cve": "CVE-2024-26891",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "iommu/vt-d: Don\u0027t issue ATS Invalidation request when device is disconnected.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26891"
},
{
"cve": "CVE-2024-26894",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26894"
},
{
"cve": "CVE-2024-26895",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26895"
},
{
"cve": "CVE-2024-26897",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26897"
},
{
"cve": "CVE-2024-26898",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26898"
},
{
"cve": "CVE-2024-26901",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26901"
},
{
"cve": "CVE-2024-26903",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: rfcomm: Fixed null-ptr-deref in rfcomm_check_security.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26903"
},
{
"cve": "CVE-2024-26906",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26906"
},
{
"cve": "CVE-2024-26907",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "RDMA/mlx5: Fixed fortify source warning while accessing Eth segment.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26907"
},
{
"cve": "CVE-2024-26920",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntracing/trigger: Fix to return error if failed to alloc snapshot",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26920"
},
{
"cve": "CVE-2024-26923",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix garbage collector racing against connect().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-26925",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC worker could collect expired objects and get the released commit lock within the same GC sequence. nf_tables_module_autoload() temporarily releases the mutex to load module dependencies, then it goes back to replay the transaction again. Move it at the end of the abort phase after nft_gc_seq_end() is called.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26925"
},
{
"cve": "CVE-2024-26934",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nUSB: core: Fix deadlock in usb_deauthorize_interface()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26935",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: core: Fix unremoved procfs host directory regression",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26935"
},
{
"cve": "CVE-2024-26937",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/i915/gt: Reset queue_priority_hint on parking",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26937"
},
{
"cve": "CVE-2024-26950",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwireguard: netlink: access device through ctx instead of peer",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26950"
},
{
"cve": "CVE-2024-26951",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwireguard: netlink: check for dangling peer via is_dead instead of empty list",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26951"
},
{
"cve": "CVE-2024-26958",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfs: fix UAF in direct writes",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26960",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmm: swap: fix race between free_swap_and_cache() and swapoff()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26960"
},
{
"cve": "CVE-2024-26961",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmac802154: fix llsec key resources release in mac802154_llsec_key_del",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26961"
},
{
"cve": "CVE-2024-26973",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent it stores only first 10 bytes of the file handle. However the length of the file handle must be a multiple of 4 so the file handle is actually 12 bytes long and the last two bytes remain uninitialized. This is not great at we potentially leak uninitialized information with the handle to userspace. Properly initialize the full handle length.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26973"
},
{
"cve": "CVE-2024-26974",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncrypto: qat - resolve race condition during AER recovery",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26974"
},
{
"cve": "CVE-2024-26982",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\nSquashfs: check the inode number is not the invalid value of zero",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26982"
},
{
"cve": "CVE-2024-26988",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ninit/main.c: Fix potential static_command_line memory overflow",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26988"
},
{
"cve": "CVE-2024-26993",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-27004",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nclk: Get runtime PM before walking tree during disable_unused",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27004"
},
{
"cve": "CVE-2024-27013",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntun: limit printing rate when illegal packet received by tun dev\r\n\r\nvhost_worker will call tun call backs to receive packets. If too many\r\nillegal packets arrives, tun_do_read will keep dumping packet contents.\r\nWhen console is enabled, it will costs much more cpu time to dump\r\npacket and soft lockup will be detected.\r\n\r\nnet_ratelimit mechanism can be used to limit the dumping rate.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27020",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in nft_expr_type_get().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27020"
},
{
"cve": "CVE-2024-27024",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in the Linux kernel: net/rds: WARNING in rds_conn_connect_if_down If connection isn\u0027t established yet, get_mr() will fail, trigger connection after get_mr().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27024"
},
{
"cve": "CVE-2024-27025",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: nbd: null check for nla_nest_start nla_nest_start() may fail and return NULL. Insert a check and set errno based on other call sites within the same source code.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27025"
},
{
"cve": "CVE-2024-27038",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: clk: clk_core_get NULL dereference It is possible for clk_core_get to dereference a NULL in the following sequence: clk_core_get() of_clk_get_hw_from_clkspec() __of_clk_get_hw_from_provider() __clk_get_hw() __clk_get_hw() can return NULL which is dereferenced by clk_core_get() at hw-\u003ecore. Prior to commit dde4eff47c82 (\"clk: Look for parents with clkdev based clk_lookups\") the check IS_ERR_OR_NULL() was performed which would have caught the NULL. Reading the description of this function it talks about returning NULL but that cannot be so at the moment. Update the function to check for hw before dereferencing it and return NULL if hw is NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27038"
},
{
"cve": "CVE-2024-27047",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerablity in Linux kernel: net: phy: phy_get_internal_delay accessing an empty array The phy_get_internal_delay function could try to access to an empty array in the case that the driver is calling phy_get_internal_delay without defining delay_values and rx-internal-delay-ps or tx-internal-delay-ps is defined to 0 in the device-tree. This will lead to \"unable to handle kernel NULL pointer dereference at virtual address 0\".",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27047"
},
{
"cve": "CVE-2024-27052",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work The workqueue might still be running, when the driver is stopped.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27052"
},
{
"cve": "CVE-2024-27053",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in the Linux kernel: wifi: wilc1000: RCU usage in connect path",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27053"
},
{
"cve": "CVE-2024-27059",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27065",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: do not compare internal table flags on updates Restore skipping transaction if table update does not modify flags.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27065"
},
{
"cve": "CVE-2024-27072",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmedia: usbtv: Remove useless locks in usbtv_video_free()\r\n\r\nRemove locks calls in usbtv_video_free() because\r\nare useless and may led to a deadlock as reported here:\r\nhttps://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000\r\nAlso remove usbtv_stop() call since it will be called when\r\nunregistering the device.\r\n\r\nBefore \u0027c838530d230b\u0027 this issue would only be noticed if you\r\ndisconnect while streaming and now it is noticeable even when\r\ndisconnecting while not streaming.\r\n\r\n\r\n[hverkuil: fix minor spelling mistake in log message]",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27072"
},
{
"cve": "CVE-2024-27076",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in the Linux kernel: media: imx: csc/scaler: v4l2_ctrl_handler memory leak Free the memory allocated in v4l2_ctrl_handler_init on release.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27076"
},
{
"cve": "CVE-2024-27077",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: media: v4l2-mem2mem: a memleak in v4l2_m2m_register_entity The entity-\u003ename (i.e. name) is allocated in v4l2_m2m_register_entity but isn\u0027t freed in its following error-handling paths. This patch adds such deallocation to prevent memleak of entity-\u003ename.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27077"
},
{
"cve": "CVE-2024-27078",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: media: v4l2-tpg: some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpg_free is called only when tpg_alloc return 0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27078"
},
{
"cve": "CVE-2024-27395",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix Use-After-Free in ovs_ct_exit\n\nSince kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof ovs_ct_limit_exit, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27395"
},
{
"cve": "CVE-2024-27396",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gtp: Fix Use-After-Free in gtp_dellink\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof gtp_dellink, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27397",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: use timestamp to check for set element timeout\r\n\r\nAdd a timestamp field at the beginning of the transaction, store it\r\nin the nftables per-netns area.\r\n\r\nUpdate set backend .insert, .deactivate and sync gc path to use the\r\ntimestamp, this avoids that an element expires while control plane\r\ntransaction is still unfinished.\r\n\r\n.lookup and .update, which are used from packet path, still use the\r\ncurrent time to check if the element has expired. And .get path and dump\r\nalso since this runs lockless under rcu read size lock. Then, there is\r\nasync gc which also needs to check the current time since it runs\r\nasynchronously from a workqueue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27397"
},
{
"cve": "CVE-2024-27419",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netrom: data-races around sysctl_net_busy_read We need to protect the reader reading the sysctl value because the value can be changed concurrently.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27419"
},
{
"cve": "CVE-2024-27431",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: cpumap: Zero-initialise xdp_rxq_info struct before running XDP program When running an XDP program that is attached to a cpumap entry, we don\u0027t initialise the xdp_rxq_info data structure being used in the xdp_buff that backs the XDP program invocation. Tobias noticed that this leads to random values being returned as the xdp_md-\u003erx_queue_index value for XDP programs running in a cpumap. This means we\u0027re basically returning the contents of the uninitialised memory, which is bad. Fix this by zero-initialising the rxq data structure before running the XDP program.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27431"
},
{
"cve": "CVE-2024-27436",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27436"
},
{
"cve": "CVE-2024-27437",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/pci: Disable auto-enable of exclusive INTx IRQ\n\nCurrently for devices requiring masking at the irqchip for INTx, ie.\ndevices without DisINTx support, the IRQ is enabled in request_irq()\nand subsequently disabled as necessary to align with the masked status\nflag. This presents a window where the interrupt could fire between\nthese events, resulting in the IRQ incrementing the disable depth twice.\nThis would be unrecoverable for a user since the masked flag prevents\nnested enables through vfio.\n\nInstead, invert the logic using IRQF_NO_AUTOEN such that exclusive INTx\nis never auto-enabled, then unmask as required.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-27437"
},
{
"cve": "CVE-2024-33621",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-\u003esk in ipvlan_process_v4 / 6_outbound.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-33621"
},
{
"cve": "CVE-2024-33847",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "f2fs: compress: Released compress inode f2fs image may be corrupted. The reason is partial truncation assume compressed inode has reserved blocks, after partial truncation, valid block count may change w/o .i_blocks and .total_valid_block_count update, resulting in corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-33847"
},
{
"cve": "CVE-2024-34027",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "f2fs: compress: filesystem metadata including blkaddr in dnode, inode fields and .total_valid_block_count may be corrupted after SPO case.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-34027"
},
{
"cve": "CVE-2024-35789",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\r\n\r\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\r\nfast_rx entry still holds a pointer to the VLAN\u0027s netdev, which can cause\r\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\r\nafter the VLAN change.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35805",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndm snapshot: fix lockup in dm_exception_table_exit\r\n\r\nThere was reported lockup when we exit a snapshot with many exceptions.\r\nFix this by adding \"cond_resched\" to the loop that frees the exceptions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35805"
},
{
"cve": "CVE-2024-35807",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35807"
},
{
"cve": "CVE-2024-35811",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35813",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmmc: core: Avoid negative index with array access\r\n\r\nCommit 4d0c8d0aef63 (\"mmc: core: Use mrq.sbc in close-ended ffu\") assigns\r\nprev_idata = idatas[i - 1], but doesn\u0027t check that the iterator i is\r\ngreater than zero. Let\u0027s fix this by adding a check.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35813"
},
{
"cve": "CVE-2024-35815",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\r\n\r\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\r\nthat is not embedded inside struct aio_kiocb. With the current code,\r\ndepending on the compiler, the req-\u003eki_ctx read happens either before\r\nthe IOCB_AIO_RW test or after that test. Move the req-\u003eki_ctx read such\r\nthat it is guaranteed that the IOCB_AIO_RW test happens first.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35815"
},
{
"cve": "CVE-2024-35823",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nvt: fix unicode buffer corruption when deleting characters\r\n\r\nThis is the same issue that was fixed for the VGA text buffer in commit\r\n39cdb68c64d8 (\"vt: fix memory overlapping when deleting chars in the\r\nbuffer\"). The cure is also the same i.e. replace memcpy() with memmove()\r\ndue to the overlaping buffers.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35823"
},
{
"cve": "CVE-2024-35828",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35828"
},
{
"cve": "CVE-2024-35845",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we must ensure the string is terminated correctly before using it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35845"
},
{
"cve": "CVE-2024-35849",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbtrfs: fix information leak in btrfs_ioctl_logical_to_ino()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35849"
},
{
"cve": "CVE-2024-35877",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nx86/mm/pat: fix VM_PAT handling in COW mappings\r\n\r\nPAT handling won\u0027t do the right thing in COW mappings: the first PTE (or,\r\nin fact, all PTEs) can be replaced during write faults to point at anon\r\nfolios. Reliably recovering the correct PFN and cachemode using\r\nfollow_phys() from PTEs will not work in COW mappings.\r\n\r\nUsing follow_phys(), we might just get the address+protection of the anon\r\nfolio (which is very wrong), or fail on swap/nonswap entries, failing\r\nfollow_phys() and triggering a WARN_ON_ONCE() in untrack_pfn() and\r\ntrack_pfn_copy(), not properly calling free_pfn_range().\r\n\r\nIn free_pfn_range(), we either wouldn\u0027t call memtype_free() or would call\r\nit with the wrong range, possibly leaking memory.\r\n\r\nTo fix that, let\u0027s update follow_phys() to refuse returning anon folios,\r\nand fallback to using the stored PFN inside vma-\u003evm_pgoff for COW mappings\r\nif we run into that.\r\n\r\nWe will now properly handle untrack_pfn() with COW mappings, where we\r\ndon\u0027t need the cachemode. We\u0027ll have to fail fork()-\u003etrack_pfn_copy() if\r\nthe first page was replaced by an anon folio, though: we\u0027d have to store\r\nthe cachemode in the VMA to make this work, likely growing the VMA size.\r\n\r\nFor now, lets keep it simple and let track_pfn_copy() just fail in that\r\ncase: it would have failed in the past with swap/nonswap entries already,\r\nand it would have done the wrong thing with anon folios.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35877"
},
{
"cve": "CVE-2024-35884",
"cwe": {
"id": "CWE-923",
"name": "Improper Restriction of Communication Channel to Intended Endpoints"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nudp: do not accept non-tunnel GSO skbs landing in a tunnel\r\n\r\nWhen rx-udp-gro-forwarding is enabled UDP packets might be GROed when\r\nbeing forwarded. If such packets might land in a tunnel this can cause\r\nvarious issues and udp_gro_receive makes sure this isn\u0027t the case by\r\nlooking for a matching socket. This is performed in\r\nudp4/6_gro_lookup_skb but only in the current netns. This is an issue\r\nwith tunneled packets when the endpoint is in another netns. In such\r\ncases the packets will be GROed at the UDP level, which leads to various\r\nissues later on. The same thing can happen with rx-gro-list.\r\n\r\nWe saw this with geneve packets being GROed at the UDP level. In such\r\ncase gso_size is set; later the packet goes through the geneve rx path,\r\nthe geneve header is pulled, the offset are adjusted and frag_list skbs\r\nare not adjusted with regard to geneve. When those skbs hit\r\nskb_fragment, it will misbehave. Different outcomes are possible\r\ndepending on what the GROed skbs look like; from corrupted packets to\r\nkernel crashes.\r\n\r\nOne example is a BUG_ON[1] triggered in skb_segment while processing the\r\nfrag_list. Because gso_size is wrong (geneve header was pulled)\r\nskb_segment thinks there is \"geneve header size\" of data in frag_list,\r\nalthough it\u0027s in fact the next packet. The BUG_ON itself has nothing to\r\ndo with the issue. This is only one of the potential issues.\r\n\r\nLooking up for a matching socket in udp_gro_receive is fragile: the\r\nlookup could be extended to all netns (not speaking about performances)\r\nbut nothing prevents those packets from being modified in between and we\r\ncould still not find a matching socket. It\u0027s OK to keep the current\r\nlogic there as it should cover most cases but we also need to make sure\r\nwe handle tunnel packets being GROed too early.\r\n\r\nThis is done by extending the checks in udp_unexpected_gso: GSO packets\r\nlacking the SKB_GSO_UDP_TUNNEL/_CSUM bits and landing in a tunnel must\r\nbe segmented.\r\n\r\n[1] kernel BUG at net/core/skbuff.c:4408!\r\n RIP: 0010:skb_segment+0xd2a/0xf70\r\n __udp_gso_segment+0xaa/0x560",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35884"
},
{
"cve": "CVE-2024-35886",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv6: Fix infinite recursion in fib6_dump_done().\r\n\r\nsyzkaller reported infinite recursive calls of fib6_dump_done() during\r\nnetlink socket destruction.\r\n\r\nFrom the log, syzkaller sent an AF_UNSPEC RTM_GETROUTE message, and then\r\nthe response was generated. The following recvmmsg() resumed the dump\r\nfor IPv6, but the first call of inet6_dump_fib() failed at kzalloc() due\r\nto the fault injection.\r\n\r\n 12:01:34 executing program 3:\r\n r0 = socket$nl_route(0x10, 0x3, 0x0)\r\n sendmsg$nl_route(r0, ... snip ...)\r\n recvmmsg(r0, ... snip ...) (fail_nth: 8)\r\n\r\nHere, fib6_dump_done() was set to nlk_sk(sk)-\u003ecb.done, and the next call\r\nof inet6_dump_fib() set it to nlk_sk(sk)-\u003ecb.args[3]. syzkaller stopped\r\nreceiving the response halfway through, and finally netlink_sock_destruct()\r\ncalled nlk_sk(sk)-\u003ecb.done().\r\n\r\nfib6_dump_done() calls fib6_dump_end() and nlk_sk(sk)-\u003ecb.done() if it\r\nis still not NULL. fib6_dump_end() rewrites nlk_sk(sk)-\u003ecb.done() by\r\nnlk_sk(sk)-\u003ecb.args[3], but it has the same function, not NULL, calling\r\nitself recursively and hitting the stack guard page.\r\n\r\nTo avoid the issue, let\u0027s set the destructor after kzalloc().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35886"
},
{
"cve": "CVE-2024-35888",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: erspan: make sure erspan_base_hdr is present in skb-\u003ehead.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35888"
},
{
"cve": "CVE-2024-35893",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/sched: act_skbmod: prevent kernel-infoleak\r\n\r\nsyzbot found that tcf_skbmod_dump() was copying four bytes\r\nfrom kernel stack to user space.\r\n\r\nThe issue here is that \u0027struct tc_skbmod\u0027 has a four bytes hole.\r\n\r\nWe need to clear the structure before filling fields.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35893"
},
{
"cve": "CVE-2024-35895",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Prevent lock inversion deadlock in map delete elem\n\nsyzkaller started using corpuses where a BPF tracing program deletes\nelements from a sockmap/sockhash map. Because BPF tracing programs can be\ninvoked from any interrupt context, locks taken during a map_delete_elem\noperation must be hardirq-safe. Otherwise a deadlock due to lock inversion\nis possible, as reported by lockdep:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026htab-\u003ebuckets[i].lock);\n local_irq_disable();\n lock(\u0026host-\u003elock);\n lock(\u0026htab-\u003ebuckets[i].lock);\n \u003cInterrupt\u003e\n lock(\u0026host-\u003elock);\n\nLocks in sockmap are hardirq-unsafe by design. We expects elements to be\ndeleted from sockmap/sockhash only in task (normal) context with interrupts\nenabled, or in softirq context.\n\nDetect when map_delete_elem operation is invoked from a context which is\n_not_ hardirq-unsafe, that is interrupts are disabled, and bail out with an\nerror.\n\nNote that map updates are not affected by this issue. BPF verifier does not\nallow updating sockmap/sockhash from a BPF tracing program today.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35896",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: validate user input for expected length\r\n\r\nI got multiple syzbot reports showing old bugs exposed\r\nby BPF after commit 20f2505fb436 (\"bpf: Try to avoid kzalloc\r\nin cgroup/{s,g}etsockopt\")\r\n\r\nsetsockopt() @optlen argument should be taken into account\r\nbefore copying data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35896"
},
{
"cve": "CVE-2024-35897",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\r\n\r\nHook unregistration is deferred to the commit phase, same occurs with\r\nhook updates triggered by the table dormant flag. When both commands are\r\ncombined, this results in deleting a basechain while leaving its hook\r\nstill registered in the core.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35897"
},
{
"cve": "CVE-2024-35898",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\r\n\r\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\r\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\r\nAnd thhere is not any protection when iterate over nf_tables_flowtables\r\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\r\ndata-race of nf_tables_flowtables list entry.\r\n\r\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\r\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\r\nnft_flowtable_type_get() to protect the entire type query process.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35898"
},
{
"cve": "CVE-2024-35899",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: flush pending destroy work before exit_net release\r\n\r\nSimilar to 2c9f0293280e (\"netfilter: nf_tables: flush pending destroy\r\nwork before netlink notifier\") to address a race between exit_net and\r\nthe destroy workqueue.\r\n\r\nThe trace below shows an element to be released via destroy workqueue\r\nwhile exit_net path (triggered via module removal) has already released\r\nthe set that is used in such transaction.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35899"
},
{
"cve": "CVE-2024-35900",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_tables: reject new basechain after table flag update\r\n\r\nWhen dormant flag is toggled, hooks are disabled in the commit phase by\r\niterating over current chains in table (existing and new).\r\n\r\nThe following configuration allows for an inconsistent state:\r\n\r\n add table x\r\n add chain x y { type filter hook input priority 0; }\r\n add table x { flags dormant; }\r\n add chain x w { type filter hook input priority 1; }\r\n\r\nwhich triggers the following warning when trying to unregister chain w\r\nwhich is already unregistered.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35900"
},
{
"cve": "CVE-2024-35902",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/rds: possible cp null dereference cp might be null, calling cp-\u003ecp_conn would produce null dereference. Cp is a parameter of __rds_rdma_map and is not reassigned.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35902"
},
{
"cve": "CVE-2024-35905",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35910",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: properly terminate timers for kernel sockets We had various syzbot reports about tcp timers firing after the corresponding netns has been dismantled. Fortunately Josef Bacik could trigger the issue more often, and could test a patch I wrote two years ago. When TCP sockets are closed, we call inet_csk_clear_xmit_timers() to \u0027stop\u0027 the timers. inet_csk_clear_xmit_timers() can be called from any context, including when socket lock is held. This is the reason it uses sk_stop_timer(), aka del_timer(). This means that ongoing timers might finish much later. For user sockets, this is fine because each running timer holds a reference on the socket, and the user socket holds a reference on the netns. For kernel sockets, we risk that the netns is freed before timer can complete, because kernel sockets do not hold reference on the netns. This patch adds inet_csk_clear_xmit_timers_sync() function that using sk_stop_timer_sync() to make sure all timers are terminated before the kernel socket is released. Modules using kernel sockets close them in their netns exit() handler. Also add sock_not_owned_by_me() helper to get LOCKDEP support : inet_csk_clear_xmit_timers_sync() must not be called while socket lock is held. It is very possible we can revert in the future commit 3a58f13a881e (\"net: rds: acquire refcount on TCP sockets\") which attempted to solve the issue in rds only. (net/smc/af_smc.c and net/mptcp/subflow.c have similar code) We probably can remove the check_net() tests from tcp_out_of_resources() and __tcp_close() in the future.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35910"
},
{
"cve": "CVE-2024-35915",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35915"
},
{
"cve": "CVE-2024-35922",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "fbmon: prevent division by zero in fb_videomode_from_videomode()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35922"
},
{
"cve": "CVE-2024-35925",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "block: prevent division by zero in blk_rq_stat_sum()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35925"
},
{
"cve": "CVE-2024-35930",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35930"
},
{
"cve": "CVE-2024-35933",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: btintel: Fix null ptr deref in btintel_read_version",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35933"
},
{
"cve": "CVE-2024-35934",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35934"
},
{
"cve": "CVE-2024-35935",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "btrfs: send: handle path ref underflow in header iterate_inode_ref()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35935"
},
{
"cve": "CVE-2024-35936",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "summary",
"text": "btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35936"
},
{
"cve": "CVE-2024-35940",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "pstore/zone: Add a null pointer check to the psz_kmsg_read",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35940"
},
{
"cve": "CVE-2024-35944",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35944"
},
{
"cve": "CVE-2024-35950",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "drm/client: Fully protect modes with dev-\u003emode_config.mutex",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-35955",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "kprobes: Fix possible use-after-free issue on kprobe registration",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35958",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "net: ena: Fix incorrect descriptor free behavior",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35958"
},
{
"cve": "CVE-2024-35960",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "net/mlx5: Properly link new fs rules into the tree",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35960"
},
{
"cve": "CVE-2024-35962",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"notes": [
{
"category": "summary",
"text": "netfilter: complete validation of user input",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35962"
},
{
"cve": "CVE-2024-35965",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: L2CAP: Fix not validating setsockopt user input\r\n\r\nCheck user input length before copying data.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35965"
},
{
"cve": "CVE-2024-35966",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: RFCOMM: Fix not validating setsockopt user input",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35966"
},
{
"cve": "CVE-2024-35967",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: SCO: Fix not validating setsockopt user input",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35967"
},
{
"cve": "CVE-2024-35969",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35973",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "geneve: fix header validation in geneve_xmit_skb",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35973"
},
{
"cve": "CVE-2024-35976",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "xsk: validate user input for XDP_UMEM|COMPLETION_FILL_RING",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35976"
},
{
"cve": "CVE-2024-35978",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: Fix memory leak in hci_req_sync_complete()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35978"
},
{
"cve": "CVE-2024-35982",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "batman-adv: Avoid infinite loop trying to resize local TT",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35982"
},
{
"cve": "CVE-2024-35983",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35983"
},
{
"cve": "CVE-2024-35984",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "i2c: smbus: fix NULL function pointer dereference",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35984"
},
{
"cve": "CVE-2024-35988",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "riscv: Fix TASK_SIZE on 64-bit NOMMU. On NOMMU, userspace memory can come from anywhere in physical RAM. The current definition of TASK_SIZE is wrong if any RAM exists above 4G,\r\ncausing spurious failures in the userspace access routines.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35988"
},
{
"cve": "CVE-2024-35990",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "dma: xilinx_dpdma: Fix locking",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35990"
},
{
"cve": "CVE-2024-35996",
"cwe": {
"id": "CWE-655",
"name": "Insufficient Psychological Acceptability"
},
"notes": [
{
"category": "summary",
"text": "cpu: Re-enable CPU mitigations by default for !X86 architectures",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35996"
},
{
"cve": "CVE-2024-35997",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-35997"
},
{
"cve": "CVE-2024-36004",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "summary",
"text": "i40e: Do not use WQ_MEM_RECLAIM flag for workqueue",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36004"
},
{
"cve": "CVE-2024-36005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: nf_tables: honor table dormant flag from netdev release event path",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36005"
},
{
"cve": "CVE-2024-36006",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmlxsw: spectrum_acl_tcam: Fix incorrect list API usage",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36006"
},
{
"cve": "CVE-2024-36007",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmlxsw: spectrum_acl_tcam: Fix warning during rehash\r\n\r\nAs previously explained, the rehash delayed work migrates filters from\r\none region to another. This is done by iterating over all chunks (all\r\nthe filters with the same priority) in the region and in each chunk\r\niterating over all the filters.\r\n\r\nWhen the work runs out of credits it stores the current chunk and entry\r\nas markers in the per-work context so that it would know where to resume\r\nthe migration from the next time the work is scheduled.\r\n\r\nUpon error, the chunk marker is reset to NULL, but without resetting the\r\nentry markers despite being relative to it. This can result in migration\r\nbeing resumed from an entry that does not belong to the chunk being\r\nmigrated. In turn, this will eventually lead to a chunk being iterated\r\nover as if it is an entry. Because of how the two structures happen to\r\nbe defined, this does not lead to KASAN splats, but to warnings such as.\r\n\r\nFix by creating a helper that resets all the markers and call it from\r\nall the places the currently only reset the chunk marker. For good\r\nmeasures also call it when starting a completely new rehash. Add a\r\nwarning to avoid future cases.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36007"
},
{
"cve": "CVE-2024-36008",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv4: check for NULL idev in ip_route_use_hint()\r\n\r\nsyzbot was able to trigger a NULL deref in fib_validate_source()\r\nin an old tree.\r\n\r\nIt appears the bug exists in latest trees.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36008"
},
{
"cve": "CVE-2024-36020",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ni40e: fix vf may be used uninitialized in this function warning\r\n\r\nTo fix the regression introduced by commit 52424f974bc5, which causes\r\nservers hang in very hard to reproduce conditions with resets races.\r\nUsing two sources for the information is the root cause.\r\nIn this function before the fix bumping v didn\u0027t mean bumping vf\r\npointer. But the code used this variables interchangeably, so stale vf\r\ncould point to different/not intended vf.\r\n\r\nRemove redundant \"v\" variable and iterate via single VF pointer across\r\nwhole function instead to guarantee VF pointer validity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36020"
},
{
"cve": "CVE-2024-36270",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36270"
},
{
"cve": "CVE-2024-36286",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36286"
},
{
"cve": "CVE-2024-36288",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "SUNRPC: Fix loop termination condition in gss_free_in_token_pages() The in_token-\u003epages[] array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range [0x04a2013400000008-0x04a201340000000f].",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36288"
},
{
"cve": "CVE-2024-36484",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36484"
},
{
"cve": "CVE-2024-36489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tls: missing memory barrier in tls_init. In tls_init(), a write memory barrier is missing, and store-store reordering may cause NULL dereference in tls_{setsockopt,getsockopt}.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36489"
},
{
"cve": "CVE-2024-36894",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36894"
},
{
"cve": "CVE-2024-36899",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\r\n\r\nThe use-after-free issue occurs as follows: when the GPIO chip device file\r\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\r\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\r\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\r\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\r\nread rwsem. Consequently, a race condition leads to the use-after-free of\r\nwatched_lines.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36902",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "Vulnerability in Linux kernel: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() syzbot is able to trigger the following crash [1], caused by unsafe ip6_dst_idev() use. Indeed ip6_dst_idev() can return NULL, and must always be checked.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36902"
},
{
"cve": "CVE-2024-36904",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36905",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36905"
},
{
"cve": "CVE-2024-36916",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: blk-iocost: avoid out of bounds shift UBSAN catches undefined behavior in blk-iocost, where sometimes iocg-\u003edelay is shifted right by a number that is too large, resulting in undefined behavior on some architectures. [ 186.556576] ------------[ cut here ]------------ UBSAN: shift-out-of-bounds in block/blk-iocost.c:1366:23 shift exponent 64 is too large for 64-bit type \u0027u64\u0027 (aka \u0027unsigned long long\u0027) CPU: 16 PID: 0 Comm: swapper/16 Tainted: G S E N 6.9.0-0_fbk700_debug_rc2_kbuilder_0_gc85af715cac0 #1 Hardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A23 12/08/2020 Call Trace: \u003cIRQ\u003e dump_stack_lvl+0x8f/0xe0 __ubsan_handle_shift_out_of_bounds+0x22c/0x280 iocg_kick_delay+0x30b/0x310 ioc_timer_fn+0x2fb/0x1f80 __run_timer_base+0x1b6/0x250 ... Avoid that undefined behavior by simply taking the \"delay = 0\" branch if the shift is too large. I am not sure what the symptoms of an undefined value delay will be, but I suspect it could be more than a little annoying to debug.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36916"
},
{
"cve": "CVE-2024-36929",
"cwe": {
"id": "CWE-237",
"name": "Improper Handling of Structural Elements"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: core: reject skb_copy(_expand) for fraglist GSO skbs SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skb_copy or skb_copy_expand, in order to prevent a crash on a potential later call to skb_gso_segment.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36929"
},
{
"cve": "CVE-2024-36939",
"cwe": {
"id": "CWE-391",
"name": "Unchecked Error Condition"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: nfs: Handle error of rpc_proc_register() in nfs_net_init(). syzkaller reported a warning [0] triggered while destroying immature netns. rpc_proc_register() was called in init_nfs_fs(), but its error has been ignored since at least the initial commit 1da177e4c3f4 (\"Linux-2.6.12-rc2\"). Recently, commit d47151b79e32 (\"nfs: expose /proc/net/sunrpc/nfs in net namespaces\") converted the procfs to per-netns and made the problem more visible. Even when rpc_proc_register() fails, nfs_net_init() could succeed, and thus nfs_net_exit() will be called while destroying the netns. Then, remove_proc_entry() will be called for non-existing proc directory and trigger the warning below. Let\u0027s handle the error of rpc_proc_register() properly in nfs_net_init(). [0]: name \u0027nfs\u0027 WARNING: CPU: 1 PID: 1710 at fs/proc/generic.c:711 remove_proc_entry+0x1bb/0x2d0 fs/proc/generic.c:711 Modules linked in: CPU: 1 PID: 1710 Comm: syz-executor.2 Not tainted 6.8.0-12822-gcd51db110a7e #12 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014 RIP: 0010:remove_proc_entry+0x1bb/0x2d0 fs/proc/generic.c:711 Code: 41 5d 41 5e c3 e8 85 09 b5 ff 48 c7 c7 88 58 64 86 e8 09 0e 71 02 e8 74 09 b5 ff 4c 89 e6 48 c7 c7 de 1b 80 84 e8 c5 ad 97 ff \u003c0f\u003e 0b eb b1 e8 5c 09 b5 ff 48 c7 c7 88 58 64 86 e8 e0 0d 71 02 eb RSP: 0018:ffffc9000c6d7ce0 EFLAGS: 00010286 RAX: 0000000000000000 RBX: ffff8880422b8b00 RCX: ffffffff8110503c RDX: ffff888030652f00 RSI: ffffffff81105045 RDI: 0000000000000001 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: ffffffff81bb62cb R12: ffffffff84807ffc R13: ffff88804ad6fcc0 R14: ffffffff84807ffc R15: ffffffff85741ff8 FS: 00007f30cfba8640(0000) GS:ffff88807dd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ff51afe8000 CR3: 000000005a60a005 CR4: 0000000000770ef0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 PKRU: 55555554 Call Trace: \u003cTASK\u003e rpc_proc_unregister+0x64/0x70 net/sunrpc/stats.c:310 nfs_net_exit+0x1c/0x30 fs/nfs/inode.c:2438 ops_exit_list+0x62/0xb0 net/core/net_namespace.c:170 setup_net+0x46c/0x660 net/core/net_namespace.c:372 copy_net_ns+0x244/0x590 net/core/net_namespace.c:505 create_new_namespaces+0x2ed/0x770 kernel/nsproxy.c:110 unshare_nsproxy_namespaces+0xae/0x160 kernel/nsproxy.c:228 ksys_unshare+0x342/0x760 kernel/fork.c:3322 __do_sys_unshare kernel/fork.c:3393 [inline] __se_sys_unshare kernel/fork.c:3391 [inline] __x64_sys_unshare+0x1f/0x30 kernel/fork.c:3391 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0x4f/0x110 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x46/0x4e RIP: 0033:0x7f30d0febe5d Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 9f 1b 00 f7 d8 64 89 01 48 RSP: 002b:00007f30cfba7cc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 RAX: ffffffffffffffda RBX: 00000000004bbf80 RCX: 00007f30d0febe5d RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c020600 RBP: 00000000004bbf80 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 R13: 000000000000000b R14: 00007f30d104c530 R15: 0000000000000000 \u003c/TASK\u003e",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36939"
},
{
"cve": "CVE-2024-36940",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The \"pctldev\" struct is allocated in devm_pinctrl_register_and_init(). It\u0027s a devm_ managed pointer that is freed by devm_pinctrl_dev_release(), so freeing it in pinctrl_enable() will lead to a double free. The devm_pinctrl_dev_release() function frees the pindescs and destroys the mutex as well.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36940"
},
{
"cve": "CVE-2024-36959",
"cwe": {
"id": "CWE-668",
"name": "Exposure of Resource to Wrong Sphere"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping operation, here we call it directly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36959"
},
{
"cve": "CVE-2024-36974",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP. If one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided, taprio_parse_mqprio_opt() must validate it, or userspace can inject arbitrary data to the kernel, the second time taprio_change() is called. First call (with valid attributes) sets dev-\u003enum_tc to a non zero value. Second call (with arbitrary mqprio attributes) returns early from taprio_parse_mqprio_opt() and bad things can happen.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36974"
},
{
"cve": "CVE-2024-36978",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: sched: sch_multiq: possible OOB write in multiq_tune() q-\u003ebands will be assigned to qopt-\u003ebands to execute subsequent code logic after kmalloc. So the old q-\u003ebands should not be used in kmalloc. Otherwise, an out-of-bounds write will occur.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-36978"
},
{
"cve": "CVE-2024-37356",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp: Fix shift-out-of-bounds in dctcp_update_alpha().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-37356"
},
{
"cve": "CVE-2024-38381",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfc: nci: Fix uninit-value in nci_rx_work syzbot reported the following uninit-value access issue [1] nci_rx_work() parses received packet from ndev-\u003erx_q. It should be validated header size, payload size and total packet size before processing the packet. If an invalid packet is detected, it should be silently discarded.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38381"
},
{
"cve": "CVE-2024-38547",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "media: atomisp: ssh_css: null-pointer dereference in load_video_binaries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38547"
},
{
"cve": "CVE-2024-38552",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "drm/amd/display: Fix potential index out of bounds in color transformation function Fixes index out of bounds issue in the color transformation function. The issue could occur when the index \u0027i\u0027 exceeds the number of transfer function points (TRANSFER_FUNC_POINTS). The fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the transfer function points. If \u0027i\u0027 is out of bounds, an error message is logged and the function returns false to indicate an error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38552"
},
{
"cve": "CVE-2024-38558",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. - OVS_PACKET_ATTR_PACKET - Binary packet content. - OVS_PACKET_ATTR_ACTIONS - Actions to execute on the packet. OVS_PACKET_ATTR_KEY is parsed first to populate sw_flow_key structure with the metadata like conntrack state, input port, recirculation id, etc.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38558"
},
{
"cve": "CVE-2024-38559",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don\u0027t ensure that the string is terminated inside the buffer, this can lead to OOB read when using kstrtouint.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38559"
},
{
"cve": "CVE-2024-38560",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscanf.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38560"
},
{
"cve": "CVE-2024-38565",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: ar5523: enable proper endpoint verification Syzkaller reports [1] hitting a warning about an endpoint in use not having an expected type to it. Fix the issue by checking for the existence of all proper endpoints with their according types intact. Sadly, this patch has not been tested on real hardware.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38565"
},
{
"cve": "CVE-2024-38567",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: carl9170: add a proper sanity check for endpoints Syzkaller reports [1] hitting a warning which is caused by presence of a wrong endpoint type at the URB sumbitting stage. While there was a check for a specific 4th endpoint, since it can switch types between bulk and interrupt, other endpoints are trusted implicitly. Similar warning is triggered in a couple of other syzbot issues [2].",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38567"
},
{
"cve": "CVE-2024-38578",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ecryptfs: Fix buffer size for tag 66 packet The \u0027TAG 66 Packet Format\u0027 description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 bytes too small and write_tag_66_packet() will write up to 3 bytes past the end of the buffer. Fix this by increasing the size of the allocation so the whole packet will always fit in the buffer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38578"
},
{
"cve": "CVE-2024-38579",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "crypto: bcm - Fix pointer arithmetic In spu2_dump_omd() value of ptr is increased by ciph_key_len instead of hash_iv_len which could lead to going beyond the buffer boundaries.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38579"
},
{
"cve": "CVE-2024-38587",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nspeakup: Fix sizeof() vs ARRAY_SIZE() bug\r\n\r\nThe \"buf\" pointer is an array of u16 values. This code should be\r\nusing ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512),\r\notherwise it can the still got out of bounds.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38587"
},
{
"cve": "CVE-2024-38589",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netrom: fix possible dead-lock in nr_rt_ioctl() syzbot loves netrom, and found a possible deadlock in nr_rt_ioctl [1] Make sure we always acquire nr_node_list_lock before nr_node_lock(nr_node).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38589"
},
{
"cve": "CVE-2024-38596",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38596"
},
{
"cve": "CVE-2024-38598",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38598"
},
{
"cve": "CVE-2024-38599",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "jffs2: prevent xattr node from overflowing the eraseblock Add a check to make sure that the requested xattr node size is no larger than the eraseblock minus the cleanmarker. Unlike the usual inode nodes, the xattr nodes aren\u0027t split into parts and spread across multiple eraseblocks, which means that a xattr node must not occupy more than one eraseblock. If the requested xattr value is too large, the xattr node can spill onto the next eraseblock, overwriting the nodes and causing errors.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38599"
},
{
"cve": "CVE-2024-38612",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix invalid unregister error path The error path of seg6_init() is wrong in case CONFIG_IPV6_SEG6_LWTUNNEL is not defined. In that case if seg6_hmac_init() fails, the genl_unregister_family() isn\u0027t called. This issue exist since commit 46738b1317e1 (\"ipv6: sr: add option to control lwtunnel support\"), and commit 5559cea2d5aa (\"ipv6: sr: fix possible use-after-free and null-ptr-deref\") replaced unregister_pernet_subsys() with genl_unregister_family() in this error path.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38612"
},
{
"cve": "CVE-2024-38615",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "cpufreq: exit() callback is optional The exit() callback is optional and shouldn\u0027t be called without checking a valid pointer first. Also, we must clear freq_table pointer even if the exit() callback isn\u0027t present.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38615"
},
{
"cve": "CVE-2024-38619",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb-storage: alauda: Check whether the media is initialized. The member \"uzonesize\" of struct alauda_info will remain 0 if alauda_init_media() fails, potentially causing divide errors in alauda_read_data() and alauda_write_lba().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38619"
},
{
"cve": "CVE-2024-38635",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "soundwire: cadence: invalid PDI offset.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38635"
},
{
"cve": "CVE-2024-38659",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "enic: Validate length of nl attributes in enic_set_vf_port enic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE is of length PORT_PROFILE_MAX and that the nl attributes IFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX. These attributes are validated (in the function do_setlink in rtnetlink.c) using the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE as NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and IFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation using the policy is for the max size of the attributes and not on exact size so the length of these attributes might be less than the sizes that enic_set_vf_port expects. This might cause an out of bands read access in the memcpys of the data of these attributes in enic_set_vf_port.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38659"
},
{
"cve": "CVE-2024-38662",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Allow delete from sockmap/sockhash only if update is allowed. We have seen an influx of syzkaller reports where a BPF program attached to a tracepoint triggers a locking rule violation by performing a map_delete on a sockmap/sockhash. We don\u0027t intend to support this artificial use scenario. Extend the existing verifier allowed-program-type check for updating sockmap/sockhash to also cover deleting from a map. From now on only BPF programs which were previously allowed to update sockmap/sockhash can delete from these map types.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38662"
},
{
"cve": "CVE-2024-38780",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: dma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-38780"
},
{
"cve": "CVE-2024-39468",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "smb: client: Deadlock in smb2_find_smb_tcon().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-39468"
},
{
"cve": "CVE-2024-39482",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bcache: Variable length array abuse in btree_iter.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-39482"
},
{
"cve": "CVE-2024-39489",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocations if one fails, so it\u0027s going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the memory when allocated, so we can reuse the code directly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-39489"
},
{
"cve": "CVE-2024-39493",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - Fix ADF_DEV_RESET_SYNC memory leak\n\nUsing completion_done to determine whether the caller has gone\naway only works after a complete call. Furthermore it\u0027s still\npossible that the caller has not yet called wait_for_completion,\nresulting in another potential UAF.\n\nFix this by making the caller use cancel_work_sync and then freeing\nthe memory safely.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-39493"
},
{
"cve": "CVE-2024-39502",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "ionic: use after netif_napi_del(). When queues are started, netif_napi_add() and napi_enable() are called. If there are 4 queues and only 3 queues are used for the current configuration, only 3 queues\u0027 napi should be registered and enabled. The ionic_qcq_enable() checks whether the .poll pointer is not NULL for enabling only the using queue\u0027 napi. Unused queues\u0027 napi will not be registered by netif_napi_add(), so the .poll pointer indicates NULL. But it couldn\u0027t distinguish whether the napi was unregistered or not because netif_napi_del() doesn\u0027t reset the .poll pointer to NULL. So, ionic_qcq_enable() calls napi_enable() for the queue, which was unregistered by netif_napi_del().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-39502"
},
{
"cve": "CVE-2024-39503",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "netfilter: ipset: race between namespace cleanup and gc in the list:set type. The namespace cleanup can destroy the list:set type of sets while the gc of the set type is waiting to run in rcu cleanup. The latter uses data from the destroyed set which thus leads use after free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-39503"
},
{
"cve": "CVE-2024-39509",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "HID: core: remove unnecessary WARN_ON() in implement(). There is a warning in a call to implement() when trying to write a value into a field of smaller size in an output report. Since implement() already has a warn message printed out with the help of hid_warn() and value in question gets trimmed with: ... value \u0026= m; ... WARN_ON may be considered superfluous.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-39509"
},
{
"cve": "CVE-2024-40905",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv6: possible race in __fib6_drop_pcpu_from().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40905"
},
{
"cve": "CVE-2024-40912",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: mac80211: deadlock in ieee80211_sta_ps_deliver_wakeup().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40912"
},
{
"cve": "CVE-2024-40916",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40916"
},
{
"cve": "CVE-2024-40934",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "summary",
"text": "HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Fix a memory leak on logi_dj_recv_send_report() error path.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40934"
},
{
"cve": "CVE-2024-40941",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "wifi: iwlwifi: mvm: don\u0027t read past the mfuart notifcation. In case the firmware sends a notification that claims it has more data than it has, it will read past that was allocated for the notification.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40941"
},
{
"cve": "CVE-2024-40942",
"cwe": {
"id": "CWE-402",
"name": "Transmission of Private Resources into a New Sphere (\u0027Resource Leak\u0027)"
},
"notes": [
{
"category": "summary",
"text": "wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects The hwmp code use objects of type mesh_preq_queue, added to a list in ieee80211_if_mesh, to keep track of mpath we need to resolve. If the mpath gets deleted, ex mesh interface is removed, the entries in that list will never get cleaned.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40942"
},
{
"cve": "CVE-2024-40945",
"cwe": {
"id": "CWE-393",
"name": "Return of Wrong Status Code"
},
"notes": [
{
"category": "summary",
"text": "iommu: Return right value in iommu_sva_bind_device() iommu_sva_bind_device() should return either a sva bond handle or an ERR_PTR value in error cases. Existing drivers (idxd and uacce) only check the return value with IS_ERR(). This could potentially lead to a kernel NULL pointer dereference issue if the function returns NULL instead of an error pointer. In reality, this doesn\u0027t cause any problems because iommu_sva_bind_device() only returns NULL when the kernel is not configured with CONFIG_IOMMU_SVA.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40945"
},
{
"cve": "CVE-2024-40958",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "netns: Make get_net_ns() handle zero refcount net Syzkaller hit a warning: refcount_t: addition on 0; use-after-free.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40958"
},
{
"cve": "CVE-2024-40959",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40959"
},
{
"cve": "CVE-2024-40960",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ipv6: prevent possible NULL dereference in rt6_probe() syzbot caught a NULL dereference in rt6_probe() [1] Bail out if __in6_dev_get() returns NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40960"
},
{
"cve": "CVE-2024-40961",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ipv6: prevent possible NULL deref in fib6_nh_init() syzbot reminds us that in6_dev_get() can return NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40961"
},
{
"cve": "CVE-2024-40971",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "f2fs: remove clear SB_INLINECRYPT flag in default_options In f2fs_remount, SB_INLINECRYPT flag will be clear and re-set. If create new file or open file during this gap, these files will not use inlinecrypt. Worse case, it may lead to data corruption if wrappedkey_v0 is enable.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40971"
},
{
"cve": "CVE-2024-40978",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "scsi: qedi: crash while reading debugfs attribute. The qedi_dbg_do_not_recover_cmd_read() function invokes sprintf() directly on a __user pointer, which results into the crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40978"
},
{
"cve": "CVE-2024-40980",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "drop_monitor: replace spin_lock by raw_spin_lock trace_drop_common() is called with preemption disabled, and it acquires a spin_lock. This is problematic for RT kernels because spin_locks are sleeping locks in this configuration, which causes the following splat.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40980"
},
{
"cve": "CVE-2024-40984",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ACPICA: Revert \"ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\"",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40984"
},
{
"cve": "CVE-2024-40993",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: ipset: suspicious rcu_dereference_protected().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40993"
},
{
"cve": "CVE-2024-40995",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/sched: act_api: possible infinite loop in tcf_idr_check_alloc().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-40995"
},
{
"cve": "CVE-2024-41000",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41000"
},
{
"cve": "CVE-2024-41004",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tracing: Build event generation tests only as modules The kprobes and synth event generation test modules add events and lock (get a reference) those event file reference in module init function, and unlock and delete it in module exit function. This is because those are designed for playing as modules. If we make those modules as built-in, those events are left locked in the kernel, and never be removed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41004"
},
{
"cve": "CVE-2024-41005",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "netpoll: race condition in netpoll_owner_active KCSAN detected a race condition in netpoll.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41005"
},
{
"cve": "CVE-2024-41006",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "summary",
"text": "netrom: a memory leak in nr_heartbeat_expiry().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41006"
},
{
"cve": "CVE-2024-41016",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()\r\n\r\nxattr in ocfs2 maybe \u0027non-indexed\u0027, which saved with additional space requested. It\u0027s better to check if the memory is out of bound before memcmp, although this possibility mainly comes from crafted poisonous images.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41016"
},
{
"cve": "CVE-2024-41996",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client may cause asymmetric resource consumption. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE and validate the order of the public key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-41996"
},
{
"cve": "CVE-2024-42070",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42070"
},
{
"cve": "CVE-2024-42082",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "xdp: unused WARN() in __xdp_reg_mem_model().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42082"
},
{
"cve": "CVE-2024-42090",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "summary",
"text": "pinctrl: deadlock in create_pinctrl() when handling -EPROBE_DEFER. In create_pinctrl(), pinctrl_maps_mutex is acquired before calling add_setting(). If add_setting() returns -EPROBE_DEFER, create_pinctrl() calls pinctrl_free(). However, pinctrl_free() attempts to acquire pinctrl_maps_mutex, which is already held by create_pinctrl(), leading to a potential deadlock.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42090"
},
{
"cve": "CVE-2024-42093",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/dpaa2: explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack can cause potential stack overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42093"
},
{
"cve": "CVE-2024-42094",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net/iucv: explicit cpumask var allocation on stack For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask variable on stack can cause potential stack overflow.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42094"
},
{
"cve": "CVE-2024-42096",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: x86: stop playing stack games in profile_pc().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42096"
},
{
"cve": "CVE-2024-42097",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "A missed validation vulnerability in the Linux Kernel\u0027s MIDI sequencer and router support functionality could allow a local user to crash the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42097"
},
{
"cve": "CVE-2024-42114",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42114"
},
{
"cve": "CVE-2024-42259",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/i915/gem: Fix Virtual Memory mapping boundaries calculation\r\n\r\nCalculating the size of the mapped area as the lesser value\r\nbetween the requested size and the actual size does not consider\r\nthe partial mapping offset. This can cause page fault access.\r\n\r\nFix the calculation of the starting and ending addresses, the\r\ntotal size is now deduced from the difference between the end and\r\nstart addresses.\r\n\r\nAdditionally, the calculations have been rewritten in a clearer\r\nand more understandable form.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42259"
},
{
"cve": "CVE-2024-42265",
"cwe": {
"id": "CWE-99",
"name": "Improper Control of Resource Identifiers (\u0027Resource Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nprotect the fetch of -\u003efd[fd] in do_dup2() from mispredictions\r\n\r\nboth callers have verified that fd is not greater than -\u003emax_fds;\r\nhowever, misprediction might end up with\r\n tofree = fdt-\u003efd[fd];\r\nbeing speculatively executed. That\u0027s wrong for the same reasons\r\nwhy it\u0027s wrong in close_fd()/file_close_fd_locked(); the same\r\nsolution applies - array_index_nospec(fd, fdt-\u003emax_fds) could differ\r\nfrom fd only in case of speculative execution on mispredicted path.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42265"
},
{
"cve": "CVE-2024-42272",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "sched: act_ct: take care of padding in struct zones_ht_key.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42272"
},
{
"cve": "CVE-2024-42276",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnvme-pci: add missing condition check for existence of mapped data\r\n\r\nnvme_map_data() is called when request has physical segments, hence\r\nthe nvme_unmap_data() should have same condition to avoid dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42276"
},
{
"cve": "CVE-2024-42281",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nbpf: Fix a segment issue when downgrading gso_size\r\n\r\nLinearize the skb when downgrading gso_size because it may trigger a\r\nBUG_ON() later when the skb is segmented as described in [1,2].",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42281"
},
{
"cve": "CVE-2024-42283",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nexthop: Initialize all fields in dumped nexthops\n\nstruct nexthop_grp contains two reserved fields that are not initialized by\nnla_put_nh_group(), and carry garbage. This can be observed e.g. with\nstrace (edited for clarity):\n\n # ip nexthop add id 1 dev lo\n # ip nexthop add id 101 group 1\n # strace -e recvmsg ip nexthop get id 101\n ...\n recvmsg(... [{nla_len=12, nla_type=NHA_GROUP},\n [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52\n\nThe fields are reserved and therefore not currently used. But as they are, they\nleak kernel memory, and the fact they are not just zero complicates repurposing\nof the fields for new ends. Initialize the full structure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42283"
},
{
"cve": "CVE-2024-42292",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nkobject_uevent: Fix OOB access within zap_modalias_env()\r\n\r\nzap_modalias_env() wrongly calculates size of memory block to move, so\r\nwill cause OOB memory access issue if variable MODALIAS is not the last\r\none within its @env parameter, fixed by correcting size to memmove.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42292"
},
{
"cve": "CVE-2024-42302",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/DPC: Fix use-after-free on concurrent DPC and hot-removal\n\nKeith reports a use-after-free when a DPC event occurs concurrently to\nhot-removal of the same portion of the hierarchy:\n\nThe dpc_handler() awaits readiness of the secondary bus below the\nDownstream Port where the DPC event occurred. To do so, it polls the\nconfig space of the first child device on the secondary bus. If that\nchild device is concurrently removed, accesses to its struct pci_dev\ncause the kernel to oops.\n\nThat\u0027s because pci_bridge_wait_for_secondary_bus() neglects to hold a\nreference on the child device. Before v6.3, the function was only\ncalled on resume from system sleep or on runtime resume. Holding a\nreference wasn\u0027t necessary back then because the pciehp IRQ thread\ncould never run concurrently. (On resume from system sleep, IRQs are\nnot enabled until after the resume_noirq phase. And runtime resume is\nalways awaited before a PCI device is removed.)\n\nHowever starting with v6.3, pci_bridge_wait_for_secondary_bus() is also\ncalled on a DPC event. Commit 53b54ad074de (\"PCI/DPC: Await readiness\nof secondary bus after reset\"), which introduced that, failed to\nappreciate that pci_bridge_wait_for_secondary_bus() now needs to hold a\nreference on the child device because dpc_handler() and pciehp may\nindeed run concurrently. The commit was backported to v5.10+ stable\nkernels, so that\u0027s the oldest one affected.\n\nAdd the missing reference acquisition.\n\nAbridged stack trace:\n\n BUG: unable to handle page fault for address: 00000000091400c0\n CPU: 15 PID: 2464 Comm: irq/53-pcie-dpc 6.9.0\n RIP: pci_bus_read_config_dword+0x17/0x50\n pci_dev_wait()\n pci_bridge_wait_for_secondary_bus()\n dpc_reset_link()\n pcie_do_recovery()\n dpc_handler()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42302"
},
{
"cve": "CVE-2024-42304",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: make sure the first directory block is not a hole",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42304"
},
{
"cve": "CVE-2024-42305",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: check dot and dotdot of dx_root before making dir indexed",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42305"
},
{
"cve": "CVE-2024-42306",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nudf: Avoid using corrupted block bitmap buffer",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42306"
},
{
"cve": "CVE-2024-42312",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsysctl: always initialize i_uid/i_gid\r\n\r\nAlways initialize i_uid/i_gid inside the sysfs core so set_ownership()\r\ncan safely skip setting them.\r\n\r\nCommit 5ec27ec735ba (\"fs/proc/proc_sysctl.c: fix the default values of\r\ni_uid/i_gid on /proc/sys inodes.\") added defaults for i_uid/i_gid when\r\nset_ownership() was not implemented. It also missed adjusting\r\nnet_ctl_set_ownership() to use the same default values in case the\r\ncomputation of a better value failed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-42312"
},
{
"cve": "CVE-2024-43828",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix infinite loop when replaying fast_commit\n\nWhen doing fast_commit replay an infinite loop may occur due to an\nuninitialized extent_status struct. ext4_ext_determine_insert_hole() does\nnot detect the replay and calls ext4_es_find_extent_range(), which will\nreturn immediately without initializing the \u0027es\u0027 variable.\n\nBecause \u0027es\u0027 contains garbage, an integer overflow may happen causing an\ninfinite loop in this function, easily reproducible using fstest generic/039.\n\nThis commit fixes this issue by unconditionally initializing the structure\nin function ext4_es_find_extent_range().\n\nThanks to Zhang Yi, for figuring out the real problem!",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43828"
},
{
"cve": "CVE-2024-43830",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nleds: trigger: Unregister sysfs attributes before calling deactivate()\r\n\r\nTriggers which have trigger specific sysfs attributes typically store\r\nrelated data in trigger-data allocated by the activate() callback and\r\nfreed by the deactivate() callback.\r\n\r\nCalling device_remove_groups() after calling deactivate() leaves a window\r\nwhere the sysfs attributes show/store functions could be called after\r\ndeactivation and then operate on the just freed trigger-data.\r\n\r\nMove the device_remove_groups() call to before deactivate() to close\r\nthis race window.\r\n\r\nThis also makes the deactivation path properly do things in reverse order\r\nof the activation path which calls the activate() callback before calling\r\ndevice_add_groups().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43830"
},
{
"cve": "CVE-2024-43834",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nxdp: fix invalid wait context of page_pool_destroy()\r\n\r\nIf the driver uses a page pool, it creates a page pool with\r\npage_pool_create().\r\nThe reference count of page pool is 1 as default.\r\nA page pool will be destroyed only when a reference count reaches 0.\r\npage_pool_destroy() is used to destroy page pool, it decreases a\r\nreference count.\r\nWhen a page pool is destroyed, -\u003edisconnect() is called, which is\r\nmem_allocator_disconnect().\r\nThis function internally acquires mutex_lock().\r\n\r\nIf the driver uses XDP, it registers a memory model with\r\nxdp_rxq_info_reg_mem_model().\r\nThe xdp_rxq_info_reg_mem_model() internally increases a page pool\r\nreference count if a memory model is a page pool.\r\nNow the reference count is 2.\r\n\r\nTo destroy a page pool, the driver should call both page_pool_destroy()\r\nand xdp_unreg_mem_model().\r\nThe xdp_unreg_mem_model() internally calls page_pool_destroy().\r\nOnly page_pool_destroy() decreases a reference count.\r\n\r\nIf a driver calls page_pool_destroy() then xdp_unreg_mem_model(), we\r\nwill face an invalid wait context warning.\r\nBecause xdp_unreg_mem_model() calls page_pool_destroy() with\r\nrcu_read_lock().\r\nThe page_pool_destroy() internally acquires mutex_lock().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43834"
},
{
"cve": "CVE-2024-43856",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma: fix call order in dmam_free_coherent\n\ndmam_free_coherent() frees a DMA allocation, which makes the\nfreed vaddr available for reuse, then calls devres_destroy()\nto remove and free the data structure used to track the DMA\nallocation. Between the two calls, it is possible for a\nconcurrent task to make an allocation with the same vaddr\nand add it to the devres list.\n\nIf this happens, there will be two entries in the devres list\nwith the same vaddr and devres_destroy() can free the wrong\nentry, triggering the WARN_ON() in dmam_match.\n\nFix by destroying the devres entry before freeing the DMA\nallocation.\n\n kokonut //net/encryption\n http://sponge2/b9145fe6-0f72-4325-ac2f-a84d81075b03",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43856"
},
{
"cve": "CVE-2024-43858",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: Fix array-index-out-of-bounds in diFree",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43858"
},
{
"cve": "CVE-2024-43871",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devm_free_percpu() It will cause memory leakage when use driver API devm_free_percpu() to free memory allocated by devm_alloc_percpu(), fixed by using devres_release() instead of devres_destroy() within devm_free_percpu().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43871"
},
{
"cve": "CVE-2024-43879",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: cfg80211: Currently NL80211_RATE_INFO_HE_RU_ALLOC_2x996 is not handled in cfg80211_calculate_bitrate_he(), leading to warning.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43879"
},
{
"cve": "CVE-2024-43882",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "exec: the execution may gain unintended privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43882"
},
{
"cve": "CVE-2024-43889",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "padata: vulnerability due to a possible divide-by-zero error in padata_mt_helper() during bootup, caused by an uninitialized chunk_size being zero.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43889"
},
{
"cve": "CVE-2024-43890",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tracing: vulnerability due to an overflow in get_free_elt(), which could lead to infinite loops and CPU hangs when the tracing map becomes full.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43890"
},
{
"cve": "CVE-2024-43893",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "serial: core: vulnerability due to a missing check for uartclk being zero, leading to a potential divide-by-zero error when calling ioctl TIOCSSERIAL with an invalid baud_base.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-43893"
},
{
"cve": "CVE-2024-44935",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "sctp: Fix null-ptr-deref in reuseport_add_sock(). A Null Pointer Dereference in reuseport_add_sock() while accessing sk2-\u003esk_reuseport_cb . The repro first creates a listener with SO_REUSEPORT. Then, it creates another listener on the same port and concurrently closes the first listener. The second listen() calls reuseport_add_sock() with the first listener as sk2, where sk2-\u003esk_reuseport_cb is not expected to be cleared concurrently, but the close() does clear it by reuseport_detach_sock().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-44935"
},
{
"cve": "CVE-2024-44944",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-44944"
},
{
"cve": "CVE-2024-44948",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nx86/mtrr: Check if fixed MTRRs exist before saving them\r\n\r\nMTRRs have an obsolete fixed variant for fine grained caching control\r\nof the 640K-1MB region that uses separate MSRs. This fixed variant has\r\na separate capability bit in the MTRR capability MSR.\r\n\r\nSo far all x86 CPUs which support MTRR have this separate bit set, so it\r\nwent unnoticed that mtrr_save_state() does not check the capability bit\r\nbefore accessing the fixed MTRR MSRs.\r\n\r\nThough on a CPU that does not support the fixed MTRR capability this\r\nresults in a #GP. The #GP itself is harmless because the RDMSR fault is\r\nhandled gracefully, but results in a WARN_ON().\r\n\r\nAdd the missing capability check to prevent this.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-44948"
},
{
"cve": "CVE-2024-44960",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: gadget: core: Check for unset descriptor. It needs to be reassured that the descriptor has been set before looking at maxpacket. This fixes a null pointer panic in this case. This may happen if the gadget doesn\u0027t properly set up the endpoint for the current speed, or the gadget descriptors are malformed and the descriptor for the speed/endpoint are not found. No current gadget driver is known to have this problem, but this may cause a hard-to-find bug during development of new gadgets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-44960"
},
{
"cve": "CVE-2024-44987",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-44987"
},
{
"cve": "CVE-2024-44989",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bonding: fix xfrm real_dev null pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-44989"
},
{
"cve": "CVE-2024-44990",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bonding: fix null pointer deref in bond_ipsec_offload_ok We must check if there is an active slave before dereferencing the pointer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-44990"
},
{
"cve": "CVE-2024-45016",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netem: fix return value if duplicate enqueue fails.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-45016"
},
{
"cve": "CVE-2024-45018",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: initialise extack before use Fix missing initialisation of extack in flow offload.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-45018"
},
{
"cve": "CVE-2024-46679",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ethtool: check device is present when getting link settings.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-46679"
},
{
"cve": "CVE-2024-46743",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-46743"
},
{
"cve": "CVE-2024-46744",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-46744"
},
{
"cve": "CVE-2024-46745",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: Input: uinput - reject requests with unreasonable number of slots When exercising uinput interface syzkaller may try setting up device with a really large number of slots, which causes memory allocation failure in input_mt_init_slots(). While this allocation failure is handled properly and request is rejected, it results in syzkaller reports. Additionally, such request may put undue burden on the system which will try to free a lot of memory for a bogus request. Fix it by limiting allowed number of slots to 100. This can easily be extended if we see devices that can track more than 100 contacts.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-46745"
},
{
"cve": "CVE-2024-46750",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: PCI: Add missing bridge lock to pci_bus_lock().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-46750"
},
{
"cve": "CVE-2024-46759",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes DIV_ROUND_CLOSEST() after kstrtol() results in an underflow if a large negative number such as -9223372036854775808 is provided by the user. Fix it by reordering clamp_val() and DIV_ROUND_CLOSEST() operations.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-46759"
},
{
"cve": "CVE-2024-46783",
"cwe": {
"id": "CWE-229",
"name": "Improper Handling of Values"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-46783"
},
{
"cve": "CVE-2024-46854",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: dpaa: Pad packets to ETH_ZLEN\r\n\r\nWhen sending packets under 60 bytes, up to three bytes of the buffer following the data may be leaked. Avoid this by extending all packets to ETH_ZLEN, ensuring nothing is leaked in the padding. This bug can be reproduced by running\r\n\r\n\t$ ping -s 11 destination",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-46854"
},
{
"cve": "CVE-2024-46865",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfou: fix initialization of grc\r\nThe grc must be initialize first. There can be a condition where if fou is NULL, goto out will be executed and grc would be used uninitialized.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-46865"
},
{
"cve": "CVE-2024-47660",
"cwe": {
"id": "CWE-413",
"name": "Improper Resource Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENT_WATCHED flags lazily In some setups directories can have many (usually negative) dentries. Hence __fsnotify_update_child_dentry_flags() function can take a significant amount of time. Since the bulk of this function happens under inode-\u003ei_lock this causes a significant contention on the lock when we remove the watch from the directory as the __fsnotify_update_child_dentry_flags() call from fsnotify_recalc_mask() races with __fsnotify_update_child_dentry_flags() calls from __fsnotify_parent() happening on children. This can lead upto softlockup reports reported by users. Fix the problem by calling fsnotify_update_children_dentry_flags() to set PARENT_WATCHED flags only when parent starts watching children. When parent stops watching children, clear false positive PARENT_WATCHED flags lazily in __fsnotify_parent() for each accessed child.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47660"
},
{
"cve": "CVE-2024-47672",
"cwe": {
"id": "CWE-754",
"name": "Improper Check for Unusual or Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: iwlwifi: mvm: don\u0027t wait for tx queues if firmware is dead\r\n\r\nThere is a WARNING in iwl_trans_wait_tx_queues_empty() (that was recently converted from just a message), that can be hit if we wait for TX queues to become empty after firmware died. Clearly, we can\u0027t expect anything from the firmware after it\u0027s declared dead.\r\n\r\nDon\u0027t call iwl_trans_wait_tx_queues_empty() in this case. While it could be a good idea to stop the flow earlier, the flush functions do some maintenance work that is not related to the firmware, so keep that part of the code running even when the firmware is not running.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47672"
},
{
"cve": "CVE-2024-47684",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: check skb is non-NULL in tcp_rto_delta_us()\r\n\r\nWe have some machines running stock Ubuntu 20.04.6 which is their 5.4.0-174-generic\r\nkernel that are running ceph and recently hit a null ptr dereference in\r\ntcp_rearm_rto(). Initially hitting it from the TLP path, but then later we also\r\nsaw it getting hit from the RACK case as well. Here are examples of the oops\r\nmessages we saw in each of those cases:\r\n\r\nJul 26 15:05:02 rx [11061395.780353] BUG: kernel NULL pointer dereference, address: 0000000000000020\r\nJul 26 15:05:02 rx [11061395.787572] #PF: supervisor read access in kernel mode\r\nJul 26 15:05:02 rx [11061395.792971] #PF: error_code(0x0000) - not-present page\r\nJul 26 15:05:02 rx [11061395.798362] PGD 0 P4D 0\r\nJul 26 15:05:02 rx [11061395.801164] Oops: 0000 [#1] SMP NOPTI\r\nJul 26 15:05:02 rx [11061395.805091] CPU: 0 PID: 9180 Comm: msgr-worker-1 Tainted: G W 5.4.0-174-generic #193-Ubuntu\r\nJul 26 15:05:02 rx [11061395.814996] Hardware name: Supermicro SMC 2x26 os-gen8 64C NVME-Y 256G/H12SSW-NTR, BIOS 2.5.V1.2U.NVMe.UEFI 05/09/2023\r\nJul 26 15:05:02 rx [11061395.825952] RIP: 0010:tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.830656] Code: 87 ca 04 00 00 00 5b 41 5c 41 5d 5d c3 c3 49 8b bc 24 40 06 00 00 eb 8d 48 bb cf f7 53 e3 a5 9b c4 20 4c 89 ef e8 0c fe 0e 00 \u003c48\u003e 8b 78 20 48 c1 ef 03 48 89 f8 41 8b bc 24 80 04 00 00 48 f7 e3\r\nJul 26 15:05:02 rx [11061395.849665] RSP: 0018:ffffb75d40003e08 EFLAGS: 00010246\r\nJul 26 15:05:02 rx [11061395.855149] RAX: 0000000000000000 RBX: 20c49ba5e353f7cf RCX: 0000000000000000\r\nJul 26 15:05:02 rx [11061395.862542] RDX: 0000000062177c30 RSI: 000000000000231c RDI: ffff9874ad283a60\r\nJul 26 15:05:02 rx [11061395.869933] RBP: ffffb75d40003e20 R08: 0000000000000000 R09: ffff987605e20aa8\r\nJul 26 15:05:02 rx [11061395.877318] R10: ffffb75d40003f00 R11: ffffb75d4460f740 R12: ffff9874ad283900\r\nJul 26 15:05:02 rx [11061395.884710] R13: ffff9874ad283a60 R14: ffff9874ad283980 R15: ffff9874ad283d30\r\nJul 26 15:05:02 rx [11061395.892095] FS: 00007f1ef4a2e700(0000) GS:ffff987605e00000(0000) knlGS:0000000000000000\r\nJul 26 15:05:02 rx [11061395.900438] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\r\nJul 26 15:05:02 rx [11061395.906435] CR2: 0000000000000020 CR3: 0000003e450ba003 CR4: 0000000000760ef0\r\nJul 26 15:05:02 rx [11061395.913822] PKRU: 55555554\r\nJul 26 15:05:02 rx [11061395.916786] Call Trace:\r\nJul 26 15:05:02 rx [11061395.919488]\r\nJul 26 15:05:02 rx [11061395.921765] ? show_regs.cold+0x1a/0x1f\r\nJul 26 15:05:02 rx [11061395.925859] ? __die+0x90/0xd9\r\nJul 26 15:05:02 rx [11061395.929169] ? no_context+0x196/0x380\r\nJul 26 15:05:02 rx [11061395.933088] ? ip6_protocol_deliver_rcu+0x4e0/0x4e0\r\nJul 26 15:05:02 rx [11061395.938216] ? ip6_sublist_rcv_finish+0x3d/0x50\r\nJul 26 15:05:02 rx [11061395.943000] ? __bad_area_nosemaphore+0x50/0x1a0\r\nJul 26 15:05:02 rx [11061395.947873] ? bad_area_nosemaphore+0x16/0x20\r\nJul 26 15:05:02 rx [11061395.952486] ? do_user_addr_fault+0x267/0x450\r\nJul 26 15:05:02 rx [11061395.957104] ? ipv6_list_rcv+0x112/0x140\r\nJul 26 15:05:02 rx [11061395.961279] ? __do_page_fault+0x58/0x90\r\nJul 26 15:05:02 rx [11061395.965458] ? do_page_fault+0x2c/0xe0\r\nJul 26 15:05:02 rx [11061395.969465] ? page_fault+0x34/0x40\r\nJul 26 15:05:02 rx [11061395.973217] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.977313] ? tcp_rearm_rto+0xe4/0x160\r\nJul 26 15:05:02 rx [11061395.981408] tcp_send_loss_probe+0x10b/0x220\r\nJul 26 15:05:02 rx [11061395.985937] tcp_write_timer_handler+0x1b4/0x240\r\nJul 26 15:05:02 rx [11061395.990809] tcp_write_timer+0x9e/0xe0\r\nJul 26 15:05:02 rx [11061395.994814] ? tcp_write_timer_handler+0x240/0x240\r\nJul 26 15:05:02 rx [11061395.999866] call_timer_fn+0x32/0x130\r\nJul 26 15:05:02 rx [11061396.003782] __run_timers.part.0+0x180/0x280\r\nJul 26 15:05:02 rx [11061396.008309] ? recalibrate_cpu_khz+0x10/0x10\r\nJul 26 15:05:02 rx [11061396.012841] ? native_x2apic_icr_write+0x30/0x30\r\nJul 26 15:05:02 rx [11061396.017718] ? lapic_next_even\r\n---truncated---",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47684"
},
{
"cve": "CVE-2024-47685",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()\r\n\r\nsyzbot reported that nf_reject_ip6_tcphdr_put() was possibly sending garbage on the four reserved tcp bits (th-\u003eres1)\r\n\r\nUse skb_put_zero() to clear the whole TCP header, as done in nf_reject_ip_tcphdr_put()\r\n\r\nBUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\r\n nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255\r\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\r\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\r\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\r\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\r\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\r\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\r\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\r\n nf_hook include/linux/netfilter.h:269 [inline]\r\n NF_HOOK include/linux/netfilter.h:312 [inline]\r\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\r\n __netif_receive_skb_one_core net/core/dev.c:5661 [inline]\r\n __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775\r\n process_backlog+0x4ad/0xa50 net/core/dev.c:6108\r\n __napi_poll+0xe7/0x980 net/core/dev.c:6772\r\n napi_poll net/core/dev.c:6841 [inline]\r\n net_rx_action+0xa5a/0x19b0 net/core/dev.c:6963\r\n handle_softirqs+0x1ce/0x800 kernel/softirq.c:554\r\n __do_softirq+0x14/0x1a kernel/softirq.c:588\r\n do_softirq+0x9a/0x100 kernel/softirq.c:455\r\n __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:382\r\n local_bh_enable include/linux/bottom_half.h:33 [inline]\r\n rcu_read_unlock_bh include/linux/rcupdate.h:908 [inline]\r\n __dev_queue_xmit+0x2692/0x5610 net/core/dev.c:4450\r\n dev_queue_xmit include/linux/netdevice.h:3105 [inline]\r\n neigh_resolve_output+0x9ca/0xae0 net/core/neighbour.c:1565\r\n neigh_output include/net/neighbour.h:542 [inline]\r\n ip6_finish_output2+0x2347/0x2ba0 net/ipv6/ip6_output.c:141\r\n __ip6_finish_output net/ipv6/ip6_output.c:215 [inline]\r\n ip6_finish_output+0xbb8/0x14b0 net/ipv6/ip6_output.c:226\r\n NF_HOOK_COND include/linux/netfilter.h:303 [inline]\r\n ip6_output+0x356/0x620 net/ipv6/ip6_output.c:247\r\n dst_output include/net/dst.h:450 [inline]\r\n NF_HOOK include/linux/netfilter.h:314 [inline]\r\n ip6_xmit+0x1ba6/0x25d0 net/ipv6/ip6_output.c:366\r\n inet6_csk_xmit+0x442/0x530 net/ipv6/inet6_connection_sock.c:135\r\n __tcp_transmit_skb+0x3b07/0x4880 net/ipv4/tcp_output.c:1466\r\n tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline]\r\n tcp_connect+0x35b6/0x7130 net/ipv4/tcp_output.c:4143\r\n tcp_v6_connect+0x1bcc/0x1e40 net/ipv6/tcp_ipv6.c:333\r\n __inet_stream_connect+0x2ef/0x1730 net/ipv4/af_inet.c:679\r\n inet_stream_connect+0x6a/0xd0 net/ipv4/af_inet.c:750\r\n __sys_connect_file net/socket.c:2061 [inline]\r\n __sys_connect+0x606/0x690 net/socket.c:2078\r\n __do_sys_connect net/socket.c:2088 [inline]\r\n __se_sys_connect net/socket.c:2085 [inline]\r\n __x64_sys_connect+0x91/0xe0 net/socket.c:2085\r\n x64_sys_call+0x27a5/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:43\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nUninit was stored to memory at:\r\n nf_reject_ip6_tcphdr_put+0x60c/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:249\r\n nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344\r\n nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48\r\n expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline]\r\n nft_do_chain+0x438/0x22a0 net/netfilter/nf_tables_core.c:288\r\n nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161\r\n nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]\r\n nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626\r\n nf_hook include/linux/netfilter.h:269 [inline]\r\n NF_HOOK include/linux/netfilter.h:312 [inline]\r\n ipv6_rcv+0x29b/0x390 net/ipv6/ip6_input.c:310\r\n __netif_receive_skb_one_core\r\n---truncated---",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47685"
},
{
"cve": "CVE-2024-47692",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfsd: return -EINVAL when namelen is 0\r\nWhen we have a corrupted main.sqlite in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdup_user() to return ZERO_SIZE_PTR.\r\nWhen we access the name.data that has been assigned the value of ZERO_SIZE_PTR in nfs4_client_to_reclaim(), null pointer dereference is triggered.\r\n\r\n[ T1205] ==================================================================\r\n[ T1205] BUG: KASAN: null-ptr-deref in nfs4_client_to_reclaim+0xe9/0x260\r\n[ T1205] Read of size 1 at addr 0000000000000010 by task nfsdcld/1205\r\n[ T1205]\r\n[ T1205] CPU: 11 PID: 1205 Comm: nfsdcld Not tainted 5.10.0-00003-g2c1423731b8d #406\r\n[ T1205] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014\r\n[ T1205] Call Trace:\r\n[ T1205] dump_stack+0x9a/0xd0\r\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\r\n[ T1205] __kasan_report.cold+0x34/0x84\r\n[ T1205] ? nfs4_client_to_reclaim+0xe9/0x260\r\n[ T1205] kasan_report+0x3a/0x50\r\n[ T1205] nfs4_client_to_reclaim+0xe9/0x260\r\n[ T1205] ? nfsd4_release_lockowner+0x410/0x410\r\n[ T1205] cld_pipe_downcall+0x5ca/0x760\r\n[ T1205] ? nfsd4_cld_tracking_exit+0x1d0/0x1d0\r\n[ T1205] ? down_write_killable_nested+0x170/0x170\r\n[ T1205] ? avc_policy_seqno+0x28/0x40\r\n[ T1205] ? selinux_file_permission+0x1b4/0x1e0\r\n[ T1205] rpc_pipe_write+0x84/0xb0\r\n[ T1205] vfs_write+0x143/0x520\r\n[ T1205] ksys_write+0xc9/0x170\r\n[ T1205] ? __ia32_sys_read+0x50/0x50\r\n[ T1205] ? ktime_get_coarse_real_ts64+0xfe/0x110\r\n[ T1205] ? ktime_get_coarse_real_ts64+0xa2/0x110\r\n[ T1205] do_syscall_64+0x33/0x40\r\n[ T1205] entry_SYSCALL_64_after_hwframe+0x67/0xd1\r\n[ T1205] RIP: 0033:0x7fdbdb761bc7\r\n[ T1205] Code: 0f 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 514\r\n[ T1205] RSP: 002b:00007fff8c4b7248 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\r\n[ T1205] RAX: ffffffffffffffda RBX: 000000000000042b RCX: 00007fdbdb761bc7\r\n[ T1205] RDX: 000000000000042b RSI: 00007fff8c4b75f0 RDI: 0000000000000008\r\n[ T1205] RBP: 00007fdbdb761bb0 R08: 0000000000000000 R09: 0000000000000001\r\n[ T1205] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000042b\r\n[ T1205] R13: 0000000000000008 R14: 00007fff8c4b75f0 R15: 0000000000000000\r\n[ T1205] ==================================================================",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47692"
},
{
"cve": "CVE-2024-47696",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nRDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency\r\n\r\nIn the commit aee2424246f9 (\"RDMA/iwcm: Fix a use-after-free related to destroying CM IDs\"), the function flush_workqueue is invoked to flush the work queue iwcm_wq.\r\n\r\nBut at that time, the work queue iwcm_wq was created via the function alloc_ordered_workqueue without the flag WQ_MEM_RECLAIM.\r\n\r\nBecause the current process is trying to flush the whole iwcm_wq, if iwcm_wq doesn\u0027t have the flag WQ_MEM_RECLAIM, verify that the current process is not reclaiming memory or running on a workqueue which doesn\u0027t have the flag WQ_MEM_RECLAIM as that can break forward-progress guarantee leading to a deadlock.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47696"
},
{
"cve": "CVE-2024-47697",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error\r\n\r\nEnsure index in rtl2830_pid_filter does not exceed 31 to prevent out-of-bounds access.\r\n\r\ndev-\u003efilters is a 32-bit value, so set_bit and clear_bit functions should only operate on indices from 0 to 31. If index is 32, it will attempt to access a non-existent 33rd bit, leading to out-of-bounds access.\r\nChange the boundary check from index \u003e 32 to index \u003e= 32 to resolve this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47697"
},
{
"cve": "CVE-2024-47699",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnilfs2: fix potential null-ptr-deref in nilfs_btree_insert()\r\n\r\nPatch series \"nilfs2: fix potential issues with empty b-tree nodes\".\r\n\r\nThis series addresses three potential issues with empty b-tree nodes that can occur with corrupted filesystem images, including one recently discovered by syzbot.\r\n\r\n\r\nThis patch (of 3):\r\n\r\nIf a b-tree is broken on the device, and the b-tree height is greater than 2 (the level of the root node is greater than 1) even if the number of child nodes of the b-tree root is 0, a NULL pointer dereference occurs in nilfs_btree_prepare_insert(), which is called from nilfs_btree_insert().\r\n\r\nThis is because, when the number of child nodes of the b-tree root is 0, nilfs_btree_do_lookup() does not set the block buffer head in any of path[x].bp_bh, leaving it as the initial value of NULL, but if the level of the b-tree root node is greater than 1, nilfs_btree_get_nonroot_node(), which accesses the buffer memory of path[x].bp_bh, is called.\r\n\r\nFix this issue by adding a check to nilfs_btree_root_broken(), which performs sanity checks when reading the root node from the device, to detect this inconsistency.\r\n\r\nThanks to Lizhi Xu for trying to solve the bug and clarifying the cause early on.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47699"
},
{
"cve": "CVE-2024-47701",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47701"
},
{
"cve": "CVE-2024-47705",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblock: fix potential invalid pointer dereference in blk_add_partition\r\n\r\nThe blk_add_partition() function initially used a single if-condition (IS_ERR(part)) to check for errors when adding a partition. This was modified to handle the specific case of -ENXIO separately, allowing the function to proceed without logging the error in this case. However, this change unintentionally left a path where md_autodetect_dev() could be called without confirming that part is a valid pointer.\r\n\r\nThis commit separates the error handling logic by splitting the initial if-condition, improving code readability and handling specific error scenarios explicitly. The function now distinguishes the general error case from -ENXIO without altering the existing behavior of md_autodetect_dev() calls.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47705"
},
{
"cve": "CVE-2024-47706",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblock, bfq: fix possible UAF for bfqq-\u003ebic with merge chain\r\n\r\nIn this case, IO from Process 1 will get bfqq2 from BIC1 first, and then\r\nget bfqq3 through merge chain, and finially handle IO by bfqq3.\r\nHowerver, current code will think bfqq2 is owned by BIC1, like initial\r\nstate, and set bfqq2-\u003ebic to BIC1.\r\n\r\nAllocated by task 20776:\r\n kasan_save_stack+0x20/0x40 mm/kasan/common.c:45\r\n kasan_set_track+0x25/0x30 mm/kasan/common.c:52\r\n __kasan_slab_alloc+0x87/0x90 mm/kasan/common.c:328\r\n kasan_slab_alloc include/linux/kasan.h:188 [inline]\r\n slab_post_alloc_hook mm/slab.h:763 [inline]\r\n slab_alloc_node mm/slub.c:3458 [inline]\r\n kmem_cache_alloc_node+0x1a4/0x6f0 mm/slub.c:3503\r\n ioc_create_icq block/blk-ioc.c:370 [inline]\r\n---truncated---",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47706"
},
{
"cve": "CVE-2024-47707",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ipv6: A NULL dereference vulnerability may occur in rt6_uncached_list_flush_dev() due to the necessary check being removed by a previous commit.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47707"
},
{
"cve": "CVE-2024-47709",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "can: bcm: A warning is triggered when connect() is issued again for a socket whose connect()ed device has been unregistered. However, if the socket is just close()d without the 2nd connect(), the remaining bo-\u003ebcm_proc_read triggers unnecessary remove_proc_entry() in bcm_release().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47709"
},
{
"cve": "CVE-2024-47710",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "sock_map: vulnerability result of adding a cond_resched() in sock_hash_free() to prevent CPU soft lockups when destroying maps with a large number of buckets.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47710"
},
{
"cve": "CVE-2024-47713",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"notes": [
{
"category": "summary",
"text": "wifi: mac80211: vulnerability caused by implementing a two-phase skb reclamation in ieee80211_do_stop() to avoid warnings and potential issues caused by calling __dev_queue_xmit() with interrupts disabled.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47713"
},
{
"cve": "CVE-2024-47718",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "wifi: rtw88: vulnerability may lead to a use-after-free (UAF) error if firmware loading is not properly synchronized during USB initialization and disconnection.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47718"
},
{
"cve": "CVE-2024-47723",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: fix out-of-bounds in dbNextAG() and diAlloc()\r\n\r\nIn dbNextAG() , there is no check for the case where bmp-\u003edb_numag is greater or same than MAXAG due to a polluted image, which causes an out-of-bounds. Therefore, a bounds check should be added in dbMount().\r\n\r\nAnd in dbNextAG(), a check for the case where agpref is greater than bmp-\u003edb_numag should be added, so an out-of-bounds exception should be prevented.\r\n\r\nAdditionally, a check for the case where agno is greater or same than MAXAG should be added in diAlloc() to prevent out-of-bounds.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47723"
},
{
"cve": "CVE-2024-47735",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "RDMA/hns: missuse of spin_lock_irq()/spin_unlock_irq() when spin_lock_irqsave()/spin_lock_irqrestore() was hold.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47735"
},
{
"cve": "CVE-2024-47737",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: nfsd: call cache_put if xdr_reserve_space returns NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47737"
},
{
"cve": "CVE-2024-47747",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition. In the ether3_probe function, a timer is initialized with a callback function ether3_ledoff, bound to \u0026prev(dev)-\u003etimer. Once the timer is started, there is a risk of a race condition if the module or device is removed, triggering the ether3_remove function to perform cleanup.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-47747"
},
{
"cve": "CVE-2024-49851",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "summary",
"text": "tpm: Clean up TPM space after command failure tpm_dev_transmit prepares the TPM space before attempting command transmission. However if the command fails no rollback of this preparation is done. This can result in transient handles being leaked if the device is subsequently closed with no further commands performed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49851"
},
{
"cve": "CVE-2024-49889",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\next4: avoid use-after-free in ext4_ext_show_leaf()\r\n\r\nIn ext4_find_extent(), path may be freed by error or be reallocated, so\r\nusing a previously saved *ppath may have been freed and thus may trigger\r\nuse-after-free, as follows:\r\n\r\next4_split_extent\r\n path = *ppath;\r\n ext4_split_extent_at(ppath)\r\n path = ext4_find_extent(ppath)\r\n ext4_split_extent_at(ppath)\r\n // ext4_find_extent fails to free path\r\n // but zeroout succeeds\r\n ext4_ext_show_leaf(inode, path)\r\n eh = path[depth].p_hdr\r\n // path use-after-free !!!\r\n\r\nSimilar to ext4_split_extent_at(), we use *ppath directly as an input to\r\next4_ext_show_leaf(). Fix a spelling error by the way.\r\n\r\nSame problem in ext4_ext_handle_unwritten_extents(). Since \u0027path\u0027 is only\r\nused in ext4_ext_show_leaf(), remove \u0027path\u0027 and use *ppath directly.\r\n\r\nThis issue is triggered only when EXT_DEBUG is defined and therefore does\r\nnot affect functionality.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49889"
},
{
"cve": "CVE-2024-49890",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd/pm: ensure the fw_info is not null before using it\r\n\r\nThis resolves the dereference null return value warning reported by Coverity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49890"
},
{
"cve": "CVE-2024-49892",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd/display: Initialize get_bytes_per_element\u0027s default to 1\r\n\r\nVariables, used as denominators and maybe not assigned to other values, should not be 0. bytes_per_element_y \u0026 bytes_per_element_c are initialized by get_bytes_per_element() which should never return 0.\r\n\r\nThis fixes 10 DIVIDE_BY_ZERO issues reported by Coverity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49892"
},
{
"cve": "CVE-2024-49894",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/amd/display: Fix index out of bounds in degamma hardware format translation\r\n\r\nFixes index out of bounds issue in\r\n`cm_helper_translate_curve_to_degamma_hw_format` function. The issue\r\ncould occur when the index \u0027i\u0027 exceeds the number of transfer function\r\npoints (TRANSFER_FUNC_POINTS).\r\n\r\nThe fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the\r\ntransfer function points. If \u0027i\u0027 is out of bounds the function returns\r\nfalse to indicate an error.\r\n\r\nReported by smatch:\r\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:594 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.red\u0027 1025 \u003c= s32max\r\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:595 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.green\u0027 1025 \u003c= s32max\r\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:596 cm_helper_translate_curve_to_degamma_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.blue\u0027 1025 \u003c= s32max",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49894"
},
{
"cve": "CVE-2024-49900",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: Fix uninit-value access of new_ea in ea_buffer\r\n\r\nsyzbot reports that lzo1x_1_do_compress is using uninit-value:\r\n\r\n=====================================================\r\nBUG: KMSAN: uninit-value in lzo1x_1_do_compress+0x19f9/0x2510 lib/lzo/lzo1x_compress.c:178\r\n\r\n...\r\n\r\nUninit was stored to memory at:\r\n ea_put fs/jfs/xattr.c:639 [inline]\r\n\r\n...\r\n\r\nLocal variable ea_buf created at:\r\n __jfs_setxattr+0x5d/0x1ae0 fs/jfs/xattr.c:662\r\n __jfs_xattr_set+0xe6/0x1f0 fs/jfs/xattr.c:934\r\n\r\n=====================================================\r\n\r\nThe reason is ea_buf-\u003enew_ea is not initialized properly.\r\n\r\nFix this by using memset to empty its content at the beginning\r\nin ea_get().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49900"
},
{
"cve": "CVE-2024-49902",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "jfs: vulnerability caused by assigning msm_gpu-\u003epdev earlier in the initialization process to prevent null pointer dereferences in msm_gpu_cleanup.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49902"
},
{
"cve": "CVE-2024-49903",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\njfs: Fix uaf in dbFreeBits\r\n\r\n[syzbot reported]\r\n==================================================================\r\nBUG: KASAN: slab-use-after-free in __mutex_lock_common kernel/locking/mutex.c:587 [inline]\r\nBUG: KASAN: slab-use-after-free in __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752\r\nRead of size 8 at addr ffff8880229254b0 by task syz-executor357/5216\r\n\r\nCPU: 0 UID: 0 PID: 5216 Comm: syz-executor357 Not tainted 6.11.0-rc3-syzkaller-00156-gd7a5aa4b3c00 #0\r\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024\r\nCall Trace:\r\n \u003cTASK\u003e\r\n __dump_stack lib/dump_stack.c:93 [inline]\r\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:119\r\n print_address_description mm/kasan/report.c:377 [inline]\r\n print_report+0x169/0x550 mm/kasan/report.c:488\r\n kasan_report+0x143/0x180 mm/kasan/report.c:601\r\n __mutex_lock_common kernel/locking/mutex.c:587 [inline]\r\n __mutex_lock+0xfe/0xd70 kernel/locking/mutex.c:752\r\n dbFreeBits+0x7ea/0xd90 fs/jfs/jfs_dmap.c:2390\r\n dbFreeDmap fs/jfs/jfs_dmap.c:2089 [inline]\r\n dbFree+0x35b/0x680 fs/jfs/jfs_dmap.c:409\r\n dbDiscardAG+0x8a9/0xa20 fs/jfs/jfs_dmap.c:1650\r\n jfs_ioc_trim+0x433/0x670 fs/jfs/jfs_discard.c:100\r\n jfs_ioctl+0x2d0/0x3e0 fs/jfs/ioctl.c:131\r\n vfs_ioctl fs/ioctl.c:51 [inline]\r\n __do_sys_ioctl fs/ioctl.c:907 [inline]\r\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\r\n\r\nFreed by task 5218:\r\n kasan_save_stack mm/kasan/common.c:47 [inline]\r\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\r\n kasan_save_free_info+0x40/0x50 mm/kasan/generic.c:579\r\n poison_slab_object+0xe0/0x150 mm/kasan/common.c:240\r\n __kasan_slab_free+0x37/0x60 mm/kasan/common.c:256\r\n kasan_slab_free include/linux/kasan.h:184 [inline]\r\n slab_free_hook mm/slub.c:2252 [inline]\r\n slab_free mm/slub.c:4473 [inline]\r\n kfree+0x149/0x360 mm/slub.c:4594\r\n dbUnmount+0x11d/0x190 fs/jfs/jfs_dmap.c:278\r\n jfs_mount_rw+0x4ac/0x6a0 fs/jfs/jfs_mount.c:247\r\n jfs_remount+0x3d1/0x6b0 fs/jfs/super.c:454\r\n reconfigure_super+0x445/0x880 fs/super.c:1083\r\n vfs_cmd_reconfigure fs/fsopen.c:263 [inline]\r\n vfs_fsconfig_locked fs/fsopen.c:292 [inline]\r\n __do_sys_fsconfig fs/fsopen.c:473 [inline]\r\n __se_sys_fsconfig+0xb6e/0xf80 fs/fsopen.c:345\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\n[Analysis]\r\nThere are two paths (dbUnmount and jfs_ioc_trim) that generate race condition when accessing bmap, which leads to the occurrence of uaf.\r\n\r\nUse the lock s_umount to synchronize them, in order to avoid uaf caused by race condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49903"
},
{
"cve": "CVE-2024-49930",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "wifi: ath11k: fix array out-of-bound access in SoC stats. Currently, the ath11k_soc_dp_stats::hal_reo_error array is defined with a maximum size of DP_REO_DST_RING_MAX. However, the ath11k_dp_process_rx() function access ath11k_soc_dp_stats::hal_reo_error using the REO destination SRNG ring ID, which is incorrect. SRNG ring ID differ from normal ring ID, and this usage leads to out-of-bounds array access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49930"
},
{
"cve": "CVE-2024-49938",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit\r\n\r\nSyzbot points out that skb_trim() has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. The intent here is clearly just to reset the length to zero before resubmitting, so switch to calling __skb_set_length(skb, 0) directly. In addition, __skb_set_length() already contains a call to skb_reset_tail_pointer(), so remove the redundant call.\r\n\r\nThe syzbot report came from ath9k_hif_usb_reg_in_cb(), but there\u0027s a similar usage of skb_trim() in ath9k_hif_usb_rx_cb(), change both while we\u0027re at it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49938"
},
{
"cve": "CVE-2024-49944",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "sctp: set sk_state back to CLOSED if autobind fails in sctp_listen_start. In sctp_listen_start() invoked by sctp_inet_listen(), it should set the sk_state back to CLOSED if sctp_autobind() fails due to whatever reason. Otherwise, next time when calling sctp_inet_listen(), if sctp_sk(sk)-\u003ereuse is already set via setsockopt(SCTP_REUSE_PORT), sctp_sk(sk)-\u003ebind_hash will be dereferenced as sk_state is LISTENING, which causes a crash as bind_hash is NULL",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49944"
},
{
"cve": "CVE-2024-49948",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: add more sanity checks to qdisc_pkt_len_init().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49948"
},
{
"cve": "CVE-2024-49949",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdisc_pkt_len_init() with UFO.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49949"
},
{
"cve": "CVE-2024-49952",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prevent nf_skb_duplicated corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49952"
},
{
"cve": "CVE-2024-49955",
"cwe": {
"id": "CWE-672",
"name": "Operation on a Resource after Expiration or Release"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nACPI: battery: Fix possible crash when unregistering a battery hook\r\n\r\nWhen a battery hook returns an error when adding a new battery, then the battery hook is automatically unregistered.\r\nHowever the battery hook provider cannot know that, so it will later call battery_hook_unregister() on the already unregistered battery hook, resulting in a crash.\r\n\r\nFix this by using the list head to mark already unregistered battery hooks as already being unregistered so that they can be ignored by battery_hook_unregister().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49955"
},
{
"cve": "CVE-2024-49973",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "r8169: RTL8125 added fields to the tally counter, this change could cause the chip to perform Direct Memory Access on these new fields, potentially writing to unallocated memory.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49973"
},
{
"cve": "CVE-2024-49977",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: stmmac: port_transmit_rate_kbps could be set to a value of 0, which is then passed to the \"div_s64\" function when tc-cbs is disabled. This leads to a zero-division error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49977"
},
{
"cve": "CVE-2024-49997",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiq_etop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skb_put_padto() to pad Ethernet frames properly. The mentioned function zeroes the expanded buffer. In case the packet cannot be padded it is silently dropped. Statistics are also not incremented. This driver does not support statistics in the old 32-bit format or the new 64-bit format. These will be added in the future. In its current form, the patch should be easily backported to stable versions. Ethernet MACs on Amazon-SE and Danube cannot do padding of the packets in hardware, so software padding must be applied.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-49997"
},
{
"cve": "CVE-2024-50001",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/mlx5: Fix error path in multi-packet WQE transmit\r\n\r\nRemove the erroneous unmap in case no DMA mapping was established\r\n\r\nThe multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under memory pressure, when the IOMMU driver just can\u0027t allocate more memory for page tables. While the code tries to handle this in the path below the err_unmap label it erroneously unmaps one entry from the sq\u0027s FIFO list of active mappings. Since the current map attempt failed this unmap is removing some random DMA mapping that might still be required. If the PCI function now presents that IOVA, the IOMMU may assumes a rogue DMA access and e.g. on s390 puts the PCI function in error state.\r\n\r\nThe erroneous behavior was seen in a stress-test environment that created memory pressure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50001"
},
{
"cve": "CVE-2024-50006",
"cwe": {
"id": "CWE-833",
"name": "Deadlock"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50006"
},
{
"cve": "CVE-2024-50008",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "wifi: mwifiex: memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Replace one-element array with a flexible-array member in `struct host_cmd_ds_802_11_scan_ext`.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50008"
},
{
"cve": "CVE-2024-50010",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nexec: don\u0027t WARN for racy path_noexec check\r\n\r\nBoth i_mode and noexec checks wrapped in WARN_ON stem from an artifact\r\nof the previous implementation. They used to legitimately check for the\r\ncondition, but that got moved up in two commits:\r\n633fb6ac3980 (\"exec: move S_ISREG() check earlier\")\r\n0fd338b2d2cd (\"exec: move path_noexec() check earlier\")\r\n\r\nInstead of being removed said checks are WARN_ON\u0027ed instead, which has some debug value.\r\n\r\nHowever, the spurious path_noexec check is racy, resulting in unwarranted warnings should someone race with setting the noexec flag.\r\n\r\nOne can note there is more to perm-checking whether execve is allowed and none of the conditions are guaranteed to still hold after they were tested for.\r\n\r\nAdditionally this does not validate whether the code path did any perm checking to begin with -- it will pass if the inode happens to be regular.\r\n\r\nKeep the redundant path_noexec() check even though it\u0027s mindless nonsense checking for guarantee that isn\u0027t given so drop the WARN.\r\n\r\nReword the commentary and do small tidy ups while here.\r\n\r\n[brauner: keep redundant path_noexec() check]",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50010"
},
{
"cve": "CVE-2024-50015",
"cwe": {
"id": "CWE-665",
"name": "Improper Initialization"
},
"notes": [
{
"category": "summary",
"text": "ext4: dax: Overflowing extents beyond inode size when partially writing.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50015"
},
{
"cve": "CVE-2024-50033",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nslip: make slhc_remember() more robust against malicious packets\r\n\r\nsyzbot found that slhc_remember() was missing checks against\r\nmalicious packets [1].\r\n\r\nslhc_remember() only checked the size of the packet was at least 20,\r\nwhich is not good enough.\r\n\r\nWe need to make sure the packet includes the IPv4 and TCP header\r\nthat are supposed to be carried.\r\n\r\nAdd iph and th pointers to make the code more readable.\r\n\r\n[1]\r\n\r\nBUG: KMSAN: uninit-value in slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666\r\n slhc_remember+0x2e8/0x7b0 drivers/net/slip/slhc.c:666\r\n ppp_receive_nonmp_frame+0xe45/0x35e0 drivers/net/ppp/ppp_generic.c:2455\r\n ppp_receive_frame drivers/net/ppp/ppp_generic.c:2372 [inline]\r\n ppp_do_recv+0x65f/0x40d0 drivers/net/ppp/ppp_generic.c:2212\r\n ppp_input+0x7dc/0xe60 drivers/net/ppp/ppp_generic.c:2327\r\n pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379\r\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113\r\n __release_sock+0x1da/0x330 net/core/sock.c:3072\r\n release_sock+0x6b/0x250 net/core/sock.c:3626\r\n pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903\r\n sock_sendmsg_nosec net/socket.c:729 [inline]\r\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\r\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\r\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\r\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\r\n __do_sys_sendmmsg net/socket.c:2771 [inline]\r\n __se_sys_sendmmsg net/socket.c:2768 [inline]\r\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\r\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nUninit was created at:\r\n slab_post_alloc_hook mm/slub.c:4091 [inline]\r\n slab_alloc_node mm/slub.c:4134 [inline]\r\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4186\r\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\r\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\r\n alloc_skb include/linux/skbuff.h:1322 [inline]\r\n sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732\r\n pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867\r\n sock_sendmsg_nosec net/socket.c:729 [inline]\r\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\r\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\r\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\r\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\r\n __do_sys_sendmmsg net/socket.c:2771 [inline]\r\n __se_sys_sendmmsg net/socket.c:2768 [inline]\r\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\r\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nCPU: 0 UID: 0 PID: 5460 Comm: syz.2.33 Not tainted 6.12.0-rc2-syzkaller-00006-g87d6aab2389e #0\r\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50033"
},
{
"cve": "CVE-2024-50035",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nppp: fix ppp_async_encode() illegal access\r\n\r\nsyzbot reported an issue in ppp_async_encode() [1]\r\n\r\nIn this case, pppoe_sendmsg() is called with a zero size.\r\nThen ppp_async_encode() is called with an empty skb.\r\n\r\nBUG: KMSAN: uninit-value in ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline]\r\n BUG: KMSAN: uninit-value in ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675\r\n ppp_async_encode drivers/net/ppp/ppp_async.c:545 [inline]\r\n ppp_async_push+0xb4f/0x2660 drivers/net/ppp/ppp_async.c:675\r\n ppp_async_send+0x130/0x1b0 drivers/net/ppp/ppp_async.c:634\r\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2280 [inline]\r\n ppp_input+0x1f1/0xe60 drivers/net/ppp/ppp_generic.c:2304\r\n pppoe_rcv_core+0x1d3/0x720 drivers/net/ppp/pppoe.c:379\r\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1113\r\n __release_sock+0x1da/0x330 net/core/sock.c:3072\r\n release_sock+0x6b/0x250 net/core/sock.c:3626\r\n pppoe_sendmsg+0x2b8/0xb90 drivers/net/ppp/pppoe.c:903\r\n sock_sendmsg_nosec net/socket.c:729 [inline]\r\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\r\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\r\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\r\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\r\n __do_sys_sendmmsg net/socket.c:2771 [inline]\r\n __se_sys_sendmmsg net/socket.c:2768 [inline]\r\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\r\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nUninit was created at:\r\n slab_post_alloc_hook mm/slub.c:4092 [inline]\r\n slab_alloc_node mm/slub.c:4135 [inline]\r\n kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4187\r\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587\r\n __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678\r\n alloc_skb include/linux/skbuff.h:1322 [inline]\r\n sock_wmalloc+0xfe/0x1a0 net/core/sock.c:2732\r\n pppoe_sendmsg+0x3a7/0xb90 drivers/net/ppp/pppoe.c:867\r\n sock_sendmsg_nosec net/socket.c:729 [inline]\r\n __sock_sendmsg+0x30f/0x380 net/socket.c:744\r\n ____sys_sendmsg+0x903/0xb60 net/socket.c:2602\r\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2656\r\n __sys_sendmmsg+0x3c1/0x960 net/socket.c:2742\r\n __do_sys_sendmmsg net/socket.c:2771 [inline]\r\n __se_sys_sendmmsg net/socket.c:2768 [inline]\r\n __x64_sys_sendmmsg+0xbc/0x120 net/socket.c:2768\r\n x64_sys_call+0xb6e/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:308\r\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\r\n do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83\r\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\r\n\r\nCPU: 1 UID: 0 PID: 5411 Comm: syz.1.14 Not tainted 6.12.0-rc1-syzkaller-00165-g360c1f1f24c6 #0\r\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50035"
},
{
"cve": "CVE-2024-50039",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet/sched: accept TCA_STAB only for root qdisc\r\n\r\nMost qdiscs maintain their backlog using qdisc_pkt_len(skb) on the assumption it is invariant between the enqueue() and dequeue() handlers.\r\n\r\nUnfortunately syzbot can crash a host rather easily using a TBF + SFQ combination, with an STAB on SFQ [1]\r\n\r\nWe can\u0027t support TCA_STAB on arbitrary level, this would require to maintain per-qdisc storage.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50039"
},
{
"cve": "CVE-2024-50040",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: igb: Do not bring the device up after non-fatal error.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50040"
},
{
"cve": "CVE-2024-50044",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change\r\n\r\nrfcomm_sk_state_change attempts to use sock_lock so it must never be called with it locked but rfcomm_sock_ioctl always attempt to lock it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50044"
},
{
"cve": "CVE-2024-50045",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: fix panic with metadata_dst skb.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50045"
},
{
"cve": "CVE-2024-50046",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nNFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies()\r\n\r\nOn the node of an NFS client, some files saved in the mountpoint of the NFS server were copied to another location of the same NFS server.\r\nAccidentally, the nfs42_complete_copies() got a NULL-pointer dereference crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50046"
},
{
"cve": "CVE-2024-50058",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nserial: protect uart_port_dtr_rts() in uart_shutdown() too\r\n\r\nCommit af224ca2df29 (serial: core: Prevent unsafe uart port access, part 3) added few uport == NULL checks. It added one to uart_shutdown(), so the commit assumes, uport can be NULL in there. But right after that protection, there is an unprotected \"uart_port_dtr_rts(uport, false);\" call. That is invoked only if HUPCL is set, so I assume that is the reason why we do not see lots of these reports.\r\n\r\nOr it cannot be NULL at this point at all for some reason :P.\r\n\r\nUntil the above is investigated, stay on the safe side and move this dereference to the if too.\r\n\r\nI got this inconsistency from Coverity under CID 1585130. Thanks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50058"
},
{
"cve": "CVE-2024-50095",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nRDMA/mad: Improve handling of timed out WRs of mad agent\r\n\r\nCurrent timeout handler of mad agent acquires/releases mad_agent_priv lock for every timed out WRs. This causes heavy locking contention when higher no. of WRs are to be handled inside timeout handler.\r\n\r\nThis leads to softlockup with below trace in some use cases where rdma-cm path is used to establish connection between peer nodes\r\n\r\n\r\nSimplified timeout handler by creating local list of timed out WRs and invoke send handler post creating the list. The new method acquires/releases lock once to fetch the list and hence helps to reduce locking contetiong when processing higher no. of WRs",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50095"
},
{
"cve": "CVE-2024-50121",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "nfsd: problematic nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net. In the normal case, when we excute `echo 0 \u003e /proc/fs/nfsd/threads`, the function `nfs4_state_destroy_net` in `nfs4_state_shutdown_net` will release all resources related to the hashed `nfs4_client`.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50121"
},
{
"cve": "CVE-2024-50127",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnet: sched: fix use-after-free in taprio_change()\r\n\r\nIn \u0027taprio_change()\u0027, \u0027admin\u0027 pointer may become dangling due to sched switch / removal caused by \u0027advance_sched()\u0027, and critical section protected by \u0027q-current_entry_lock\u0027 is too small to prevent from such a scenario (which causes use-after-free detected by KASAN). Fix this by prefer \u0027rcu_replace_pointer()\u0027 ver \u0027rcu_assign_pointer()\u0027 to update \u0027admin\u0027 immediately before an attempt to schedule freeing.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50127"
},
{
"cve": "CVE-2024-50131",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntracing: Consider the NULL character when validating the event length\r\n\r\nstrlen() returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL terminating character.\r\n\r\nThis commit checks this condition and returns failure for it.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50131"
},
{
"cve": "CVE-2024-50134",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndrm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA\r\n\r\nReplace the fake VLA at end of the vbva_mouse_pointer_shape shape with a real VLA to fix a \"memcpy: detected field-spanning write error\".\r\n\r\nNote as mentioned in the added comment it seems the original length calculation for the allocated and send hgsmi buffer is 4 bytes too large.\r\nChanging this is not the goal of this patch, so this behavior is kept.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50134"
},
{
"cve": "CVE-2024-50142",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nxfrm: validate new SA\u0027s prefixlen using SA family when sel.family is unset\r\n\r\nThis expands the validation introduced in commit 07bf7908950a (\"xfrm:Validate address prefix lengths in the xfrm selector.\")\r\n\r\nsyzbot created an SA with\r\n usersa.sel.family = AF_UNSPEC\r\n usersa.sel.prefixlen_s = 128\r\n usersa.family = AF_INET\r\n\r\nBecause of the AF_UNSPEC selector, verify_newsa_info doesn\u0027t put limits on prefixlen_{s,d}. But then copy_from_user_state sets x-\u003esel.family to usersa.family (AF_INET). Do the same conversion inverify_newsa_info before validating prefixlen_{s,d}, since that\u0027s howprefixlen is going to be used later on.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50142"
},
{
"cve": "CVE-2024-50148",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nBluetooth: bnep: fix wild-memory-access in proto_unregister\r\n\r\nAs bnep_init() ignore bnep_sock_init()\u0027s return value, and bnep_sock_init() will cleanup all resource. Then when remove bnep module will call bnep_sock_cleanup() to cleanup sock\u0027s resource.\r\nTo solve above issue just return bnep_sock_init()\u0027s return value in bnep_exit().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50148"
},
{
"cve": "CVE-2024-50150",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: typec: altmode should keep reference to parent\r\n\r\nThe altmode device release refers to its parent device, but without keeping\r\na reference to it.\r\n\r\nWhen registering the altmode, get a reference to the parent and put it in\r\nthe release function.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50150"
},
{
"cve": "CVE-2024-50151",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsmb: client: fix OOBs when building SMB2_IOCTL request\r\n\r\nWhen using encryption, either enforced by the server or when using\r\n\u0027seal\u0027 mount option, the client will squash all compound request buffers\r\ndown for encryption into a single iov in smb2_set_next_command().\r\n\r\nSMB2_ioctl_init() allocates a small buffer (448 bytes) to hold the\r\nSMB2_IOCTL request in the first iov, and if the user passes an input\r\nbuffer that is greater than 328 bytes, smb2_set_next_command() will\r\nend up writing off the end of @rqst-\u003eiov[0].iov_base as shown below:\r\n\r\n mount.cifs //srv/share /mnt -o ...,seal\r\n ln -s $(perl -e \"print(\u0027a\u0027)for 1..1024\") /mnt/link\r\n\r\n BUG: KASAN: slab-out-of-bounds in\r\n smb2_set_next_command.cold+0x1d6/0x24c [cifs]\r\n Write of size 4116 at addr ffff8881148fcab8 by task ln/859",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50151"
},
{
"cve": "CVE-2024-50153",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nscsi: target: core: Fix null-ptr-deref in target_alloc_device()\r\n\r\nThere is a null-ptr-deref issue reported by KASAN:\r\n\r\nBUG: KASAN: null-ptr-deref in target_alloc_device+0xbc4/0xbe0 [target_core_mod]\r\n...\r\n kasan_report+0xb9/0xf0\r\n target_alloc_device+0xbc4/0xbe0 [target_core_mod]\r\n core_dev_setup_virtual_lun0+0xef/0x1f0 [target_core_mod]\r\n target_core_init_configfs+0x205/0x420 [target_core_mod]\r\n do_one_initcall+0xdd/0x4e0\r\n...\r\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\r\n\r\nIn target_alloc_device(), if allocing memory for dev queues fails, then\r\ndev will be freed by dev-\u003etransport-\u003efree_device(), but dev-\u003etransport\r\nis not initialized at that time, which will lead to a null pointer\r\nreference problem.\r\n\r\nFixing this bug by freeing dev with hba-\u003ebackend-\u003eops-\u003efree_device().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50153"
},
{
"cve": "CVE-2024-50188",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "net: phy: dp83869: fix memory corruption when enabling fiber. When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 \u0026lt;\u0026lt; 10) rather than a bit number (10). This corrupts some other memory location -- in case of arm64 the priv pointer in the same structure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50188"
},
{
"cve": "CVE-2024-50205",
"cwe": {
"id": "CWE-369",
"name": "Divide By Zero"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size()\r\n\r\nThe step variable is initialized to zero. It is changed in the loop,\r\nbut if it\u0027s not changed it will remain zero. Add a variable check\r\nbefore the division.\r\n\r\nThe observed behavior was introduced by commit 826b5de90c0b\r\n(\"ALSA: firewire-lib: fix insufficient PCM rule for period/buffer size\"),\r\nand it is difficult to show that any of the interval parameters will\r\nsatisfy the snd_interval_test() condition with data from the\r\namdtp_rate_table[] table.\r\n\r\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50205"
},
{
"cve": "CVE-2024-50210",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nposix-clock: posix-clock: Fix unbalanced locking in pc_clock_settime()\r\n\r\nIf get_clock_desc() succeeds, it calls fget() for the clockid\u0027s fd,\r\nand get the clk-\u003erwsem read lock, so the error path should release\r\nthe lock to make the lock balance and fput the clockid\u0027s fd to make\r\nthe refcount balance and release the fd related resource.\r\n\r\nHowever the below commit left the error path locked behind resulting in\r\nunbalanced locking. Check timespec64_valid_strict() before\r\nget_clock_desc() to fix it, because the \"ts\" is not changed\r\nafter that.\r\n\r\n[pabeni@redhat.com: fixed commit message typo]",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50210"
},
{
"cve": "CVE-2024-50251",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_payload: sanitize offset and length before calling skb_checksum() If access to offset + length is larger than the skbuff length, then skb_checksum() triggers BUG_ON(). skb_checksum() internally subtracts the length parameter while iterating over skbuff, BUG_ON(len) at the end of it checks that the expected length to be included in the checksum calculation is fully consumed.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50251"
},
{
"cve": "CVE-2024-50262",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: bpf: Fix out-of-bounds write in trie_get_next_key().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50262"
},
{
"cve": "CVE-2024-50299",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: sctp: properly validate chunk size in sctp_sf_ootb()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50299"
},
{
"cve": "CVE-2024-50301",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in key_task_permission.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50301"
},
{
"cve": "CVE-2024-50302",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer Since the report buffer is used by all kinds of drivers in various ways, let\u0027s zero-initialize it during allocation to make sure that it can\u0027t be ever used to leak kernel memory via specially-crafted report.",
"title": "Summary"
},
{
"category": "summary",
"text": "The information disclosure is limited to HID driver report data. Successful exploitation requires the installation of malicious code on the device.",
"title": "For SIMATIC S7-1500 TM MFP - GNU/Linux subsystem"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-50302"
},
{
"cve": "CVE-2024-53042",
"cwe": {
"id": "CWE-662",
"name": "Improper Synchronization"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow()\r\n\r\nThere are code paths from which the function is called without holding\r\nthe RCU read lock, resulting in a suspicious RCU usage warning [1].\r\n\r\nFix by using l3mdev_master_upper_ifindex_by_index() which will acquire\r\nthe RCU read lock before calling\r\nl3mdev_master_upper_ifindex_by_index_rcu().\r\n\r\n[1]\r\nWARNING: suspicious RCU usage\r\n6.12.0-rc3-custom-gac8f72681cf2 #141 Not tainted\r\n-----------------------------\r\nnet/core/dev.c:876 RCU-list traversed in non-reader section!!\r\n\r\nother info that might help us debug this:\r\n\r\nrcu_scheduler_active = 2, debug_locks = 1\r\n1 lock held by ip/361:\r\n #0: ffffffff86fc7cb0 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x377/0xf60",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-53042"
},
{
"cve": "CVE-2024-53057",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-53057"
},
{
"cve": "CVE-2024-53059",
"cwe": {
"id": "CWE-460",
"name": "Improper Cleanup on Thrown Exception"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nwifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd()\r\n\r\n1. The size of the response packet is not validated.\r\n2. The response buffer is not freed.\r\n\r\nResolve these issues by switching to iwl_mvm_send_cmd_status(), which handles both size validation and frees the buffer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-53059"
},
{
"cve": "CVE-2024-53101",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: fs: Fix uninitialized value issue in from_kuid and from_kgid ocfs2_setattr() uses attr-\u003eia_mode, attr-\u003eia_uid and attr-\u003eia_gid in a trace point even though ATTR_MODE, ATTR_UID and ATTR_GID aren\u0027t set. Initialize all fields of newattrs to avoid uninitialized variables, by checking if ATTR_MODE, ATTR_UID, ATTR_GID are initialized, otherwise 0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-53101"
},
{
"cve": "CVE-2024-53124",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "net: fix data-races around sk sk_forward_alloc.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-53124"
},
{
"cve": "CVE-2024-56631",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\nscsi: sg: Fix slab-use-after-free read in sg_release()\r\nFix a use-after-free bug in sg_release(), detected by syzbot with KASAN:\r\n\r\nThe fix has been tested and validated by syzbot. This patch closes the\r\nbug reported at the following syzkaller link and ensures proper\r\nsequencing of resource cleanup and mutex operations, eliminating the\r\nrisk of use-after-free errors in sg_release().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-56631"
},
{
"cve": "CVE-2024-56672",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblk-cgroup: Fix UAF in blkcg_unpin_online()\r\n\r\nblkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To\r\nwalk up, it uses blkcg_parent(blkcg) but it was calling that after\r\nblkcg_destroy_blkgs(blkcg) which could free the blkcg",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-56672"
},
{
"cve": "CVE-2024-57901",
"cwe": {
"id": "CWE-664",
"name": "Improper Control of a Resource Through its Lifetime"
},
"notes": [
{
"category": "summary",
"text": "af_packet: vlan_get_protocol_dgram() vs MSG_PEEK Blamed allowing a crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57901"
},
{
"cve": "CVE-2024-57902",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\naf_packet: fix vlan_get_tci() vs MSG_PEEK\r\n\r\nBlamed commit forgot MSG_PEEK case, allowing a crash [1] as found\r\nby syzbot.\r\n\r\nRework vlan_get_tci() to not touch skb at all,\r\nso that it can be used from many cpus on the same skb.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57902"
},
{
"cve": "CVE-2024-57913",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nusb: gadget: f_fs: Remove WARN_ON in functionfs_bind",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57913"
},
{
"cve": "CVE-2024-57929",
"cwe": {
"id": "CWE-672",
"name": "Operation on a Resource after Expiration or Release"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ndm array: fix releasing a faulty array block twice in dm_array_cursor_end\r\n\r\nWhen dm_bm_read_lock() fails due to locking or checksum errors, it\r\nreleases the faulty block implicitly while leaving an invalid output\r\npointer behind. The caller of dm_bm_read_lock() should not operate on\r\nthis invalid dm_block pointer, or it will lead to undefined result.\r\nFor example, the dm_array_cursor incorrectly caches the invalid pointer\r\non reading a faulty array block, causing a double release in\r\ndm_array_cursor_end(), then hitting the BUG_ON in dm-bufio cache_put().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57929"
},
{
"cve": "CVE-2024-57940",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "summary",
"text": "exfat: fix the infinite loop in exfat_readdir() If the file system is corrupted so that a cluster is linked to itself in the cluster chain, and there is an unused directory entry in the cluster, dentry will not be incremented, causing condition dentry \u003c max_dentries unable to prevent an infinite loop. This infinite loop causes s_lock not to be released, and other tasks will hang, such as exfat_sync_fs().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57940"
},
{
"cve": "CVE-2024-57948",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nmac802154: check local interfaces before deleting sdata list\r\n\r\nsyzkaller reported a corrupted list in ieee802154_if_remove. [1]\r\n\r\nRemove an IEEE 802.15.4 network interface after unregister an IEEE 802.15.4\r\nhardware device from the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57948"
},
{
"cve": "CVE-2024-57951",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nhrtimers: Handle CPU state correctly on hotplug\r\n\r\nConsider a scenario where a CPU transitions from CPUHP_ONLINE to halfway\r\nthrough a CPU hotunplug down to CPUHP_HRTIMERS_PREPARE, and then back to\r\nCPUHP_ONLINE:\r\n\r\nSince hrtimers_prepare_cpu() does not run, cpu_base.hres_active remains set\r\nto 1 throughout. However, during a CPU unplug operation, the tick and the\r\nclockevents are shut down at CPUHP_AP_TICK_DYING. On return to the online\r\nstate, for instance CFS incorrectly assumes that the hrtick is already\r\nactive, and the chance of the clockevent device to transition to oneshot\r\nmode is also lost forever for the CPU, unless it goes back to a lower state\r\nthan CPUHP_HRTIMERS_PREPARE once.\r\n\r\nThis round-trip reveals another issue; cpu_base.online is not set to 1\r\nafter the transition, which appears as a WARN_ON_ONCE in enqueue_hrtimer().\r\n\r\nAside of that, the bulk of the per CPU state is not reset either, which\r\nmeans there are dangling pointers in the worst case.\r\n\r\nAddress this by adding a corresponding startup() callback, which resets the\r\nstale per CPU state and sets the online flag.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57951"
},
{
"cve": "CVE-2024-57977",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "memcg: A soft lockup vulnerability in the product with about 56,000 tasks were in the OOM cgroup, it was traversing them when the soft lockup was triggered.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57977"
},
{
"cve": "CVE-2024-57979",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "pps: Fix a use-after-free",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57979"
},
{
"cve": "CVE-2024-57981",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "usb: xhci: NULL pointer dereference on certain command aborts. If a command is queued to the final usable TRB of a ring segment, the enqueue pointer is advanced to the subsequent link TRB and no further. If the command is later aborted, when the abort completion is handled the dequeue pointer is advanced to the first TRB of the next segment. If no further commands are queued, xhci_handle_stopped_cmd_ring() sees the ring pointers unequal and assumes that there is a pending command, so it calls xhci_mod_cmd_timer() which crashes if cur_cmd was NULL.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57981"
},
{
"cve": "CVE-2024-57986",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-57986"
},
{
"cve": "CVE-2024-58005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tpm: Change to kvalloc() in eventlog/acpi.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2024-58009",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58009"
},
{
"cve": "CVE-2024-58014",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58014"
},
{
"cve": "CVE-2024-58016",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "safesetid: check size of policy writes",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58016"
},
{
"cve": "CVE-2024-58017",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58017"
},
{
"cve": "CVE-2024-58020",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "HID: multitouch: Add NULL check in mt_input_configured",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58020"
},
{
"cve": "CVE-2024-58051",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipmi: ipmb: Add check devm_kasprintf() returned value",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58051"
},
{
"cve": "CVE-2024-58058",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ubifs: skip dumping tnc tree when zroot is null",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58058"
},
{
"cve": "CVE-2024-58063",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "wifi: rtlwifi: fix memory leaks and invalid access at probe error path",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58063"
},
{
"cve": "CVE-2024-58071",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "team: prevent adding a device which is already a team device lower",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58071"
},
{
"cve": "CVE-2024-58072",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "wifi: rtlwifi: remove unused check_buddy_priv",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58072"
},
{
"cve": "CVE-2024-58085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tomoyo: don\u0027t emit warning in tomoyo_write_control()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-58085"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2025-21638",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: auth_enable: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, but that would\nincrease the size of this fix, while \u0027sctp.ctl_sock\u0027 still needs to be\nretrieved from \u0027net\u0027 structure.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21638"
},
{
"cve": "CVE-2025-21639",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: rto_min/max: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.rto_min/max\u0027 is used.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21639"
},
{
"cve": "CVE-2025-21640",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: sysctl: cookie_hmac_alg: avoid using current-\u003ensproxy\n\nAs mentioned in a previous commit of this series, using the \u0027net\u0027\nstructure via \u0027current\u0027 is not recommended for different reasons:\n\n- Inconsistency: getting info from the reader\u0027s/writer\u0027s netns vs only\n from the opener\u0027s netns.\n\n- current-\u003ensproxy can be NULL in some cases, resulting in an \u0027Oops\u0027\n (null-ptr-deref), e.g. when the current task is exiting, as spotted by\n syzbot [1] using acct(2).\n\nThe \u0027net\u0027 structure can be obtained from the table-\u003edata using\ncontainer_of().\n\nNote that table-\u003edata could also be used directly, as this is the only\nmember needed from the \u0027net\u0027 structure, but that would increase the size\nof this fix, to use \u0027*data\u0027 everywhere \u0027net-\u003esctp.sctp_hmac_alg\u0027 is\nused.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21640"
},
{
"cve": "CVE-2025-21647",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\nsched: sch_cake: add bounds checks to host bulk flow fairness counts",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21647"
},
{
"cve": "CVE-2025-21648",
"cwe": {
"id": "CWE-789",
"name": "Memory Allocation with Excessive Size Value"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnetfilter: conntrack: clamp maximum hashtable size to INT_MAX\r\n\r\nUse INT_MAX as maximum size for the conntrack hashtable. Otherwise, it\r\nis possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when\r\nresizing hashtable because __GFP_NOWARN is unset. See:\r\n\r\n 0708a0afe291 (\"mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls\")\r\n\r\nNote: hashtable resize is only possible from init_netns.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21648"
},
{
"cve": "CVE-2025-21653",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21653"
},
{
"cve": "CVE-2025-21664",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "dm thin: make get_first_thin use rcu-safe list first function",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21664"
},
{
"cve": "CVE-2025-21666",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "vsock: prevent null-ptr-deref in vsock_has_data|has_space",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21666"
},
{
"cve": "CVE-2025-21669",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "vsock/virtio: discard packets if the transport changes",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21669"
},
{
"cve": "CVE-2025-21678",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "gtp: Destroy device along with udp socket\u0027s netns dismantle",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21678"
},
{
"cve": "CVE-2025-21683",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "bpf: Fix bpf_sk_select_reuseport() memory leak",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21683"
},
{
"cve": "CVE-2025-21692",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "net: sched: fix ets qdisc OOB Indexing",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21692"
},
{
"cve": "CVE-2025-21694",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "fs/proc: softlockup in __read_vmcore",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21694"
},
{
"cve": "CVE-2025-21704",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: cdc-acm: Check control transfer buffer size before access",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21704"
},
{
"cve": "CVE-2025-21711",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "net/rose: prevent integer overflows in rose_setsockopt()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21711"
},
{
"cve": "CVE-2025-21719",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipmr: do not call mr_mfc_uses_dev() for unres entries",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21719"
},
{
"cve": "CVE-2025-21726",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "padata: avoid UAF for reorder_work",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21726"
},
{
"cve": "CVE-2025-21727",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "padata: fix UAF in padata_reorder",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21727"
},
{
"cve": "CVE-2025-21728",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpf_send_signal() kfunc, it will cause issues because this kfunc can sleep.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21735",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "NFC: nci: Add bounds checking in nci_hci_create_pipe()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21735"
},
{
"cve": "CVE-2025-21744",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21744"
},
{
"cve": "CVE-2025-21745",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\r\n\r\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\r\nclass_dev_iter_(init|next)(), but does not end iterating with\r\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\r\n\r\nFix by ending the iterating with class_dev_iter_exit().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21753",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "btrfs: fix use-after-free when attempting to join an aborted transaction",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21753"
},
{
"cve": "CVE-2025-21756",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21760",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "ndisc: extend RCU protection in ndisc_send_skb()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21760"
},
{
"cve": "CVE-2025-21761",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "openvswitch: use RCU protection in ovs_vport_cmd_fill_info()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21761"
},
{
"cve": "CVE-2025-21762",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: arp: use RCU protection in arp_xmit() arp_xmit() can be called without RTNL or RCU protection. Use RCU protection to avoid potential UAF.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21762"
},
{
"cve": "CVE-2025-21763",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "neighbour: use RCU protection in __neigh_notify()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21763"
},
{
"cve": "CVE-2025-21764",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "ndisc: use RCU protection in ndisc_alloc_skb()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21764"
},
{
"cve": "CVE-2025-21765",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21772",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "partitions: mac: fix handling of bogus partition table",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21772"
},
{
"cve": "CVE-2025-21776",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "USB: hub: Ignore non-compliant devices with too many configs or interfaces. A test program can cause usb_hub_to_struct_hub() to dereference a NULL or inappropriate pointer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21776"
},
{
"cve": "CVE-2025-21787",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "team: better TEAM_OPTION_TYPE_STRING validation",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21787"
},
{
"cve": "CVE-2025-21795",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NFSD: hang in nfsd4_shutdown_callback. If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP notifies NFSD that the connection was dropped.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21806",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: let net.core.dev_weight always be non-zero. The following problem was encountered during stability test: (NULL net_device).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21806"
},
{
"cve": "CVE-2025-21814",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "ptp: Ensure info-\u003eenable callback is always set",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21814"
},
{
"cve": "CVE-2025-21826",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: nf_tables: reject mismatching sum of field_len with set key length. The field length description provides the length of each separated key field in the concatenation, each field gets rounded up to 32-bits to calculate the pipapo rule width from pipapo_init(). The set key length provides the total size of the key aligned to 32-bits. Register-based arithmetics still allows for combining mismatching set key length and field length description, eg. set key length 10 and field description [ 5, 4 ] leading to pipapo width of 12.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21826"
},
{
"cve": "CVE-2025-21835",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "usb: gadget: f_midi: fix MIDI Streaming descriptor lengths",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21835"
},
{
"cve": "CVE-2025-21844",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "smb: client: Add check for next_buffer in receive_encrypted_standard()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21844"
},
{
"cve": "CVE-2025-21846",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "acct: perform last write from workqueue",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21846"
},
{
"cve": "CVE-2025-21858",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "geneve: Fix use-after-free in geneve_find_dev()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21858"
},
{
"cve": "CVE-2025-21859",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "USB: gadget: f_midi: f_midi_complete to call queue_work",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21859"
},
{
"cve": "CVE-2025-21862",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "drop_monitor: incorrect initialization order. If drop_monitor is built as a kernel module, syzkaller may have time to send a netlink NET_DM_CMD_START message during the module loading. This will call the net_dm_monitor_start() function that uses a spinlock that has not yet been initialized.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21865",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Commit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns dismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl() to destroy devices in each netns as done in geneve and ip tunnels. However, this could trigger -\u003edellink() twice for the same device during -\u003eexit_batch_rtnl().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Only build and run applications from trusted sources",
"product_ids": [
"1"
]
},
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2025-21865"
}
]
}
MSRC_CVE-2024-58017
Vulnerability from csaf_microsoft - Published: 2025-02-02 00:00 - Updated: 2025-03-13 00:00Summary
printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-58017 printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2024-58017.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX",
"tracking": {
"current_release_date": "2025-03-13T00:00:00.000Z",
"generator": {
"date": "2025-10-20T02:58:28.860Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-58017",
"initial_release_date": "2025-02-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-03-13T00:00:00.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 kernel 5.15.179.1-1",
"product": {
"name": "\u003ccbl2 kernel 5.15.179.1-1",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "cbl2 kernel 5.15.179.1-1",
"product": {
"name": "cbl2 kernel 5.15.179.1-1",
"product_id": "17103"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 kernel 6.6.78.1-3",
"product": {
"name": "\u003cazl3 kernel 6.6.78.1-3",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 kernel 6.6.78.1-3",
"product": {
"name": "azl3 kernel 6.6.78.1-3",
"product_id": "17471"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 kernel 5.15.182.1-1",
"product": {
"name": "\u003ccbl2 kernel 5.15.182.1-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 kernel 5.15.182.1-1",
"product": {
"name": "cbl2 kernel 5.15.182.1-1",
"product_id": "19682"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 kernel 6.6.64.2-9",
"product": {
"name": "\u003cazl3 kernel 6.6.64.2-9",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "azl3 kernel 6.6.64.2-9",
"product": {
"name": "azl3 kernel 6.6.64.2-9",
"product_id": "17501"
}
}
],
"category": "product_name",
"name": "kernel"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kernel 5.15.179.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.15.179.1-1 as a component of CBL Mariner 2.0",
"product_id": "17103-17086"
},
"product_reference": "17103",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 kernel 6.6.78.1-3 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kernel 6.6.78.1-3 as a component of Azure Linux 3.0",
"product_id": "17471-17084"
},
"product_reference": "17471",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 kernel 5.15.182.1-1 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 kernel 5.15.182.1-1 as a component of CBL Mariner 2.0",
"product_id": "19682-17086"
},
"product_reference": "19682",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 kernel 6.6.64.2-9 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kernel 6.6.64.2-9 as a component of Azure Linux 3.0",
"product_id": "17501-17084"
},
"product_reference": "17501",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-58017",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "general",
"text": "Linux",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"17103-17086",
"17471-17084",
"19682-17086",
"17501-17084"
],
"known_affected": [
"17086-4",
"17084-3",
"17086-1",
"17084-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-58017 printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2024-58017.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-13T00:00:00.000Z",
"details": "5.15.179.1-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-4"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-03-13T00:00:00.000Z",
"details": "6.6.78.1-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-3",
"17084-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-03-13T00:00:00.000Z",
"details": "Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.5,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"17086-4",
"17084-3",
"17086-1",
"17084-2"
]
}
],
"title": "printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…